Failing badly

Last updated

Failing badly and failing well are concepts in systems security and network security (and engineering in general) describing how a system reacts to failure. The terms have been popularized by Bruce Schneier, a cryptographer and security consultant. [1] [2]

Contents

Failing badly

A system that fails badly is one that has a catastrophic result when failure occurs. A single point of failure can thus bring down the whole system. Examples include:

Failing well

A system that fails well is one that compartmentalizes or contains its failure. Examples include:

Designing a system to 'fail well' has also been alleged to be a better use of limited security funds than the typical quest to eliminate all potential sources of errors and failure. [4]

See also

References

  1. 1 2 Homeland Insecurity Archived 2011-09-28 at the Wayback Machine , Atlantic Monthly , September 2002
  2. David Hillson (29 March 2011). The Failure Files: Perspectives on Failure. Triarchy Press. p. 146. ISBN   9781908009302.
  3. 1 2 Eric Vanderburg (February 18, 2013). "Fail Secure – The right way to fail". PC Security World. Archived from the original on October 27, 2014. Retrieved November 11, 2014.
  4. Failing Well with Information Security Archived 2008-10-14 at the Wayback Machine - Young, William; Apogee Ltd Consulting, 2003