Avoid common vulnerabilities

#reliable
#secure

The system shall avoid the following vulnerabilities in every release/deployment:

Missing data encryption.
OS command injection.
SQL injection.
Buffer overflow.
Missing authentication for critical function.
Missing authorization.
Unrestricted upload of dangerous file types.
Reliance on untrusted inputs in a security decision.

Related Quality Requirements

Access control is enforced | #secure #suitable
Add new product | #suitable #efficient #reliable
Assess impact of proposed change | #suitable #reliable
Authenticity of a digital document | #secure #suitable
Available 7x24 with 99% uptime | #operable #usable #reliable
Confidentiality by multi-tenancy | #secure
Detailed audit log | #secure #suitable
Detect inconsistent user input | #usable #reliable
Employee attempts to modify pay rate | #secure
Encrypted storage | #secure
Every data modification is logged | #secure
Fast and accurate sensor | #efficient #reliable
Fast deployment | #reliable #operable
Good code readability score | #reliable
Handle sudden increase in traffic | #reliable
Keep data on error | #reliable #usable
Low change-failure rate | #reliable
New Features Introduce No Bugs | #reliable
Only authenticated users can access data | #secure
Order queue | #reliable
Precise calculation of gamma coefficient | #reliable
Precision of vehicle's orientation | #reliable
Restored to fully functional state 12h after complete failure | #operable #usable #reliable
Server fails |
Severe errors are detected and the system shuts down into safe state | #operable #safe #reliable
System can run >12h without re-booting the operating system | #operable #reliable
System runs offline | #reliable #operable
Up to date API | #reliable #suitable
Vehicle's position validity influences accuracy | #reliable #usable
Withstand DDoS Attack | #reliable
Zero-knowledge data storage | #secure
system continues to operate without downtime | #reliable

Related Qualities

Vulnerability