Introduction and Terms

Software security is sometimes viewed as a concept separate from software reliability. (Note that the separation between dependability and reliability is not consistently clear in the literature; the two terms are sometimes used interchangeably. We use the term reliability in the sense defined below). However, it might be more appropriate to consider software security as an aspect of software dependability. After all, the reliability of a system can be defined as "the quality of the delivered service such that reliance can justifiably be placed on this service." (see [1], slide number 14, although Malek uses the term dependability there). Related to that notion, software security is sometimes viewed as software fault-tolerance under very harsh conditions: The software needs to be tolerant not only towards accidental and random faults but also towards maliciously injected faults and tampering, thus towards faults provoked with malicious intent. However, even if you like to view software security and software reliability as separate issues, they are always related. In the majority of cases, improving a software's security will also improve its reliability. There are two main approaches to software security.

• Design for Security
• Testing for Security

The term Security Engineering includes both of these activities. They should always be used together. Design for Security includes activities like design audits. In the past it has shown that there's a third important aspect within Security Engineering that should not be underestimated: Implementation security. This is largely independent from Design for Security, but related to Testing for Security in that Testing for Security aims at uncovering security issues that arise from a systems's implementation.