The computer-related risk of the year: weak links and correlated events

Author

Newmann, P.G.

Author_Institution

SRI Int., Menlo Park, CA

fYear

1991

fDate

24-27 Jun 1991

Firstpage

5

Lastpage

8

Abstract

There has been much innovative work in designing computer and communication systems that can dependably attain certain stringent requirements such as multilevel security, very high availability, or functional correctness. However, significant risks may remain if such a system fails to operate as expected. A variety of causes must be considered. A confluence of unrelated or seemingly unrelated events such as malicious misuse and faults that exceed the system fault tolerance may cause the system to behave in an unanticipated way. The 1991 Risk of the Year designation recognizes such eventualities. Three types of cases are considered: notably weak links, independent multiple events and correlated multiple events. Not surprisingly, the three cases are often discovered to be interrelated, even when seemingly disjoint

Keywords

fault tolerant computing; safety; security of data; software reliability; communication systems; computer-related risk; correlated multiple events; fault tolerance; functional correctness; high availability; independent multiple events; malicious misuse; multilevel security; notably weak links; stringent requirements; ARPANET; Air traffic control; Communication cables; Computer science; FAA; Laboratories; NIST; Optical fiber cables; Telephony; Testing;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Assurance, 1991. COMPASS '91, Systems Integrity, Software Safety and Process Security. Proceedings of the Sixth Annual Conference on

Conference_Location

Gaithersburg, MD

Print_ISBN

0-7803-0126-9

Type

conf

DOI

10.1109/CMPASS.1991.161027

Filename

161027