Search

CN-121996204-A - Method and device for researching, developing and operating safe left shift

CN121996204ACN 121996204 ACN121996204 ACN 121996204ACN-121996204-A

Abstract

The invention discloses a method and a device for researching and operating safety left shift, and relates to the field of software development flow and safety management, wherein the method establishes a safety demand base line in a demand analysis stage, fuses safety demands and business demands and determines risk protection measures; the method comprises the steps of carrying out security architecture design review in an architecture design stage, carrying out threat modeling on a system architecture by a security team and taking a ticket to overrule, carrying out real-time scanning on code specifications, loopholes of open source components and logic risks by a static code analysis tool in a development and coding stage, establishing a code security closed-loop management mechanism, carrying out code review and component list record in a compiling and construction stage, forming a security review report by combining dynamic penetration test and operation flow test, and updating a security strategy by a continuous monitoring mechanism to cope with new threats. The invention can systematically integrate security practices in the early stage of the software development life cycle, and obviously reduce the later-stage bug repair cost.

Inventors

  • XIAO YAO

Assignees

  • 中国建设银行股份有限公司江苏省分行

Dates

Publication Date
20260508
Application Date
20251218

Claims (10)

  1. 1. A method of secure left-shift development and operation, comprising: s1, establishing a safety demand baseline in a demand analysis stage, fusing safety demands and business demands and determining risk protection measures; s2, carrying out security architecture design review in an architecture design stage, carrying out threat modeling on a system architecture by a security team and carrying out a ticket overrule; S3, scanning code specifications, loopholes of open source components and logic risks in real time through a static code analysis tool in a development and coding stage, and establishing a code safety closed-loop management mechanism; s4, code examination and component list record are implemented in the compiling construction stage, a security examination report is formed by combining dynamic penetration test and operation flow test, and a security policy is updated through a continuous monitoring mechanism to cope with new threats.
  2. 2. The method of claim 1, wherein establishing a security requirement baseline during the requirement analysis phase, fusing security requirements with business requirements, and determining risk protection measures further comprises: s11, constructing a threat mapping table containing known threat classifications and corresponding security levels based on threat type identification of a service scene; S12, dynamically adjusting the security baseline parameters according to the threat mapping table, and triggering a baseline rechecking mechanism when detecting the external threat change.
  3. 3. The method of claim 1, wherein the performing security architecture design reviews at an architecture design stage, threat modeling of the system architecture by a security team and a ticket denial further comprises: s21, performing multidimensional risk analysis on a system architecture by adopting a STRIE threat modeling method to generate a threat mitigation scheme list; S22, matching and verifying the threat mitigation scheme list and the general security architecture design principle to form an architecture design compliance assessment report.
  4. 4. The method of claim 1, wherein the establishing a code security closed-loop management mechanism during the development encoding phase by scanning code specifications, open-source component vulnerabilities, and logical risks in real time through a static code analysis tool further comprises: s31, performing five types of scanning tasks including code specification scanning, APP/webpage static test, risk assessment scanning, code security scanning and open source component vulnerability scanning; S32, establishing a problem clearing mechanism, pushing the scanning result to a development responsible person in real time through an automatic feedback channel, and prohibiting the code with the safety problem from being submitted to a code warehouse.
  5. 5. The method of claim 1, wherein the implementing code censoring and component inventory documentation at the compile build stage, forming a security censoring report in conjunction with dynamic penetration testing and running traffic testing, and updating security policies to address new threats by a continuous monitoring mechanism further comprises: s41, generating a three-list record file containing an introduction component list, a resource application list and a responsibility attribution list; s42, deploying an abnormal behavior mode monitoring algorithm, and triggering a safety strategy automatic updating process by analyzing the flow characteristics of the production environment in real time.
  6. 6. The method as recited in claim 1, further comprising: S5, a safe operation data feedback mechanism is established, safety event data in a production environment are collected, safety improvement indexes are generated, and the improvement indexes are injected into a demand analysis stage to form a safety design optimization suggestion; S6, constructing a safety quality measurement system, and quantitatively evaluating safety practice effects of each stage to generate a measurement report containing vulnerability density, repair timeliness and compliance standard rate for flow iterative optimization.
  7. 7. A safety left-shift developing and operating device, comprising: The safety demand base line establishing module is used for establishing a safety demand base line in a demand analysis stage, fusing the safety demand and the business demand and determining risk protection measures; The security architecture design review module is used for carrying out security architecture design review in an architecture design stage, and threat modeling is carried out on the system architecture by a security team and a ticket overrule is exercised; The static code analysis scanning module is used for scanning code specifications, loopholes of open source components and logic risks in real time through a static code analysis tool in a development and coding stage, and establishing a code safety closed-loop management mechanism; The code examination and penetration test module is used for implementing code examination and component list record in the compiling construction stage, forming a security examination report by combining dynamic penetration test and operation flow test, and updating a security policy through a continuous monitoring mechanism to cope with new threats.
  8. 8. The apparatus of claim 7, wherein the security requirement baseline establishment module is further to: Based on threat type identification of a service scene, constructing a threat mapping table containing known threat classifications and corresponding security levels; And dynamically adjusting the security baseline parameters according to the threat mapping table, and triggering a baseline rechecking mechanism when the external threat changes are detected.
  9. 9. The apparatus of claim 7, wherein the security architecture design review module is further to: Carrying out multidimensional risk analysis on a system architecture by adopting a STRIE threat modeling method to generate a threat mitigation scheme list; and matching and verifying the threat mitigation scheme list and the general security architecture design principle to form an architecture design compliance assessment report.
  10. 10. The apparatus of claim 7, wherein the static code analysis scanning module is further to: The five types of scanning tasks comprise code specification scanning, APP/webpage static test, risk assessment scanning, code security scanning and open source component vulnerability scanning; And establishing a problem clearing mechanism, pushing the scanning result to a development responsible person in real time through an automatic feedback channel, and prohibiting the code with the safety problem from being submitted to a code warehouse.

