Software may be secure by design, but not by implementation. Every software release process must include a battery of automated security tests. Oyente is a cool new static code analysis tool for Ethereum smart contracts. It detects common bugs related to transaction ordering, time stamps, and reentrancy. The original conference paper Making Smart Contracts Smarter is well worth reading and has the clearest explanation I've seen of smart contract errors, why they happen, and how to avoid them.