Now that there's software in everything, how can you make anything secure? Understand how to engineer dependable systems with this newly updated classicIn Security Engineering: A Guide to Building Dependable Distributed Systems, Third Edition Cambridge University professor Ross Anderson updates his classic textbook and teaches readers how to design, implement, and test systems to withstand both error and attack.This book became a best-seller in 2001 and helped establish the discipline of security engineering. By the second edition in 2008, underground dark markets had let the bad guys specialize and scale up; attacks were increasingly on users rather than on technology. The book repeated its success by showing how security engineers can focus on usability.Now the third edition brings it up to date for 2020. As people now go online from phones more than laptops, most servers are in the cloud, online advertising drives the Internet and social networks have taken over much human interaction, many patterns of crime and abuse are the same, but the methods have evolved. Ross Anderson explores what security engineering means in 2020, including:* How the basic elements of cryptography, protocols, and access control translate to the new world of phones, cloud services, social media and the Internet of Things* Who the attackers are - from nation states and business competitors through criminal gangs to stalkers and playground bullies* What they do - from phishing and carding through SIM swapping and software exploits to DDoS and fake news* Security psychology, from privacy through ease-of-use to deception* The economics of security and dependability - why companies build vulnerable systems and governments look the other way* How dozens of industries went online - well or badly* How to manage security and safety engineering in a world of agile development - from reliability engineering to DevSecOpsThe third edition of Security Engineering ends with a grand challenge: sustainable security. As we build ever more software and connectivity into safety-critical durable goods like cars and medical devices, how do we design systems we can maintain and defend for decades? Or will everything in the world need monthly software upgrades, and become unsafe once they stop?

Preface to the Third Edition xxxviiPreface to the Second Edition xliPreface to the First Edition xliiiFormy daughter, and other lawyers... xlviiForeword xlixPart IChapter 1 What Is Security Engineering? 31.1 Introduction 31.2 A framework 41.3 Example 1 - a bank 61.4 Example 2 - a military base 71.5 Example 3 - a hospital 81.6 Example 4 - the home 101.7 Definitions 111.8 Summary 16Chapter 2 Who Is the Opponent? 172.1 Introduction 172.2 Spies 192.2.1 The Five Eyes 192.2.1.1 Prism 192.2.1.2 Tempora 202.2.1.3 Muscular 212.2.1.4 Special collection 222.2.1.5 Bullrun and Edgehill 222.2.1.6 Xkeyscore 232.2.1.7 Longhaul 242.2.1.8 Quantum 252.2.1.9 CNE 252.2.1.10 The analyst's viewpoint 272.2.1.11 Offensive operations 282.2.1.12 Attack scaling 292.2.2 China 302.2.3 Russia 352.2.4 The rest 382.2.5 Attribution 402.3 Crooks 412.3.1 Criminal infrastructure 422.3.1.1 Botnet herders 422.3.1.2 Malware devs 442.3.1.3 Spam senders 452.3.1.4 Bulk account compromise 452.3.1.5 Targeted attackers 462.3.1.6 Cashout gangs 462.3.1.7 Ransomware 472.3.2 Attacks on banking and payment