Pragmatic Directions in Engineering Secure Dependable Systems

All large and complex computer and communications systems have an intrinsic requirement to be dependable since their failure can cause significant losses in terms of life or treasure. Such the systems are expected to have the attributes of reliability, availability, safety, confidentiality, survivability, integrity, and maintainability. Current software and hardware systems continue to evolve in complexity at rapid rates. Although the increase in the complexity of single artifact (such as number of logical decision points in a software package) can often be tracked with Moore's Law like approximations, systems constructed out of larger number of smaller subsystems defy such classifications. The reason for this added complexity is that interactions between the subsystems explode exponentially in the size of the parent system. Yet all component interactions must be addressed exhaustively to predict accurate behavior of the whole system. The challenge that we face is that it is seldom possible to model or test all such interactions in a given system. As a result, building dependable complex systems with realistic assessment of risks of failure is an extremely difficult endeavor. Attempts have been made to ameliorate the difficulty in the engineering of dependable complex systems using lessons from engineering methodologies in other domains.