Software development processes and tools used for small communication devices have changed significantly over the years. Some of these practices and processes have resulted in improvements in quality and time to market for their target products, but in some cases have unintended results for the security and trustedness of those same products. This talk will look at several of these practices and approaches that can drive improvements in quality and productivity metrics for embedded communication software development teams yet create vulnerabilities and/or weaken the security architecture for those products.