Secure Design in DevSecOps: Principles, Threat Modeling, and Huawei Cloud Practices

With the rapid development of DevOps, the speed of application iteration has increased dramatically, but security must keep pace; otherwise, it can negate DevOps benefits and slow digital transformation. Consequently, security capability has become a critical metric for evaluating DevOps maturity worldwide.

In the book DevSecOps Leader's Guide , Glenn Wilson proposes a three‑layer DevSecOps methodology: Security Education, Secure By Design, and Security Automation. Designing security early in the architecture phase dramatically reduces remediation costs—repairs after release can cost up to 30 times more than fixes made during design, according to NIST data.

Secure design is therefore essential throughout the software lifecycle. It extends from application code to containers and infrastructure, requiring robust security controls at every stage, from source‑code protection to runtime safeguards, identity verification, and authorization.

Key security architecture concepts include the CIA triad (Confidentiality, Integrity, Availability) and a set of design principles grouped into three categories:

Restrictive Principles : Fail‑Safe Defaults, Complete Mediation, Separation of Privilege, Least Privilege.

Simplicity Principles : Economy of Mechanism, Least Common Mechanism.

Design Principles : Open Design, Psychological Acceptability, plus industry‑derived practices such as defense‑in‑depth and privacy protection.

Threat modeling provides a structured approach to identify, quantify, and mitigate security risks. Common methodologies include Microsoft’s STRIDE, PASTA, LINDDUN, CVSS, attack trees, and others, which can be combined to create comprehensive threat views tailored to project needs.

Huawei Cloud implements these concepts through its own security design practice. It offers a security design domain that upgrades STRIDE, provides automated risk mitigation recommendations, and supplies analysis reports. Huawei’s SecDesign tool performs threat modeling during the product design phase to identify and reduce risks early.

Data protection measures follow the principles of isolation, encryption, and redundancy. Huawei Cloud services such as EVS, OBS, and SFS enforce data isolation; encryption integrates with the DEW service for key management; and multi‑replica backup with erasure coding ensures data durability. Privacy‑by‑Design is embedded throughout, adhering to GDPR, China’s Personal Information Protection Law, and other regulations, with clear guidelines on lawful processing, data minimization, and accountability.

Overall, the article emphasizes that while DevOps seeks speed, security requires depth and expertise; integrating secure‑by‑design practices, thorough threat modeling, and robust cloud security controls is essential for achieving fast yet safe software delivery.