- Hardcover: 696 pages
- Publisher: Addison Wesley; 1 edition (13 Oct 2005)
- Language English
- ISBN-10: 0321375777
- ISBN-13: 978-0321375773
- Product Dimensions: 23.9 x 18.9 x 3.8 cm
- Amazon Bestsellers Rank: 1,904,916 in Books (See Top 100 in Books)
- See Complete Table of Contents
| |||||||||||||||
Did you know you can trade in your old books for an Amazon.co.uk Gift Card to spend on the things you want? Visit the Amazon.co.uk Trade-In Store for more details. |
Product details |
More About the Author
Product Description
Product Description
How to Design for Software Reliability, Security, and Maintainability Many enterprises unfortunately depend on software that is insecure, unreliable, and fragile. They compensate by investing heavily in workarounds and maintenance, and by employing hordes of "gurus" to manage their systems' flaws. This must change. And it can. In this book, respected software architect Clifford J. Berg shows how to design high-assurance applications--applications with proven, built-in reliability, security, manageability, and maintainability. High-Assurance Design presents basic design principles and patterns that can be used in any contemporary development environment and satisfy the business demand for agility, responsiveness, and low cost. Berg draws on real-world experience, focusing heavily on the activities and relationships associated with building superior software in a mainstream business environment.Practicing architects, lead designers, and technical managers will benefit from the coverage of the entire software lifecycle, showing how to: * Understand and avoid the problems that lead to unreliable, insecure software * Refocus design and development resources to improve software * Identify project risks and plan for assurable designs * Obtain the requirements needed to deliver high assurance * Design application systems that meet the identified requirements * Verify that the design satisfies these requirements * Plan and design tests for reliability and security * Integrate security design, reliability design, and application design into one coherent set of processes * Incorporate these concerns into any software development methodology A(c) Copyright Pearson Education. All rights reserved.
From the Back Cover
How to Design for Software Reliability, Security, and Maintainability
Many enterprises unfortunately depend on software that is insecure, unreliable, and fragile. They compensate by investing heavily in workarounds and maintenance, and by employing hordes of "gurus" to manage their systems' flaws. This must change. And it can. In this book, respected software architect Clifford J. Berg shows how to design high-assurance applications—applications with proven, built-in reliability, security, manageability, and maintainability.
High-Assurance Design presents basic design principles and patterns that can be used in any contemporary development environment and satisfy the business demand for agility, responsiveness, and low cost. Berg draws on real-world experience, focusing heavily on the activities and relationships associated with building superior software in a mainstream business environment. Practicing architects, lead designers, and technical managers will benefit from the coverage of the entire software lifecycle, showing how to:
Understand and avoid the problems that lead to unreliable, insecure software
Refocus design and development resources to improve software
Identify project risks and plan for assurable designs
Obtain the requirements needed to deliver high assurance
Design application systems that meet the identified requirements
Verify that the design satisfies these requirements
Plan and design tests for reliability and security
Integrate security design, reliability design, and application design into one coherent set of processes
Incorporate these concerns into any software development methodology
© Copyright Pearson Education. All rights reserved.
Tag this product(What's this?)Think of a tag as a keyword or label you consider is strongly related to this product.
Tags will help all customers organise and find favourite items. |
Sell a Digital Version of This Book in the Kindle Store
If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store.
Learn more
Customer Reviews
|
There are no customer reviews yet on Amazon U.K.
|
||||||||||||||||||||
|
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com:
4.3 out of 5 stars (7 customer reviews)
4 of 4 people found the following review helpful:
4.0 out of 5 stars
A mix of true insights and unactionable truisms, but still worthwhile, 2 Nov 2006
By Richard Bejtlich "TaoSecurity" - Published on Amazon.com
This review is from: High Assurance Design: Architecting Secure and Reliable Enterprise Applications (Hardcover)
I read six books on software security recently, namely "Writing Secure Code, 2nd Ed" by Michael Howard and David LeBlanc; "19 Deadly Sins of Software Security" by Michael Howard, David LeBlanc, and John Viega; "Software Security" by Gary McGraw; "The Security Development Lifecycle" by Michael Howard and Steve Lipner; "High-Assurance Design" by Cliff Berg; and "Security Patterns" by Markus Schumacher, et al. Each book takes a different approach to the software security problem, although the first two focus on coding bugs and flaws; the second two examine development processes; and the last two discuss practices or patterns for improved design and implementation. My favorite of the six is Gary McGraw's, thanks to his clear thinking and logical analysis. The other five are still noteworthy books. All six will contribute to the production of more security software.
