https://github.com/threeforwyy/csslp-notes/blob/main/notes/01-Secure-Software-Concepts/04-Software-Development-Methodologies.md
add process checks to development process to include necessary security elements
**在開發過程中增加流程檢查,以包含必要的安全要素。**
SMART - Specific, Measurable, Attainable, Realistic, Time bound
**具體的、可衡量的、可達成的、實際的、有時限的**
quality = fitness for use or absence of defects 品質=適用或少缺陷
high quality != secure but low quality with lots of defects will have security issues from basic mistakes
**高品質不一定等於安全,但低品質且有許多缺陷的軟體會因基本的錯誤而產生安全問題。**
encryption, authentication, and other security features can improve usability
**加密、認證及其他安全功能可以改善使用者體驗。**
secure software development is different: ensure all elements of software operate securely
**安全軟體開發有所不同:確保軟體的所有元素都能安全運作。**