This deliverable includes the final description of the methodologies, mechanisms and tools that MUSA offers to design a secure multi-cloud application, following a security-by-design (SbD) development process. The proposed approach is based on the adoption of Security Service Level Agreements (SLAs) that are used in the full development life cycle in order to gather security requirements, model the needed security controls and assess the security level that the application can really grant after the deployment in a multi-cloud environment. In the document we describe in detail the MUSA SLA-based Security-by-DEsign (MUSA SSDE) approach and how it can be applied in different development methodologies (including the agile ones) and how it has been integrated in the MUSA workflow and how it is based on two mechanisms, namely the SLA generation and SLA composition. Finally, the document presents the SLA generator and composition tools that can be used as a stand-alone application or fully integrated in the MUSA framework.