Building security and privacy into products from concept to retirement is not only a strong development practice, but is essential for customers to be able to unleash the power of their data. This begins with Intel’s Security First Pledge and mindset – that the security of Intel’s products is an ongoing priority, not a one-time event – and is demonstrated by Intel’s security development lifecycle (SDL).
Intel SDL is a set of processes that integrates security principles and privacy tenets into product development to reduce mitigation costs and improve product resiliency. Intel has taken a holistic approach to SDL, customizing the process to address the highly integrated nature of hardware, firmware and software development.
In order to build and support more secure products, Intel has outlined six key stages of its SDL: planning and assessment, architecture, design, implementation, security validation, and release and post-deployment. These stages build upon each other and help ensure the delivery of a trustworthy product that can be effectively supported from beginning to end. And while absolute security can never be guaranteed, Intel is committed to applying SDL principles throughout each stage of hardware, firmware and software development.
The Intel SDL is closely connected to the Product Security Incident Response Team (PSIRT), Bug Bounty program, and offensive and defensive research efforts that contribute to ongoing security assurance vigilance for products both in development and in the field.
For details, read a full whitepaper on the subject, “Intel Security Development Lifecycle.”