¶ What Activities are part of the Design Phase?
The design phase is arguably the most important phase in the engineering process, as it sets the foundation for everything that comes after, and it is the earliest point in which security objectives can be tackled to ensure the delivery of a secure system. The activities below are part of the design process, but you will see some deviations from established practice as we identify additional steps that should be included for security purposes. Pay careful attention to the relationship between Design and Test phases as these activities are intrisically linked as a validation of the design.
¶ A Note on CIE Activities Within the Design Phase
While not an explicit phase of design, CIE principles are primarily involved in Design requirements, threat modeling and design deliverables, and should be thoroughly injected into the engineering process. In some ways, all 12 of the CIE principles described in this wiki should be applied to design, but as you will note, many of them also apply to Operations as well.
¶ Feasibility Study
The Feasibility Study phase is the stage of the system development process that focuses on determining whether a proposed system is feasible, both from a technical and economic perspective. The objective of the Feasibility Study is to determine whether a system should be developed based on its technical feasibility, economic viability, and operational practicality.
This phase typically includes the following activities:
- Requirements gathering: Identify and gather the initial requirements for the proposed system, these will be expanded in a future stage.
- Technical feasibility analysis: Analyze whether the proposed system can be developed using available technology, tools, and techniques.
- Economic feasibility analysis: Analyze whether the proposed system is financially viable and whether the benefits outweigh the costs.
- Operational feasibility analysis: Analyze whether the proposed system can be integrated into the existing operational environment and whether it will be practical to operate.
- Risk assessment: Identify and evaluate potential risks and uncertainties associated with the proposed system.
- Report and recommendation: Generate a report that summarizes the findings of the feasibility study and makes a recommendation on whether to proceed with the development of the system.
The Feasibility Study phase helps to ensure that resources are allocated to the most promising system development efforts. By conducting a feasibility study early in the development process, it is possible to identify potential issues and challenges that could impact the success of the project. This can help to prevent costly mistakes and ensure that the system development effort is focused on a viable solution that meets the needs of stakeholders.
¶ Concept of Operations
The Concept of Operations (ConOps) phase is the stage that focuses on defining the operational concept and requirements for the proposed system. The objective of the ConOps phase is to define the user needs, objectives, and high-level requirements for the system in order to establish the overall concept for how the system will be used.
This typically includes the following activities:
- Stakeholder identification: Determine who the stakeholders for the system are, and their role.
- User needs analysis: Identify the needs, objectives, and requirements of the users of the system.
- High-level system requirements: Develop high-level requirements that define the operational concept for the system.
- Conceptual design: Develop a conceptual design that defines the overall system architecture and how it will meet the user needs.
- Operational scenarios: Develop operational scenarios that describe how the system will be used in different contexts.
- Use cases: Develop use cases that describe the specific ways in which the system will be used to meet user needs.
- ConOps document: Produce a document that summarizes the operational concept for the system and the high-level requirements that define it.
The ConOps phase helps to ensure that the system development effort is focused on meeting the needs of its users. By developing a clear understanding of the operational concept and requirements for the system, it is possible to establish a solid foundation for the subsequent stages of the system development process. This can help to prevent costly mistakes and ensure that the system is designed and developed to meet the needs of its intended users.
¶ System Requirements
The System Requirements phase is the stage of the system development process that focuses on defining detailed requirements for the system. The objective of the System Requirements phase is to translate the high-level requirements defined in the Concept of Operations (ConOps) phase into a detailed set of functional and non-functional requirements that can be used to guide the design and development of the system.
The System Requirements phase typically includes the following activities:
- Requirements analysis: Analyze the high-level requirements defined in the ConOps phase to identify detailed functional and non-functional requirements for the system.
- Requirements specification: Document the detailed requirements in a Requirements Specification document that defines the system's functional and non-functional capabilities. These requirements may include security and compliance requirements, as well as other functional requirements that could potentially place security at risk.
- Requirements review: Conduct a formal review of the requirements with stakeholders to ensure that they are complete, accurate, and consistent. As part of this process, requirements should be approved or rejected to finalize.
- Requirements traceability: Establish traceability between the requirements and other system artifacts, such as design documents, test plans, and user manuals.
