What is Security Analysis?

Computer Security

An enormously broad field, Computer Security involves the design and testing of Operating Systems, computer hardware and software, communication via networks and the internet etc. with the aim of being able (in some sense) to verify that a system is suitably secure for its purpose.

Over the last few decades computer systems have moved on enormously, both in the complexity of the hardware and software involved, and in the wide range of applications that they now have. While some computing roles are fairly innocuous, even the infrequent home-user would like to be protected from malicious programs and hackers, and since an increasing majority of computers are connected to the internet this is always a concern.

Perhaps more significantly, computers are used extensively in sensitive areas; e.g. military, politics, company administration, and a breach of secrecy, or a breakdown of communication here can be particularly disastrous... just a little imagination is required to see what trouble could be caused in any of these areas.


As computer systems have become more and more sophisticated, it has become less and less plausible to try and ensure security by inspection and intuition alone. Standard methods of analysing different aspects of the area have been developed; some formal and some less-so, but all aiming to identify and apply key principles of the area. But the area of Security Analysis is constantly developing as new secure designs (and way of breaking into them) are invented. In many cases, systems are now so complex, and feature so much non-deterministic behaviour that it is impossible find an absolutely secure solution, and instead improvements and counter-measures must be aimed at.

next: The CIA Principle >>