systems 472.3.3 Sectoral cybercrime ecosystems 492.3.4 Internal attacks 492.3.5 CEO crimes 492.3.6 Whistleblowers 502.4 Geeks 522.5 The swamp 532.5.1 Hacktivism and hate campaigns 542.5.2 Child sex abuse material 552.5.3 School and workplace bullying 572.5.4 Intimate relationship abuse 572.6 Summary 59Research problems 60Further reading 61Chapter 3 Psychology and Usability 633.1 Introduction 633.2 Insights from psychology research 643.2.1 Cognitive psychology 653.2.2 Gender, diversity and interpersonal variation 683.2.3 Social psychology 703.2.3.1 Authority and its abuse 713.2.3.2 The bystander effect 723.2.4 The social-brain theory of deception 733.2.5 Heuristics, biases and behavioural economics 763.2.5.1 Prospect theory and risk misperception 773.2.5.2 Present bias and hyperbolic discounting 783.2.5.3 Defaults and nudges 793.2.5.4 The default to intentionality 793.2.5.5 The affect heuristic 803.2.5.6 Cognitive dissonance 813.2.5.7 The risk thermostat 813.3 Deception in practice 813.3.1 The salesman and the scamster 823.3.2 Social engineering 843.3.3 Phishing 863.3.4 Opsec 883.3.5 Deception research 893.4 Passwords 903.4.1 Password recovery 923.4.2 Password choice 943.4.3 Difficulties with reliable password entry 943.4.4 Difficulties with remembering the password 953.4.4.1 Naïve choice 963.4.4.2 User abilities and training 963.4.4.3 Design errors 983.4.4.4 Operational failures 1003.4.4.5 Social-engineering attacks 1013.4.4.6 Customer education 1023.4.4.7 Phishing warnings 1033.4.5 System issues 1043.4.6 Can you deny service? 1053.4.7 Protecting oneself or others? 1053.4.8 Attacks on password entry 1063.4.8.1 Interface design 1063.4.8.2 Trusted path, and bogus terminals 1073.4.8.3 Technical defeats of password retry counters 1073.4.9 Attacks on password storage 1083.4.9.1 One-way encryption 1093.4.9.2 Password cracking 1093.4.9.3 Remote password checking 1093.4.10 Absolute limits 1103.4.11 Using a password manager 1113.4.12 Will we ever get rid of passwords? 1133.5 CAPTCHAs 1153.6 Summary 116Research problems 117Further reading 118Chapter 4 Protocols 1194.1 Introduction 1194.2 Password eavesdropping risks 1204.3 Who goes there? - simple authentication 1224.3.1 Challenge and response 1244.3.2 Two-factor authentication 1284.3.3 The MIG-in-the-middle attack 1294.3.4 Reflection attacks 1324.4 Manipulating the message 1334.5 Changing the environment 1344.6 Chosen protocol attacks 1354.7 Managing encryption keys 1364.7.1 The resurrecting duckling 1374.7.2 Remote key management 1374.7.3 The Needham-Schroeder protocol 1384.7.4 Kerberos 1394.7.5 Practical key management 1414.8 Design assurance 1414.9 Summary 143Research problems 143Further reading 144Chapter 5 Cryptography 1455.1 Introduction 1455.2 Historical background 1465.2.1 An early stream cipher - the Vigenère 1475.2.2 The one-time pad 1485.2.3 An early block cipher - Playfair 1505.2.4 Hash functions 1525.2.5 Asymmetric primitives 1545.3 Security models 1555.3.1 Random functions - hash functions 1575.3.1.1 Properties 1575.3.1.2 The birthday theorem 1585.3.2 Random generators - stream ciphers 1595.3.3 Random permutations - block ciphers 1615.3.4 Public key encryption and trapdoor one-way permutations 1635.3.5 Digital signatures 1645.4 Symmetric crypto algorithms 1655.4.1 SP-networks 1655.4.1.1 Block size 1665.4.1.2 Number of rounds 1665.4.1.3 Choice of