Software systems are becoming less secure even as security technologies improve. There are many reasons for this seemingly paradoxical phenomenon, but they can all be traced back to the problem of complexity.
- Complex systems have more lines of code and therefore security bugs.
- Complex systems have more interactions and therefore more security bugs.
- Complex systems are harder to test and therefore are more likely to have untested portions.
- Complex systems are harder to design securely, implement securely, configure securely, and
use securely.
- Complex systems are harder for users to understand.
Please fill out the form to the right to download this paper. |