Abstract
This paper presents a set of practical techniques and tools for creating secure software with a special focus on the design phase of the development lifecycle. The target group is the ordinary ”developer-on-the-street”, who is not primarily interested in (or knowledgeable about) security, but must focus on designing/implementing as much functionality as possible before the deadline and on budget.