S-boxes 1675.4.1.4 Linear cryptanalysis 1675.4.1.5 Differential cryptanalysis 1685.4.2 The Advanced Encryption Standard (AES) 1695.4.3 Feistel ciphers 1715.4.3.1 The Luby-Rackoff result 1735.4.3.2 DES 1735.5 Modes of operation 1755.5.1 How not to use a block cipher 1765.5.2 Cipher block chaining 1775.5.3 Counter encryption 1785.5.4 Legacy stream cipher modes 1785.5.5 Message authentication code 1795.5.6 Galois counter mode 1805.5.7 XTS 1805.6 Hash functions 1815.6.1 Common hash functions 1815.6.2 Hash function applications - HMAC, commitments and updating 1835.7 Asymmetric crypto primitives 1855.7.1 Cryptography based on factoring 1855.7.2 Cryptography based on discrete logarithms 1885.7.2.1 One-way commutative encryption 1895.7.2.2 Diffie-Hellman key establishment 1905.7.2.3 ElGamal digital signature and DSA 1925.7.3 Elliptic curve cryptography 1935.7.4 Certification authorities 1945.7.5 TLS 1955.7.5.1 TLS uses 1965.7.5.2 TLS security 1965.7.5.3 TLS 1.3 1975.7.6 Other public-key protocols 1975.7.6.1 Code signing 1975.7.6.2 PGP/GPG 1985.7.6.3 QUIC 1995.7.7 Special-purpose primitives 1995.7.8 How strong are asymmetric cryptographic primitives? 2005.7.9 What else goes wrong 2025.8 Summary 203Research problems 204Further reading 204Chapter 6 Access Control 2076.1 Introduction 2076.2 Operating system access controls 2096.2.1 Groups and roles 2106.2.2 Access control lists 2116.2.3 Unix operating system security 2126.2.4 Capabilities 2146.2.5 DAC and MAC 2156.2.6 Apple's macOS 2176.2.7 iOS 2176.2.8 Android 2186.2.9 Windows 2196.2.10 Middleware 2226.2.10.1 Database access controls 2226.2.10.2 Browsers 2236.2.11 Sandboxing 2246.2.12 Virtualisation 2256.3 Hardware protection 2276.3.1 Intel processors 2286.3.2 Arm processors 2306.4 What goes wrong 2316.4.1 Smashing the stack 2326.4.2 Other technical attacks 2346.4.3 User interface failures 2366.4.4 Remedies 2376.4.5 Environmental creep 2386.5 Summary 239Research problems 240Further reading 240Chapter 7 Distributed Systems 2437.1 Introduction 2437.2 Concurrency 2447.2.1 Using old data versus paying to propagate state 2457.2.2 Locking to prevent inconsistent updates 2467.2.3 The order of updates 2477.2.4 Deadlock 2487.2.5 Non-convergent state 2497.2.6 Secure time 2507.3 Fault tolerance and failure recovery 2517.3.1 Failure models 2527.3.1.1 Byzantine failure 2527.3.1.2 Interaction with fault tolerance 2537.3.2 What is resilience for? 2547.3.3 At what level is the redundancy? 2557.3.4 Service-denial attacks 2577.4 Naming 2597.4.1 The Needham naming principles 2607.4.2 What else goes wrong 2637.4.2.1 Naming and identity 2647.4.2.2 Cultural assumptions 2657.4.2.3 Semantic content of names 2677.4.2.4 Uniqueness of names 2687.4.2.5 Stability of names and addresses 2697.4.2.6 Restrictions on the use of names 2697.4.3 Types of name 2707.5 Summary 271Research problems 272Further reading 273Chapter 8 Economics 2758.1 Introduction 2758.2 Classical economics 2768.2.1 Monopoly 2788.3 Information economics 2818.3.1 Why information markets are different 2818.3.2 The value of lock-in 2828.3.3 Asymmetric information 2848.3.4 Public goods 2858.4 Game theory 2868.4.1 The prisoners' dilemma 2878.4.2 Repeated and evolutionary games 2888.5 Auction theory 2918.6 The economics of security and dependability 2938.6.1 Why is Windows so insecure? 