Author : Ross Anderson
https://www.cl.cam.ac.uk/~rja14/book.html
Download each chapter as PDF
Third edition of Security Engineering, which will be published in November 2020.
You may pre-order the paper book here-1 for delivery at the end of November in the USA and here-2 for delivery in January 2021 in the UK.
here-1 https://www.amazon.com/Security-Engineering-Building-Dependable-Distributed-dp-1119642787/dp/1119642787/rossandersshomep
here-2 https://www.amazon.co.uk/Security-Engineering-Building-Dependable-Distributed-dp-1119642787/dp/1119642787/rossandersshomep
Code: Select all
Author : Ross Anderson
Security Engineering -- Third Edition
------------------------------------------------------
Preface
Chapter 1: What is Security Engineering?
Chapter 2: Who is the Opponent?
Chapter 3: Psychology and Usability
Chapter 4: Protocols
Chapter 5: Cryptography
Chapter 6: Access Control
Chapter 7: Distributed Systems
Chapter 8: Economics
Chapter 9: Multilevel Security
Chapter 10: Boundaries
Chapter 11: Inference Control
Chapter 12: Banking and Bookkeeping
Chapter 13: Physical Protection
Chapter 14: Monitoring and Metering
Chapter 15: Nuclear Command and Control
Chapter 16: Security Printing and Seals
Chapter 17: Biometrics
Chapter 18: Physical Tamper Resistance
Chapter 19: Side Channels
Chapter 20: Advanced Cryptographic Engineering
Chapter 21: Network Attack and Defence
Chapter 22: Phones
Chapter 23: Electronic and Information Warfare
Chapter 24: Copyright and DRM
Chapter 25: Taking Stock
Chapter 26: Surveillance or Privacy?
Chapter 27: Secure Systems Development
Chapter 28: Assurance and Sustainability
Chapter 29: Beyond 'Computer Says No'
Bibliography
------------------------------------------------------
comment to Boeing 737-MAX 20201016 :Even so, there are expensive disasters, such as the Boeing 737Max flight control software.
This not only had at least one serious bug, but escaped a proper failure modes and effects analysis because the engineers responsible –
under pressure from their managers to complete the project on time – wrongly assumed that pilots would be able to cope with any failure .
As a result, the software relied on a single angle-of-attack sensor rather than using the two sensors with which the aircraft was fitted,
and sensor failure led to fatal accidents.
When testing the usability of redundant systems, you need to pay attention to fault masking:
if the output is determined by majority voting between three processors, and one of them fails, then the system will continue to work fine
– but its safety margin will have been eroded, perhaps in ways the operators won’t understand properly.
https://www.channelnewsasia.com/news/commentary/boeing-737-max-fatal-crashes-regulations-aircraft-how-safe-to-fl-13285352