High-Assurance Design: Architecting Secure and Reliable Enterprise Applications [Hardcover]

Clifford J. Berg (Author), Cliff Berg (Author), Peter G. Neumann (Foreword)

Book Description

Publication Date: October 23, 2005 | ISBN-10: 0321375777 | ISBN-13: 978-0321375773 | Edition: 1

How to Design for Software Reliability, Security, and Maintainability Many enterprises unfortunately depend on software that is insecure, unreliable, and fragile. They compensate by investing heavily in workarounds and maintenance, and by employing hordes of "gurus" to manage their systems' flaws. This must change. And it can. In this book, respected software architect Clifford J. Berg shows how to design high-assurance applications--applications with proven, built-in reliability, security, manageability, and maintainability. High-Assurance Design presents basic design principles and patterns that can be used in any contemporary development environment and satisfy the business demand for agility, responsiveness, and low cost. Berg draws on real-world experience, focusing heavily on the activities and relationships associated with building superior software in a mainstream business environment.Practicing architects, lead designers, and technical managers will benefit from the coverage of the entire software lifecycle, showing how to: * Understand and avoid the problems that lead to unreliable, insecure software * Refocus design and development resources to improve software * Identify project risks and plan for assurable designs * Obtain the requirements needed to deliver high assurance * Design application systems that meet the identified requirements * Verify that the design satisfies these requirements * Plan and design tests for reliability and security * Integrate security design, reliability design, and application design into one coherent set of processes * Incorporate these concerns into any software development methodology A(c) Copyright Pearson Education. All rights reserved.

Editorial Reviews

From the Back Cover

How to Design for Software Reliability, Security, and Maintainability

Many enterprises unfortunately depend on software that is insecure, unreliable, and fragile. They compensate by investing heavily in workarounds and maintenance, and by employing hordes of "gurus" to manage their systems' flaws. This must change. And it can. In this book, respected software architect Clifford J. Berg shows how to design high-assurance applications—applications with proven, built-in reliability, security, manageability, and maintainability.

High-Assurance Design presents basic design principles and patterns that can be used in any contemporary development environment and satisfy the business demand for agility, responsiveness, and low cost. Berg draws on real-world experience, focusing heavily on the activities and relationships associated with building superior software in a mainstream business environment. Practicing architects, lead designers, and technical managers will benefit from the coverage of the entire software lifecycle, showing how to:

• Understand and avoid the problems that lead to unreliable, insecure software

• Refocus design and development resources to improve software

• Identify project risks and plan for assurable designs

• Obtain the requirements needed to deliver high assurance

• Design application systems that meet the identified requirements

• Verify that the design satisfies these requirements

• Plan and design tests for reliability and security

• Integrate security design, reliability design, and application design into one coherent set of processes

• Incorporate these concerns into any software development methodology

© Copyright Pearson Education. All rights reserved.

About the Author

Cliff Berg has been a pioneer in the use of Internet technologies and software development methodologies to build scalable and reliable enterprise systems. Cliff was co-founder and CTO of Digital Focus, a company that specializes in the use of Agile methods for developing enterprise-class systems, profitably executes most projects on a fixed-price basis, and which was voted the eighth fastest growing company in the Washington DC metropolitan area based on five years of revenue growth. Cliff was also a member of the team that developed the feature-driven design (FDD) approach (a pre-agile methodology) from 1997 to 1999; the team also included Peter Coad, Jeff DeLuca, and David Anderson. Today, Cliff is president and founder of Assured By Design, which helps enterprises incorporate assurance into their software creation processes and systems – without sacrificing agility.

In addition to assurance-based agile and FDD methodologies, Cliff is an expert in architectural quality audits and assessments in the areas of design integrity and scalability, and is a world-renowned expert on J2EE technologies. Cliff was the sole author of Advanced Java Development For Enterprise Applications, published by Prentice Hall under Sun Microsystems' official Java Series and translated into Japanese, and the very first book to cover Java enterprise application architecture issues in an in-depth manner. Cliff also authored the 800 page second edition, Advanced Java 2 Development For Enterprise Applications. Cliff has written approximately 30 articles in various magazines, and founded the Java Q&A Column in Dr. Dobbs Journal, which was the most popular Java technology column during the two years that Cliff wrote the column.

© Copyright Pearson Education. All rights reserved.

