Engineers and Geoscientists BC
HomeNews

New Guidelines: Development of Security-Critical Software

Posted on June 30, 2025
New Guidelines: Development of Security-Critical Software
Engineers and Geoscientists BC published its Professional Practice Guidelines – Development of Security-Critical Software on June 4. These guidelines provide registrants with professional practice standards for software engineering.

More specifically, these guidelines provide guidance for engineers involved in the specification, design, implementation, verification, deployment, or maintenance of security-critical software.

“Security threats to software systems are more prevalent now than they ever have been, and these guidelines will equip registrants with the tools they need to develop software systems that are secured to the standards expected of engineering professionals,” said David Slade, a Practice Advisor with Engineers and Geoscientists BC.

“These guidelines will serve as a valuable tool for any professionals involved in the development of security-critical software by offering a strategic, structured development approach along with best practices, standards and resources,” Slade said.

Many software systems maintain private, business-confidential, or otherwise sensitive information and some systems need to be highly trusted with respect to their integrity and availability. Modern systems are increasingly networked at different levels of scale, ranging from critical infrastructure, such as smart power grids, to household smart devices.

These systems are constantly exposed to threats from various kinds of malicious agents seeking to identify and exploit vulnerabilities, and their interconnectivity can expose new vulnerabilities to an otherwise secure system. While software cannot, in general, be guaranteed to be secure or to be free of defects, the use of secure software engineering practices can prevent, manage, or reduce the likelihood of many security vulnerabilities and facilitate the recovery from successful attacks.

The guidelines also cover risk management, security objectives for security-critical software, as well as lifecycle processes including decommissioning of security-critical software.

Engineers and Geoscientists BC partnered with experienced registered software engineering professionals to develop the guidelines.

The Professional Practice Guidelines – Development of Security-Critical Software are available on our website.

Photo: AI Booth / Shutterstock

 

Engineers and Geoscientists BC acknowledges that our office is located on the territories of the Coast Salish Peoples, specifically the xʷməθkʷəy̓əm (Musqueam), səlilwətaɬ (Tsleil-Waututh Nation), and Sḵwx̱wú7mesh Úxwumixw (Squamish Nation).
  • © 2025 Engineers and Geoscientists BC
  • “The business name of the Association of Professional Engineers and Geoscientists of the province of BC”