Cybersecurity Practices At The Initial Stages Of The Software Engineering Process

Software Engineering is a foundation of modern computer systems development. The process involves several steps, including Analysis and Design, which are the fundamentals for building software systems. This discipline is offered by several university degrees these days around the world, included among other computer science courses. Nowadays, cybersecurity problems are very related with software weakness or bad designs, as an example one can mention bad implementations, projects with poor quality, lack of testing, among others issues. Overall one bigger problem is the lack of security integration from the inception and designing of the software project. Cybersecurity had gained a lot of attention in recent years. From the everyday desktop software been abused and exploited, such as browser exploits and Windows RDP protocol exploits, to abusing the Internet of Things to create massive botnets capable to disrupt the Internet service, as such as the Mirai attack in 2017. We believe that if security played a basic role from the inception of the software project, a lot of these incidents could be prevented. We previously proposed to introduce cybersecurity basics in the software engineering courses to raise awareness of these problems to future professional software engineers. In this paper, we focus on the first steps of software engineering and how cybersecurity should be embedded as good practices for every student in any given software project.