2948.6.2 Managing the patching cycle 2968.6.3 Structural models of attack and defence 2988.6.4 The economics of lock-in, tying and DRM 3008.6.5 Antitrust law and competition policy 3028.6.6 Perversely motivated guards 3048.6.7 Economics of privacy 3058.6.8 Organisations and human behaviour 3078.6.9 Economics of cybercrime 3088.7 Summary 310Research problems 311Further reading 311Part IIChapter 9 Multilevel Security 3159.1 Introduction 3159.2 What is a security policy model? 3169.3 Multilevel security policy 3189.3.1 The Anderson report 3199.3.2 The Bell-LaPadula model 3209.3.3 The standard criticisms of Bell-LaPadula 3219.3.4 The evolution of MLS policies 3239.3.5 The Biba model 3259.4 Historical examples of MLS systems 3269.4.1 SCOMP 3269.4.2 Data diodes 3279.5 MAC: from MLS to IFC and integrity 3299.5.1 Windows 3299.5.2 SELinux 3309.5.3 Embedded systems 3309.6 What goes wrong 3319.6.1 Composability 3319.6.2 The cascade problem 3329.6.3 Covert channels 3339.6.4 The threat from malware 3339.6.5 Polyinstantiation 3349.6.6 Practical problems with MLS 3359.7 Summary 337Research problems 338Further reading 339Chapter 10 Boundaries 34110.1 Introduction 34110.2 Compartmentation and the lattice model 34410.3 Privacy for tigers 34610.4 Health record privacy 34910.4.1 The threat model 35110.4.2 The BMA security policy 35310.4.3 First practical steps 35610.4.4 What actually goes wrong 35710.4.4.1 Emergency care 35810.4.4.2 Resilience 35910.4.4.3 Secondary uses 35910.4.5 Confidentiality - the future 36210.4.6 Ethics 36510.4.7 Social care and education 36710.4.8 The Chinese Wall 36910.5 Summary 371Research problems 372Further reading 373Chapter 11 Inference Control 37511.1 Introduction 37511.2 The early history of inference control 37711.2.1 The basic theory of inference control 37811.2.1.1 Query set size control 37811.2.1.2 Trackers 37911.2.1.3 Cell suppression 37911.2.1.4 Other statistical disclosure control mechanisms 38011.2.1.5 More sophisticated query controls 38111.2.1.6 Randomization 38211.2.2 Limits of classical statistical security 38311.2.3 Active attacks 38411.2.4 Inference control in rich medical data 38511.2.5 The third wave: preferences and search 38811.2.6 The fourth wave: location and social 38911.3 Differential privacy 39211.4 Mind the gap? 39411.4.1 Tactical anonymity and its problems 39511.4.2 Incentives 39811.4.3 Alternatives 39911.4.4 The dark side 40011.5 Summary 401Research problems 402Further reading 402Chapter 12 Banking and Bookkeeping 40512.1 Introduction 40512.2 Bookkeeping systems 40612.2.1 Double-entry bookkeeping 40812.2.2 Bookkeeping in banks 40812.2.3 The Clark-Wilson security policy model 41012.2.4 Designing internal controls 41112.2.5 Insider frauds 41512.2.6 Executive frauds 41612.2.6.1 The post office case 41812.2.6.2 Other failures 41912.2.6.3 Ecological validity 42012.2.6.4 Control tuning and corporate governance 42112.2.7 Finding the weak spots 42212.3 Interbank payment systems 42412.3.1 A telegraphic history of E-commerce 42412.3.2 SWIFT 42512.3.3 What goes wrong 42712.4 Automatic teller machines 43012.4.1 ATM basics 43012.4.2 What goes wrong 43312.4.3 Incentives and injustices 43712.5 Credit cards 43812.5.1 Credit card fraud 43912.5.2 Online card fraud 44012.5.3 3DS 44312.5.4 Fraud engines 44412.6 EMV payment cards 44512.6.1 Chip cards 44512.6.1.1 Static data authentication 44612.6.1.2 ICVVs, DDA and CDA 45012.6.1.3 