The software security knowledge area focuses on the development and use of software that reliably preserves the security properties of the information and systems it protects. The security of a system, and of the data it stores and manages, depends in large part on the security of its software. The security of software depends on how well the requirements match the needs that the software must address, and how well the software is designed, implemented, tested, deployed, and maintained. The documentation is critical if everyone is to understand these considerations, and ethical considerations arise throughout the creation, deployment, use, and retirement of software. The software security knowledge area addresses these security issues. The knowledge units within this knowledge area are comprised of fundamental principles and practices.