Description

Method and device for researching, developing and operating safe left shift Technical Field The invention relates to the technical field of software development flow and safety management, in particular to a method and a device for developing and operating safety left shift. Background In the traffic-directed development mode, network security is often not the first consideration, and secure operation of a service system faces multidimensional challenges. Traditionally, software security tests have been scheduled at the end of the software development lifecycle, which often results in significant time and resources required to repair the last discovered serious security problem, because the system architecture has already been determined and most of the code work has been completed, and the use of patching schemes such as patching or source code modification to make a revision often results in a doubling of the workload over prior security left-shift schemes that incorporate security assessment at project planning and research stages, and uncertainty in repair time results in time likely to impact software product on-line. In addition, due to the specificity of the financial software product, it mainly carries the financial services field. When the monitoring pressure is getting more and more severe, the financial service software field is in a highly-supervised environment, and if the security hole of the repair software cannot be found and treated in time, serious legal and financial consequences can be brought. The traditional research and development flow has the following problems that the safety inspection is not carried out until the product approaches to the release or later stage, the code is realized without avoiding the open source loophole and the code logic loophole at the initial stage of development, and the problems are discovered only after the later stage and the online of the project, so that the rectifying difficulty and the time cost are increased exponentially. The automatic code examination and the automatic safety use case test can find out the potential safety hazard to a certain extent to ensure the safety of each part of the code engineering, but the once scanning report result before the online operation has very limited effectiveness for ensuring the long-term operation safety, and the safety development consciousness education and training of the developer also avoids the common safety loopholes to a certain extent, has preliminary preventive measures and depends on long-term training and habit development. Under the traditional research and development process, the research and development departments and the safety departments work at a gap, the workflow is relatively independent, the process is relatively broken, related safety tests and reports are inserted before the system is on line, at the moment, the software framework and codes are basically completed at the end of the research and development life cycle, the framework is basically fixed, the correction work cost caused by the modification and repair of related loopholes is high, and the assets with high-risk loopholes can be found in the operation period due to the hysteresis of the safety audit and the unavoidable of the safety loopholes, so that the safety departments are tired in the scene frequency of fire fighting. Therefore, there is a need for an efficient and useful development process management mechanism. Disclosure of Invention The invention mainly aims to provide a safe left-shifting research and operation method, which applies the safe left-shifting idea to the research and development life cycle of financial and scientific products, obviously reduces the delay release of the products caused by the omission of the safety, reduces the subsequent repair bug maintenance cost, improves the robustness of software, and promotes the innovation speed and market competitiveness of the whole organization. Another object of the invention is to propose a safe left-shifting developing and operating device. To achieve the above object, an embodiment of a first aspect of the present invention provides a method for developing and operating secure left shift, including: s1, establishing a safety demand baseline in a demand analysis stage, fusing safety demands and business demands and determining risk protection measures; s2, carrying out security architecture design review in an architecture design stage, carrying out threat modeling on a system architecture by a security team and carrying out a ticket overrule; S3, scanning code specifications, loopholes of open source components and logic risks in real time through a static code analysis tool in a development and coding stage, and establishing a code safety closed-loop management mechanism; s4, code examination and component list record are implemented in the compiling construction stage, a security examination report is formed by combining dynamic penetration test an