The No-PIN attack 45112.6.2 The preplay attack 45212.6.3 Contactless 45412.7 Online banking 45712.7.1 Phishing 45712.7.2 CAP 45812.7.3 Banking malware 45912.7.4 Phones as second factors 45912.7.5 Liability 46112.7.6 Authorised push payment fraud 46212.8 Nonbank payments 46312.8.1 M-Pesa 46312.8.2 Other phone payment systems 46412.8.3 Sofort, and open banking 46512.9 Summary 466Research problems 466Further reading 468Chapter 13 Locks and Alarms 47113.1 Introduction 47113.2 Threats and barriers 47213.2.1 Threat model 47313.2.2 Deterrence 47413.2.3 Walls and barriers 47613.2.4 Mechanical locks 47813.2.5 Electronic locks 48213.3 Alarms 48413.3.1 How not to protect a painting 48513.3.2 Sensor defeats 48613.3.3 Feature interactions 48813.3.4 Attacks on communications 48913.3.5 Lessons learned 49313.4 Summary 494Research problems 495Further reading 495Chapter 14 Monitoring and Metering 49714.1 Introduction 49714.2 Prepayment tokens 49814.2.1 Utility metering 49914.2.2 How the STS system works 50114.2.3 What goes wrong 50214.2.4 Smart meters and smart grids 50414.2.5 Ticketing fraud 50814.3 Taxi meters, tachographs and truck speed limiters 50914.3.1 The tachograph 50914.3.2 What goes wrong 51114.3.2.1 How most tachograph manipulation is done 51114.3.2.2 Tampering with the supply 51214.3.2.3 Tampering with the instrument 51214.3.2.4 High-tech attacks 51314.3.3 Digital tachographs 51414.3.3.1 System-level problems 51514.3.3.2 Other problems 51614.3.4 Sensor defeats and third-generation devices 51814.3.5 The fourth generation - smart tachographs 51814.4 Curfew tags: GPS as policeman 51914.5 Postage meters 52214.6 Summary 526Research problems 527Further reading 527Chapter 15 Nuclear Command and Control 52915.1 Introduction 52915.2 The evolution of command and control 53215.2.1 The Kennedy memorandum 53215.2.2 Authorization, environment, intent 53415.3 Unconditionally secure authentication 53415.4 Shared control schemes 53615.5 Tamper resistance and PALs 53815.6 Treaty verification 54015.7 What goes wrong 54115.7.1 Nuclear accidents 54115.7.2 Interaction with cyberwar 54215.7.3 Technical failures 54315.8 Secrecy or openness? 54415.9 Summary 545Research problems 546Further reading 546Chapter 16 Security Printing and Seals 54916.1 Introduction 54916.2 History 55016.3 Security printing 55116.3.1 Threat model 55216.3.2 Security printing techniques 55316.4 Packaging and seals 55716.4.1 Substrate properties 55816.4.2 The problems of glue 55816.4.3 PIN mailers 55916.5 Systemic vulnerabilities 56016.5.1 Peculiarities of the threat model 56216.5.2 Anti-gundecking measures 56316.5.3 The effect of random failure 56416.5.4 Materials control 56416.5.5 Not protecting the right things 56516.5.6 The cost and nature of inspection 56616.6 Evaluation methodology 56716.7 Summary 569Research problems 569Further reading 570Chapter 17 Biometrics 57117.1 Introduction 57117.2 Handwritten signatures 57217.3 Face recognition 57517.4 Fingerprints 57917.4.1 Verifying positive or negative identity claims 58117.4.2 Crime scene forensics 58417.5 Iris codes 58817.6 Voice recognition and morphing 59017.7 Other systems 59117.8 What goes wrong 59317.9 Summary 596Research problems 597Further reading 597Chapter 18 Tamper Resistance 59918.1 Introduction 59918.2 History 60118.3 Hardware security modules 60118.4 Evaluation 60718.5 Smartcards and other security chips 60918.5.1 History 60918.5.2 Architecture 61018.5.3 Security evolution 61118.5.4 Random number generators and PUFs 62118.5.5 Larger chips 62418.5.6 The state of the art 62818.6 The residual risk 63018.6.1 The trusted interface problem 63018.6.2 Conflicts 63118.6.3 The lemons market, risk dumping and evaluation games 63218.6.4 Security-by-obscurity 63218.6.5 Changing environments 63318.7 So what should one protect? 