Breakdowns, security, hazards, etc are all over the place these days, and so Matthew Squair's presentation on Software Partitioning Integrity is very timely. He subtitles it "A short tutorial on the basic architectural principles of integrity level partitioning"
You'll learn pithy things like this:
If You Can Keep Them Separate (Partitioning)Of course in the world of system engineering, we talk about decoupling and coupling, the former to manage the propagation of risk and provide for independence of action; the latter to create a means for integrating actions.
Then You Can Bring Them Together (Composition)
Greve & Wilding HCSS 03
And, at an even higher level, these principles are applicable to portfolios, and the way projects, scope, and security is partitioned among portfolio constituents.
A few definitions are helpful, especially when looking at the system either in terms of safety or security (perhaps attention to aircraft cockpit security could benefit by this):
Strict ProtectionBeyond software
– Component X can be said to be strictly protected from Y if any behavior of
Y has no effect on the operation of X
– Component X can be said to be safely protected from Y if any behavior of
Y has no effect on the safety properties of X
Two-way (symmetric) protection
– Component X is protected from Y, and Y is protected from X
One-way (asymmetric) protection
– Component X is protected from Y, but component Y is not protected from
This presentation actually goes beyond software to the very top of the architecture, to include hardware, and the interactions of hardware and software vis a vis safety, isolation, and protection.
If you're in this business (and actually who is not thinking of security these days) this is a good read.
Read in the library at Square Peg Consulting about these books I've written
Buy them at any online book retailer!
Read my contribution to the Flashblog