Let's explore secure software development with FIPS 140-2

Adherence to the FIPS 140-2 standard greatly enhances the assurance that the cryptographic module is secure. However, there still exists a responsibility for the cryptographic module vendor to implement best practices for software engineering as part of cryptographic module development. FIPS 140-2 Appendix B “Recommended Software Development Practices” provides guidelines to vendors for designing and developing cryptographic modules in a secure manner.

Breaking down the requirements of FIPS 140-2

We help you cut through complex language in FIPS 140-2 Appendix B with breakdowns and commentary at every critical junction as it pertains to software development.

2020-08 Software Development Front Cover 3D

What you’ll find inside:

  • Best practices for software development to FIPS 140-2 requirements.

  • How to design and develop cryptographic modules in a secure manner.

  • FIPS 140-2 implications for modular design, procedure interfaces, internal construction, in-line documentation, and assembly language.

  • How to achieve effective developer communication via source code comments.

  • Importance of the "DRY" objective and how to implement "DRY".

  • Secure memory and secure thread management.

  • How to find accredited FIPS laboratories.

  • Common questions and answers.

 

Get the eBook

Free PDF Download Sent via Email