We are developing a methodology to build secure software for complex applications and its related support. This methodology considers the whole software lifecycle, uses security patterns, and is applied at all the architectural levels of the system. A main idea is that security principles should be applied at every stage and that each stage can be tested for compliance with security principles. Patterns help apply security principles. This chapter presents the current status of our work.