This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
I appreciate the reply I got in my last post. It addressed a lot. I would not however, mind some explanation of how to determine which aspect of
software engineering falls under Reliability and which falls under Security
Secondly, what is the story behind the CIA triad? At least I know that 'A' stands for availability.
Reliability is defined in regards to a system specification. However, specifications are almost always incomplete or incorrect – hence, a system that conforms to its specification may ‘fail’ from the perspective of the end users. Also, users don’t read specifications so don’t know how the system is supposed to behave.
Hence practical reliability becomes more important.
System Security reflects the system’s ability to protect itself from accidental or deliberate external attack. The fact that most systems in today'w world need to be on a network makes security is an essential pre-requisite for availability, reliability and safety.
However, intrusion can change the executing system and/or its data. Therefore, the reliability and safety assurance is no longer valid.
Considering the following aspects of software engineering, I can't think of any where you'd exclude either reliability or security.