About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Publication
IEEE Security and Privacy
Review
Guest Editors' Introduction: Engineering secure systems
Abstract
Construction of highly trustworthy systems is quite challengiwng and requires experienced leaders who can guide development teams through technical, political, and bureaucratic hurdles. Today's systems must be designed so that their security claims remain valid from inception through retirement. Hence, security engineering must start at the earliest stages of development, when wise choices can have a major impact on system trustworthiness and vulnerabilities are relatively inexpensive to fix. This guest editors' introduction notes the apparent scarcity of large projects incorporating rigorous security engineering and enumerates topics for further investigation, such as compositionality, formal modeling and verification, RAS and resiliency, economic factors, user acceptability and usability, and extensibility. © 2011 IEEE.