The System Requirements phase establishes a solid foundation for the subsequent stages of the system development process. By defining detailed requirements for the system, it is possible to ensure that the system meets the needs of its intended users, functions as intended, and is reliable, maintainable, and scalable. The System Requirements document is typically used as a baseline for subsequent stages of the system development process, such as system design, implementation, and testing.
¶ High Level Design (HLD)
The High-Level Design phase focuses on developing an overall architectural and functional design for the system based on the requirements specified in the System Requirements phase. The objective of the HLD is to define the system architecture and subsystem interfaces, and to identify the major system components and their functions.
This typically includes the following activities:
- Architecture design: Develop an overall system architecture that defines the major system components and their interrelationships.
- Subsystem interface design: Define the interfaces between system components and subsystems.
- Component design: Identify the major system components and develop functional specifications for each component.
- Data design: Define the data structures and data flows within the system.
- High-Level Design review: Conduct a formal review of the high-level design with stakeholders to ensure that it meets the requirements specified in the System Requirements phase.
The High-Level Design phase iestablishes the overall structure and functional capabilities of the system. By defining the system architecture and major system components, it is possible to ensure that the system is structured in a way that enables it to meet the functional and non-functional requirements specified in the System Requirements phase. The High-Level Design document is typically used as a baseline for subsequent stages of the system development process, such as detailed design, implementation, and testing.
¶ Threat Model
Threat modeling is a process used in information security and software engineering to identify and assess potential threats to a system or application. The objective of threat modeling is to systematically identify and prioritize potential threats, and to develop a plan for mitigating or eliminating those threats.
The threat modeling process typically includes the following steps:
- Identify assets: Identify the assets that need to be protected, such as data, systems, applications, and networks.
- Define threats: Define the threats that could potentially compromise the security of the assets, such as malware, phishing attacks, denial-of-service attacks, and data breaches.
- Identify vulnerabilities: Identify the vulnerabilities in the system that could be exploited by the threats, such as software bugs, misconfigurations, and weak passwords.
- Assess risks: Assess the risks associated with each identified threat and vulnerability, and prioritize them based on the level of risk they pose to the system.
- Develop countermeasures: Develop countermeasures to address the identified threats and vulnerabilities, such as software patches, access controls, and security policies.
- Test and validate: Test and validate the effectiveness of the countermeasures, and refine the threat model as needed based on the results.
Threat modeling is an important process for ensuring the security of systems and applications. By systematically identifying and addressing potential threats and vulnerabilities, it is possible to minimize the risk of security breaches and protect valuable assets from unauthorized access, theft, or damage.
¶ Detailed Design
Using the HLD and threat nmodel as inputs, the Detailed Design phase is the stage of the system development process that focuses on developing a detailed design for each component of the system. The objective of the Detailed Design phase is to specify the detailed requirements and design for each system component, based on the architecture and functional design specified in the High-Level Design phase.
This phase typically includes the following activities:
- Component design: Develop a detailed design for each system component, including hardware, software, and interfaces.
- Interface design: Specify the detailed interfaces between system components and subsystems.
- Data design: Specify the detailed data structures and data flows within the system.
- Design documentation: Create detailed design documents that describe the design of each system component.
- Design review: Conduct a formal review of the detailed design with stakeholders to ensure that it meets the requirements specified in the High-Level Design phase.
The Detailed Design phase specifies the detailed requirements and design for each system component. By specifying the detailed design for each component, it is possible to ensure that the system is designed to meet the functional and non-functional requirements specified in the High-Level Design phase. The Detailed Design documents are typically used as a baseline for subsequent stages of the system development process, such as implementation, testing, and deployment.
¶ Validate Design
The design validation phase is an important stage in the development process where the system's design is tested and evaluated to ensure that it meets the specified requirements and is fit for its intended purpose. This phase typically follows the detailed design phase and precedes the production and deployment stages.
During this process, the system's functionality, performance, and other key attributes are tested through a variety of techniques such as simulation, modeling, prototyping, and testing. The goal is to verify that the system's design meets the user's needs, operates correctly and efficiently, and is safe and reliable. This also involves assessing the system's design against other factors such as security outcomes, cost, ease of maintenance, and environmental impact, to ensure that the system can be produced and operated efficiently and sustainably.
The outcomes of the design validation phase may include recommendations for further design modifications, a determination that the design meets the requirements and is ready for production, or a decision to abandon the design and start over. The results of this phase are critical for the success of the system development project and ultimately determine whether the system can meet its intended purpose.