"High-Assurance Design" (HAD) is the sort of book one should read when sitting down to design decently complex applications. It's not a network architecture book, so you won't read about using router ACLs, firewalls, and host IPS for "defense in depth." Rather, the author is trying to teach what he calls "intrusion-aware design" (p 88). The book contains some real gems, like this principle on p 78: "A system cannot be said to be secure if the design of the actual system cannot be articulated." That is exceptionally accurate. The author explains how developers should "design for verifiability," which really applies to anyone building a complex system. I also bought the idea that reliability is the parent concept, with security as part of reliability (ch 2).
For a person who doesn't develop software professionally, I found all of those concepts to be very powerful and helpful. Programmers, especially Java and object-oriented types like Cliff Berg, will probably really enjoy later chapters in HAD like ch 7. (It was too much for me.) In some cases, however, I questioned the utility of the principles in these later sections. For example, p 301 offers this gem: "Run securely." No kidding! This and other non-actionable (or non-demonstrated) principles resulted in my offering four stars instead of five. The author is also a big agile programming fan, especially liking Extreme Programming (XP). XP, however, seems antithetical to many of his recommendations. His attempts to square this circle didn't really convince me, although certain aspects of XP are definitely compelling.
I recommend reading HAD to benefit from the wonderful insights found in the first half of the book. You'll find that apply very well to multiple security problem sets -- not just secure software development.
1 of 1 people found the following review helpful:
5.0 out of 5 stars
Build high assurance using the same principles as for less reliable models, 13 April 2006
By D. Donovan, Editor/Sr. Reviewer "California B... - Published on Amazon.com
This review is from: High Assurance Design: Architecting Secure and Reliable Enterprise Applications (Hardcover)
Software architects seeking advanced applications development guides should take a look at Clifford J. Berg's HIGH-ASSURANCE DESIGN: ARCHITECTING SECURE AND RELIABLE ENTERPRISE APPLICATIONS, Many enterprises rely on software which is insecure or fragile and which requires expensive maintenance: here software architect Clifford Berg shows designers that high-assurance applications with proven reliability can be easily built using the same design principles as the less reliable models. Chapters identify key problems in unreliable software, show how to improve it, and tell how to obtain the requirements and systems which meet the goal of reliable design.
5.0 out of 5 stars
Hits all the points dead-on, 29 Jan 2006
By Richard Wallace "Engineering on Purpose (tm)" - Published on Amazon.com
This review is from: High Assurance Design: Architecting Secure and Reliable Enterprise Applications (Hardcover)
I've read this book cover to cover. If you are expecting some "tome of knowledge" that is going to impress people but collect dust, this book is not for you. This is going to be a well worn desk-reference for managers, architects, and software engineers.
The book's nineteen chapters cover all the practical elements of assurance that should be expected out of commercial software. Not only has the author covered the issues of what the software has to do, but also has covered the human aspect of fielding the software and the very human aspect of system and application administrators that have to deal with the software in a changing environment. It is obvious that the author has been in each situation that the book describes. Oh yes, and to prove that there are three case studies that show the assurance process in action.
This is a must-get book if you are leading a team, work in a corporate environment, or are about to launch you public facing application.
Listmania!
Look for similar items by category
Look for similar items by subject
Feedback
- Would you like to update product info or give feedback on images?
- I am the Author, and I want to comment on my book.
- I am the Publisher, and I want to comment on this book.
|