63418.8 Summary 636Research problems 636Further reading 636Chapter 19 Side Channels 63919.1 Introduction 63919.2 Emission security 64019.2.1 History 64119.2.2 Technical surveillance and countermeasures 64219.3 Passive attacks 64519.3.1 Leakage through power and signal cables 64519.3.2 Leakage through RF signals 64519.3.3 What goes wrong 64919.4 Attacks between and within computers 65019.4.1 Timing analysis 65119.4.2 Power analysis 65219.4.3 Glitching and differential fault analysis 65519.4.4 Rowhammer, CLKscrew and Plundervolt 65619.4.5 Meltdown, Spectre and other enclave side channels 65719.5 Environmental side channels 65919.5.1 Acoustic side channels 65919.5.2 Optical side channels 66119.5.3 Other side-channels 66119.6 Social side channels 66319.7 Summary 663Research problems 664Further reading 664Chapter 20 Advanced Cryptographic Engineering 66720.1 Introduction 66720.2 Full-disk encryption 66820.3 Signal 67020.4 Tor 67420.5 HSMs 67720.5.1 The xor-to-null-key attack 67720.5.2 Attacks using backwards compatibility and time-memory tradeoffs 67820.5.3 Differential protocol attacks 67920.5.4 The EMV attack 68120.5.5 Hacking the HSMs in CAs and clouds 68120.5.6 Managing HSM risks 68120.6 Enclaves 68220.7 Blockchains 68520.7.1 Wallets 68820.7.2 Miners 68920.7.3 Smart contracts 68920.7.4 Off-chain payment mechanisms 69120.7.5 Exchanges, cryptocrime and regulation 69220.7.6 Permissioned blockchains 69520.8 Crypto dreams that failed 69520.9 Summary 696Research problems 698Further reading 698Chapter 21 Network Attack and Defence 69921.1 Introduction 69921.2 Network protocols and service denial 70121.2.1 BGP security 70121.2.2 DNS security 70321.2.3 UDP, TCP, SYN floods and SYN reflection 70421.2.4 Other amplifiers 70521.2.5 Other denial-of-service attacks 70621.2.6 Email - from spies to spammers 70621.3 The malware menagerie - Trojans, worms and RATs 70821.3.1 Early history of malware 70921.3.2 The Internet worm 71021.3.3 Further malware evolution 71121.3.4 How malware works 71321.3.5 Countermeasures 71421.4 Defense against network attack 71521.4.1 Filtering: firewalls, censorware and wiretaps 71721.4.1.1 Packet filtering 71821.4.1.2 Circuit gateways 71821.4.1.3 Application proxies 71921.4.1.4 Ingress versus egress filtering 71921.4.1.5 Architecture 72021.4.2 Intrusion detection 72221.4.2.1 Types of intrusion detection 72221.4.2.2 General limitations of intrusion detection 72421.4.2.3 Specific problems detecting network attacks 72421.5 Cryptography: the ragged boundary 72521.5.1 SSH 72621.5.2 Wireless networking at the periphery 72721.5.2.1 WiFi 72721.5.2.2 Bluetooth 72821.5.2.3 HomePlug 72921.5.2.4 VPNs 72921.6 CAs and PKI 73021.7 Topology 73321.8 Summary 734Research problems 734Further reading 735Chapter 22 Phones 73722.1 Introduction 73722.2 Attacks on phone networks 73822.2.1 Attacks on phone-call metering 73922.2.2 Attacks on signaling 74222.2.3 Attacks on switching and configuration 