On February 16, 2018, at the Munich Security Conference, the corner stone for the Charter of Trust (CoT) was laid to make the digital world more secure. A continuously growing group of multinational companies has signed off on this cyber security initiative by endorsing its 10 fundamental principles, which foster three important objectives: to protect the data of individuals and companies, to prevent damage to people, companies and infrastructures, and to create a reliable foundation on which confidence in a networked, digital world can take root and grow.

As 2023 marks its fifth anniversary, the Charter of Trust publishes a “Secure Development Lifecycle: step-by-by step guidelines”. The purpose of this document is to provide additional information on a step-by-step approach for achieving secure development lifecycle, in addition to the Phase 1 and Phase 2 baseline requirements. The document aims to provide a deep dive into the topic of secure development lifecycle and define best practices for achieving the same. This includes the following steps: identifying the basic steps for a development lifecycle model and developing best practices for a secure development lifecycle.

The document aims to provide guidance to current members of the Charter of Trust, future members of the Charter of Trust and other stakeholders who would like to adopt a Secure Development Lifecycle Approach in their Security by Design and Default Strategy.

This document was designed by the CoT’ Security by Default Taskforce.