Failing badly explained

Failing badly and failing well are concepts in systems security and network security (and engineering in general) describing how a system reacts to failure. The terms have been popularized by Bruce Schneier, a cryptographer and security consultant.[1] [2]

Failing badly

A system that fails badly is one that has a catastrophic result when failure occurs. A single point of failure can thus bring down the whole system. Examples include:

Failing well

A system that fails well is one that compartmentalizes or contains its failure. Examples include:

Designing a system to 'fail well' has also been alleged to be a better use of limited security funds than the typical quest to eliminate all potential sources of errors and failure.[4]

Notes and References

  1. http://charlesmann.org/articles/Homeland-Insecurity-Atlantic.pdf Homeland Insecurity
  2. Book: David Hillson . 29 March 2011 . The Failure Files: Perspectives on Failure . Triarchy Press . 146 . 9781908009302 .
  3. Web site: Eric Vanderburg. Fail Secure – The right way to fail. PC Security World. February 18, 2013. Eric Vanderburg. November 11, 2014. October 27, 2014. https://web.archive.org/web/20141027212841/http://www.pcsecurityworld.com/313/fail-secure-the-right-way-to-fail.html. dead.
  4. Failing Well with Information Security - Young, William; Apogee Ltd Consulting, 2003