Security
Learn more about security in Windows 10.
OS security tasks
To create a secure device, an OEM should complete the following tasks.
Task | Description |
---|---|
Learn how to sign different types of executable code and other code assets | All Windows 10 Mobile binaries need digital signatures to load and execute on a retail phone. For more info, see Get a code signing certificate. |
Understand image validation and encryption | Windows 10 Mobile includes secure boot, a process that validates firmware images before they are allowed to execute. Windows 10 Mobile also provides device encryption, a feature that encrypts all user data stored on internal data partitions. OEMs must perform a series of tasks during manufacturing to enable these features. |
Understand the Security Development Lifecycle (SDL) | Security Development Lifecycle (SDL) best practices and associated tools can be used by OEMs to improve the security of their products. |
SDL recommendations for OEMs
The Microsoft Security Development Lifecycle (SDL) is a set of best practices and associated tools that OEMs can use to improve the security of their products. SDL practices are organized by the phases of the traditional software development life cycle in which they are most effective. For example, threat modeling is most effective during software design.
Many of these security activities would provide some degree of security benefit if implemented on a standalone basis. However, practical experience at Microsoft has shown that security activities executed in chronological order during the right phase of the software development life cycle and as part of a repeatable process can result in greater security gains than those resulting from ad-hoc implementation. For more info about the SDL, see Microsoft Security Development Lifecycle.
The following table describes a subset of the SDL practices that are most useful for the OEM to adopt. Some of these practices are more helpful for driver code, while others are more helpful for application code. Some of the SDL practices are useful for both. Drivers tend to run with higher privileges, so it is important to consider these best practices when developing driver code.
Tool | Information | Suggested area |
---|---|---|
Microsoft Threat Modeling Tool | The Threat Modeling Tool is a core element of the Microsoft Security Development Lifecycle (SDL). It allows software architects to identify and mitigate potential security issues early, when they are relatively easy and cost-effective to resolve. | Driver |
FxCop | FxCop is a static analyzer. It analyzes managed-code assemblies and reports information about the assemblies such as possible design, localization, performance, and security improvements. | Partner apps |
Migrate from FxCop code analysis to .NET compiler platform analyzers | Visual Studio 2017 includes a built-in set of .NET Compiler Platform analyzers that analyze your C# or Visual Basic code as you type. You can install additional analyzers as a Visual Studio extension, or on a per-project basis as a NuGet package. Analyzers look at code style, code quality and maintainability, code design, and other issues. | Partner apps in managed code |
BinSkim | BinSkim is a binary static analysis tool that scans Windows Portable Executable (PE) files for security and correctness. Among the verifications performed by BinSkim are validations that the PE file has opted into all of the binary mitigations offered by the Windows Platform. (User Guide (DOCX download)) | Drivers and partner apps |
Code Analysis for C/C++ | Code Analysis for C/C++ is a static analyzer that is provided with the installation of Visual Studio Team System Development Edition or Visual Studio Team Suite and helps to detect and correct code defects. It plows through source code one function at a time, and looks for C/C++ coding patterns and incorrect code usage that may indicate a programming error. | Drivers and partner apps |