74322.2.4 Insecure end systems 74522.2.5 Feature interaction 74622.2.6 VOIP 74722.2.7 Frauds by phone companies 74822.2.8 Security economics of telecomms 74922.3 Going mobile 75022.3.1 GSM 75122.3.2 3G 75522.3.3 4G 75722.3.4 5G and beyond 75822.3.5 General MNO failings 76022.4 Platform security 76122.4.1 The Android app ecosystem 76322.4.1.1 App markets and developers 76422.4.1.2 Bad Android implementations 76422.4.1.3 Permissions 76622.4.1.4 Android malware 76722.4.1.5 Ads and third-party services 76822.4.1.6 Pre-installed apps 77022.4.2 Apple's app ecosystem 77022.4.3 Cross-cutting issues 77422.5 Summary 775Research problems 776Further reading 776Chapter 23 Electronic and Information Warfare 77723.1 Introduction 77723.2 Basics 77823.3 Communications systems 77923.3.1 Signals intelligence techniques 78123.3.2 Attacks on communications 78423.3.3 Protection techniques 78523.3.3.1 Frequency hopping 78623.3.3.2 DSSS 78723.3.3.3 Burst communications 78823.3.3.4 Combining covertness and jam resistance 78923.3.4 Interaction between civil and military uses 79023.4 Surveillance and target acquisition 79123.4.1 Types of radar 79223.4.2 Jamming techniques 79323.4.3 Advanced radars and countermeasures 79523.4.4 Other sensors and multisensor issues 79623.5 IFF systems 79723.6 Improvised explosive devices 80023.7 Directed energy weapons 80223.8 Information warfare 80323.8.1 Attacks on control systems 80523.8.2 Attacks on other infrastructure 80823.8.3 Attacks on elections and political stability 80923.8.4 Doctrine 81123.9 Summary 812Research problems 813Further reading 813Chapter 24 Copyright and DRM 81524.1 Introduction 81524.2 Copyright 81724.2.1 Software 81724.2.2 Free software, free culture? 82324.2.3 Books and music 82724.2.4 Video and pay-TV 82824.2.4.1 Typical system architecture 82924.2.4.2 Video scrambling techniques 83024.2.4.3 Attacks on hybrid scrambling systems 83224.2.4.4 DVB 83624.2.5 DVD 83724.3 DRM on general-purpose computers 83824.3.1 Windows media rights management 83924.3.2 FairPlay, HTML5 and other DRM systems 84024.3.3 Software obfuscation 84124.3.4 Gaming, cheating, and DRM 84324.3.5 Peer-to-peer systems 84524.3.6 Managing hardware design rights 84724.4 Information hiding 84824.4.1 Watermarks and copy generation management 84924.4.2 General information hiding techniques 84924.4.3 Attacks on copyright marking schemes 85124.5 Policy 85424.5.1 The IP lobby 85724.5.2 Who benefits? 85924.6 Accessory control 86024.7 Summary 862Research problems 862Further reading 863Chapter 25 New Directions? 86525.1 Introduction 86525.2 Autonomous and remotely-piloted vehicles 86625.2.1 Drones 86625.2.2 Self-driving cars 86725.2.3 The levels and limits of automation 86925.2.4 How to hack a self-driving car 87225.3 AI / ML 87425.3.1 ML and security 87525.3.2 Attacks on ML systems 87625.3.3 ML and society 87925.4 PETS and operational security 88225.4.1 Anonymous messaging devices 88525.4.2 Social support 88725.4.3 Living off the land 89025.4.4 Putting it all together 89125.4.5 The name's Bond. James Bond 89325.5 Elections 89525.5.1 The history of voting machines 89625.5.2 Hanging chads 89625.5.3 Optical scan 89825.5.4 Software independence 89925.5.5 Why electronic elections are hard 90025.6 Summary 904Research problems 904Further reading 905Part IIIChapter 26 Surveillance or Privacy? 