This first-of-its-kind resource offers a broad and detailed understanding of software systems engineering from both security and safety perspectives. Addressing the overarching issues related to safeguarding public data and intellectual property, the book defines such terms as systems engineering, software engineering, security, and safety as precisely as possible, making clear the many distinctions, commonalities, and interdependencies among various disciplines. Practitioners explore the various approaches to risk and the generation and analysis of appropriate metrics. This unique book explains how processes relevant to the creation and operation of software systems should be determined and improved, how projects should be managed, and how products can be assured. Professionals learn the importance of integrating safety and security into the development life cycle.
C. Warren Axelrod is the president of C. Warren Axelrod, LLC. He was previously the research director for financial services for the U.S. Cyber Consequences Unit and an executive adviser to the Financial Services Technology Consortium. He was also the chief privacy officer and business information security officer for U.S. Trust. Dr. Axelrod is the author of Enterprise Information Security and Privacy and Outsourcing Information Security (Artech House 2009, 2004).
Definitions. Security Metrics. Software Assurance. Differentiating between Security-Criticality and Safety-Criticality. Identity Access Management Issues. Factors Affecting Safety and Security. Risk Models. The Importance of the Requirements Phase. Nonfunctional Requirements. The Transition from Requirements to Specifications. System Design and Development. Validation and Verification. The Impact of Changing Context. Operational Issues. Decommissioning. Cyber Security Economics. The Future of system Safety and Security.