Microsoft labels trustworthy computing a success

Microsoft issues security updates for its products every month, despite the i ntroduction of its

Microsoft issues security updates for its products every month, despite the introduction of its trustworthy computing (TwC) initiative to raise security standards in its software seven years ago.

These continual updates, coupled with several unscheduledemergency updates,haveled some end users to believe TwCis failing.

But that is not the case, according to George Stathakopoulos, general manager for TwC security at Microsoft. He says updates are an example of transparency and prove the process is working.

Stathakopoulos admits there is still a long way to go, but says TwC was never intended to be a quick fix."We always saw this as a 10 to 15-year effort, so we are still on the way to make it better."

Fewer vulnerabilities

Microsoft announced the TwC initiative in 2002 after the firm's products suffered a series of reputation-denting attacks by worms and viruses.

It took three years to get things under control, change the mindset of developers, create new security tools and build internal knowledge, says Stathakopoulos.

There has since been a "phenomenal" increase in security as products go through continually improving steps aimed at producing secure code, he says.

Microsoft measures the success of TwC not in the number of updates issued, but in the number of vulnerabilities found and the number of machines infected.

"We like to see a reduction in vulnerabilities in the first 180 days. We have done well. Vista was around 70% better than XP," says Stathakopoulos.

Microsoft backs up the success of TwC withstatistics gathered by Microsoft's malicious software removal tool that runs on millions of computers around the world.

Windows XP is scoring around 35 infections perthousand computers, but processes such as the Security Development Lifecycle (see box) within TwC have reduced infections.

The figure drops to eight per thousand for XP SP2, four per thousand for Vista, and less thanone for Vista SP1, says Stathakopoulos.

The number of vulnerabilities recorded within the first year of Vista was 45% lower than the XP figure, dropping from 119 to 66.

The post security development lifecycle figure for Microsoft's SQL Server 2005 database showed a 91% reduction on the figure for SQL server 2000 in the first 36 months after release.

According to IBM's X-Force security report, Microsoft's share of disclosed vulnerabilities dropped from 4.2% in 2007 to 2.5% in 2008.

Gaining trust

All these figures point to progress through the TwC over time, but so do improvements in reputation, says Stathakopoulos.

"I cannot remember the last time a customer told me they were considering switching to Linux because of security. Our reputation is much better," he says.

In fact, Stathakopoulos claims Microsoft is ahead of the game when it comes to building defence mechanisms within the operating system.

But he says keeping up with the criminals, who continually raise their game, is a constant struggle, despite new levels of software quality and reliability.

This is particularly true when it comes to finding ways of dealing with the threat of interacting with the internet.

"Here we still have a lot to learn, but this is not something we will do by ourselves," says Stathakopoulos.

Trustworthy computing, where hardware and software work together to deliver a secure, safe and predictable state, is achieved only through collaboration, he says.

Greater collaboration between hardware, operating systems and application software and ways of dealing with security on the internet are at the forefront of TwC's efforts.

Microsoft says it has learned the lessons of the past. The software giant no longer sees itself as an island, particularly when it comes to security.


Security development lifecycle (SDL) 
Microsoft designed SDL to ensure that the development of software is as secure as possible.

The process is made up of a series of security-focused activities and targets for each of the phases of Microsoft's software development process.

These include the development of threat models during software design, the use of static analysis code-scanning tools during implementation, and the conduct of code reviews and security testing.

Before software can be released, it must undergo a final security review by a team independent from its development group.

Read more on IT risk management