90926.1 Introduction 90926.2 Surveillance 91226.2.1 The history of government wiretapping 91226.2.2 Call data records (CDRs) 91626.2.3 Search terms and location data 91926.2.4 Algorithmic processing 92026.2.5 ISPs and CSPs 92126.2.6 The Five Eyes' system of systems 92226.2.7 The crypto wars 92526.2.7.1 The back story to crypto policy 92626.2.7.2 DES and crypto research 92726.2.7.3 CryptoWar 1 - the Clipper chip 92826.2.7.4 CryptoWar 2 - going spotty 93126.2.8 Export control 93426.3 Terrorism 93626.3.1 Causes of political violence 93626.3.2 The psychology of political violence 93726.3.3 The role of institutions 93826.3.4 The democratic response 94026.4 Censorship 94126.4.1 Censorship by authoritarian regimes 94226.4.2 Filtering, hate speech and radicalisation 94426.5 Forensics and rules of evidence 94826.5.1 Forensics 94826.5.2 Admissibility of evidence 95026.5.3 What goes wrong 95126.6 Privacy and data protection 95326.6.1 European data protection 95326.6.2 Privacy regulation in the USA 95626.6.3 Fragmentation? 95826.7 Freedom of information 96026.8 Summary 961Research problems 962Further reading 962Chapter 27 Secure Systems Development 96527.1 Introduction 96527.2 Risk management 96627.3 Lessons from safety-critical systems 96927.3.1 Safety engineering methodologies 97027.3.2 Hazard analysis 97127.3.3 Fault trees and threat trees 97127.3.4 Failure modes and effects analysis 97227.3.5 Threat modelling 97327.3.6 Quantifying risks 97527.4 Prioritising protection goals 97827.5 Methodology 98027.5.1 Top-down design 98127.5.2 Iterative design: from spiral to agile 98327.5.3 The secure development lifecycle 98527.5.4 Gated development 98727.5.5 Software as a Service 98827.5.6 From DevOps to DevSecOps 99127.5.6.1 The Azure ecosystem 99127.5.6.2 The Google ecosystem 99227.5.6.3 Creating a learning system 99427.5.7 The vulnerability cycle 99527.5.7.1 The CVE system 99727.5.7.2 Coordinated disclosure 99827.5.7.3 Security incident and event management 99927.5.8 Organizational mismanagement of risk 100027.6 Managing the team 100427.6.1 Elite engineers 100427.6.2 Diversity 100527.6.3 Nurturing skills and attitudes 100727.6.4 Emergent properties 100827.6.5 Evolving your workflow 100827.6.6 And finally... 101027.7 Summary 1010Research problems 1011Further reading 1012Chapter 28 Assurance and Sustainability 101528.1 Introduction 101528.2 Evaluation 101828.2.1 Alarms and locks 101928.2.2 Safety evaluation regimes 101928.2.3 Medical device safety 102028.2.4 Aviation safety 102328.2.5 The Orange book 102528.2.6 FIPS 140 and HSMs 102628.2.7 The common criteria 102628.2.7.1 The gory details 102728.2.7.2 What goes wrong with the Common Criteria 102928.2.7.3 Collaborative protection profiles 103128.2.8 The 'Principle of Maximum Complacency' 103228.2.9 Next steps 103428.3 Metrics and dynamics of dependability 103628.3.1 Reliability growth models 103628.3.2 Hostile review 103928.3.3 Free and open-source software 104028.3.4 Process assurance 104228.4 The entanglement of safety and security 104428.4.1 The electronic safety and security of cars 104628.4.2 Modernising safety and security regulation 104928.4.3 The Cybersecurity Act 2019 105028.5 Sustainability 105128.5.1 The Sales of goods directive 105228.5.2 New research directions 105328.6 Summary 1056Research problems 1057Further reading 1058Chapter 29 Beyond "Computer Says No" 1059Bibliography 1061Index 1143