Now that there's software in everything how can you make anything secure? Understand how to
engineer dependable systems with this newly updated classic In Security Engineering: A Guide to
Building Dependable Distributed Systems Third Edition Cambridge University professor Ross
Anderson updates his classic textbook and teaches readers how to design implement and test
systems to withstand both error and attack. This book became a best-seller in 2001 and helped
establish the discipline of security engineering. By the second edition in 2008 underground
dark markets had let the bad guys specialize and scale up attacks were increasingly on users
rather than on technology. The book repeated its success by showing how security engineers can
focus on usability. Now the third edition brings it up to date for 2020. As people now go
online from phones more than laptops most servers are in the cloud online advertising drives
the Internet and social networks have taken over much human interaction many patterns of crime
and abuse are the same but the methods have evolved. Ross Anderson explores what security
engineering means in 2020 including: * How the basic elements of cryptography protocols and
access control translate to the new world of phones cloud services social media and the
Internet of Things * Who the attackers are - from nation states and business competitors
through criminal gangs to stalkers and playground bullies * What they do - from phishing and
carding through SIM swapping and software exploits to DDoS and fake news * Security psychology
from privacy through ease-of-use to deception * The economics of security and dependability -
why companies build vulnerable systems and governments look the other way * How dozens of
industries went online - well or badly * How to manage security and safety engineering in a
world of agile development - from reliability engineering to DevSecOps The third edition of
Security Engineering ends with a grand challenge: sustainable security. As we build ever more
software and connectivity into safety-critical durable goods like cars and medical devices how
do we design systems we can maintain and defend for decades? Or will everything in the world
need monthly software upgrades and become unsafe once they stop?