See all Editorial Reviews

Product Details

• Hardcover: 696 pages
• Publisher: Addison-Wesley Professional; 1 edition (October 23, 2005)
• Language: English
• ISBN-10: 0321375777
• ISBN-13: 978-0321375773
• Product Dimensions: 9.4 x 7.4 x 1.5 inches
• Shipping Weight: 2.5 pounds (View shipping rates and policies)
• Average Customer Review: 4.3 out of 5 stars  See all reviews (7 customer reviews)
• Amazon Best Sellers Rank: #703,148 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

4 of 4 people found the following review helpful:

4.0 out of 5 stars A mix of true insights and unactionable truisms, but still worthwhile, November 1, 2006

By 

Richard Bejtlich "TaoSecurity" (Metro Washington, DC) - See all my reviews
(REAL NAME)   

This review is from: High-Assurance Design: Architecting Secure and Reliable Enterprise Applications (Hardcover)

I read six books on software security recently, namely "Writing Secure Code, 2nd Ed" by Michael Howard and David LeBlanc; "19 Deadly Sins of Software Security" by Michael Howard, David LeBlanc, and John Viega; "Software Security" by Gary McGraw; "The Security Development Lifecycle" by Michael Howard and Steve Lipner; "High-Assurance Design" by Cliff Berg; and "Security Patterns" by Markus Schumacher, et al. Each book takes a different approach to the software security problem, although the first two focus on coding bugs and flaws; the second two examine development processes; and the last two discuss practices or patterns for improved design and implementation. My favorite of the six is Gary McGraw's, thanks to his clear thinking and logical analysis. The other five are still noteworthy books. All six will contribute to the production of more security software.

"High-Assurance Design" (HAD) is the sort of book one should read when sitting down to design decently complex applications. It's not a network architecture book, so you won't read about using router ACLs, firewalls, and host IPS for "defense in depth." Rather, the author is trying to teach what he calls "intrusion-aware design" (p 88). The book contains some real gems, like this principle on p 78: "A system cannot be said to be secure if the design of the actual system cannot be articulated." That is exceptionally accurate. The author explains how developers should "design for verifiability," which really applies to anyone building a complex system. I also bought the idea that reliability is the parent concept, with security as part of reliability (ch 2).

For a person who doesn't develop software professionally, I found all of those concepts to be very powerful and helpful. Programmers, especially Java and object-oriented types like Cliff Berg, will probably really enjoy later chapters in HAD like ch 7. (It was too much for me.) In some cases, however, I questioned the utility of the principles in these later sections. For example, p 301 offers this gem: "Run securely." No kidding! This and other non-actionable (or non-demonstrated) principles resulted in my offering four stars instead of five. The author is also a big agile programming fan, especially liking Extreme Programming (XP). XP, however, seems antithetical to many of his recommendations. His attempts to square this circle didn't really convince me, although certain aspects of XP are definitely compelling.

I recommend reading HAD to benefit from the wonderful insights found in the first half of the book. You'll find that apply very well to multiple security problem sets -- not just secure software development.

1 of 1 people found the following review helpful:

5.0 out of 5 stars Build high assurance using the same principles as for less reliable models, April 13, 2006

By 

D. Donovan, Editor/Sr. Reviewer "California B... (California, USA) - See all my reviews

This review is from: High-Assurance Design: Architecting Secure and Reliable Enterprise Applications (Hardcover)

Software architects seeking advanced applications development guides should take a look at Clifford J. Berg's HIGH-ASSURANCE DESIGN: ARCHITECTING SECURE AND RELIABLE ENTERPRISE APPLICATIONS, Many enterprises rely on software which is insecure or fragile and which requires expensive maintenance: here software architect Clifford Berg shows designers that high-assurance applications with proven reliability can be easily built using the same design principles as the less reliable models. Chapters identify key problems in unreliable software, show how to improve it, and tell how to obtain the requirements and systems which meet the goal of reliable design.

5.0 out of 5 stars Hits all the points dead-on, January 28, 2006

By 

Richard Wallace "Engineering on Purpose (tm)" (Longmont, CO USA) - See all my reviews
(REAL NAME)   

This review is from: High-Assurance Design: Architecting Secure and Reliable Enterprise Applications (Hardcover)

I've read this book cover to cover. If you are expecting some "tome of knowledge" that is going to impress people but collect dust, this book is not for you. This is going to be a well worn desk-reference for managers, architects, and software engineers.

The book's nineteen chapters cover all the practical elements of assurance that should be expected out of commercial software. Not only has the author covered the issues of what the software has to do, but also has covered the human aspect of fielding the software and the very human aspect of system and application administrators that have to deal with the software in a changing environment. It is obvious that the author has been in each situation that the book describes. Oh yes, and to prove that there are three case studies that show the assurance process in action.

This is a must-get book if you are leading a team, work in a corporate environment, or are about to launch you public facing application.