Security chaos engineering: sustaining resilience in software and systems
Gespeichert in:
| Hauptverfasser: | , |
|---|---|
| Format: | Elektronisch E-Book |
| Sprache: | English |
| Veröffentlicht: |
Beijing
O'Reilly
2023
|
| Ausgabe: | First edition |
| Schlagworte: | |
| Online-Zugang: | DE-1050 |
| Beschreibung: | 1 Online-Ressource (xix, 406 Seiten) |
| ISBN: | 9781098113780 |
Internformat
MARC
| LEADER | 00000nmm a2200000 c 4500 | ||
|---|---|---|---|
| 001 | BV049662140 | ||
| 003 | DE-604 | ||
| 007 | cr|uuu---uuuuu | ||
| 008 | 240423s2023 |||| o||u| ||||||eng d | ||
| 020 | |a 9781098113780 |9 978-1-098-11378-0 | ||
| 035 | |a (OCoLC)1437837203 | ||
| 035 | |a (DE-599)BVBBV049662140 | ||
| 040 | |a DE-604 |b ger |e rda | ||
| 041 | 0 | |a eng | |
| 049 | |a DE-1050 | ||
| 084 | |a ST 277 |0 (DE-625)143643: |2 rvk | ||
| 100 | 1 | |a Shortridge, Kelly |e Verfasser |4 aut | |
| 245 | 1 | 0 | |a Security chaos engineering |b sustaining resilience in software and systems |c Kelly Shortridge with Aaron Rinehart |
| 250 | |a First edition | ||
| 264 | 1 | |a Beijing |b O'Reilly |c 2023 | |
| 300 | |a 1 Online-Ressource (xix, 406 Seiten) | ||
| 336 | |b txt |2 rdacontent | ||
| 337 | |b c |2 rdamedia | ||
| 338 | |b cr |2 rdacarrier | ||
| 505 | 8 | |a Cover -- Copyright -- Table of Contents -- Preface -- Who Should Read This Book? -- Scope of This Book -- Outline of This Book -- Conventions Used in This Book -- O'Reilly Online Learning -- How to Contact Us -- Acknowledgments -- Chapter 1. Resilience in Software and Systems -- What Is a Complex System? -- Variety Defines Complex Systems -- Complex Systems Are Adaptive -- The Holistic Nature of Complex Systems -- What Is Failure? -- Acute and Chronic Stressors in Complex Systems -- Surprises in Complex Systems -- What Is Resilience? -- Critical Functionality -- Safety Boundaries (Thresholds) | |
| 505 | 8 | |a Interactions Across Space-Time -- Feedback Loops and Learning Culture -- Flexibility and Openness to Change -- Resilience Is a Verb -- Resilience: Myth Versus Reality -- Myth: Robustness = Resilience -- Myth: We Can and Should Prevent Failure -- Myth: The Security of Each Component Adds Up to Resilience -- Myth: Creating a "Security Culture" Fixes Human Error -- Chapter Takeaways -- Chapter 2. Systems-Oriented Security -- Mental Models of System Behavior -- How Attackers Exploit Our Mental Models -- Refining Our Mental Models -- Resilience Stress Testing -- The E&E Resilience Assessment Approach | |
| 505 | 8 | |a Evaluation: Tier 1 Assessment -- Mapping Flows to Critical Functionality -- Document Assumptions About Safety Boundaries -- Making Attacker Math Work for You -- Starting the Feedback Flywheel with Decision Trees -- Moving Toward Tier 2: Experimentation -- Experimentation: Tier 2 Assessment -- The Value of Experimental Evidence -- Sustaining Resilience Assessments -- Fail-Safe Versus Safe-to-Fail -- Uncertainty Versus Ambiguity -- Fail-Safe Neglects the Systems Perspective -- The Fragmented World of Fail-Safe -- SCE Versus Security Theater -- What Is Security Theater? | |
| 505 | 8 | |a How Does SCE Differ from Security Theater? -- How to RAVE Your Way to Resilience -- Repeatability: Handling Complexity -- Accessibility: Making Security Easier for Engineers -- Variability: Supporting Evolution -- Chapter Takeaways -- Chapter 3. Architecting and Designing -- The Effort Investment Portfolio -- Allocating Your Effort Investment Portfolio -- Investing Effort Based on Local Context -- The Four Failure Modes Resulting from System Design -- The Two Key Axes of Resilient Design: Coupling and Complexity -- Designing to Preserve Possibilities -- Coupling in Complex Systems | |
| 505 | 8 | |a The Tight Coupling Trade-Off -- The Dangers of Tight Coupling: Taming the Forest -- Investing in Loose Coupling in Software Systems -- Chaos Experiments Expose Coupling -- Complexity in Complex Systems -- Understanding Complexity: Essential and Accidental -- Complexity and Mental Models -- Introducing Linearity into Our Systems -- Designing for Interactivity: Identity and Access Management -- Navigating Flawed Mental Models -- Chapter Takeaways -- Chapter 4. Building and Delivering -- Mental Models When Developing Software -- Who Owns Application Security (and Resilience)? | |
| 650 | 4 | |a Computer security / Management | |
| 650 | 4 | |a Sécurité informatique / Gestion | |
| 650 | 7 | |a Computer security / Management |2 fast | |
| 650 | 0 | 7 | |a Softwareentwicklung |0 (DE-588)4116522-6 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Qualitätsmanagement |0 (DE-588)4219057-5 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Computersicherheit |0 (DE-588)4274324-2 |2 gnd |9 rswk-swf |
| 689 | 0 | 0 | |a Qualitätsmanagement |0 (DE-588)4219057-5 |D s |
| 689 | 0 | 1 | |a Softwareentwicklung |0 (DE-588)4116522-6 |D s |
| 689 | 0 | 2 | |a Computersicherheit |0 (DE-588)4274324-2 |D s |
| 689 | 0 | |5 DE-604 | |
| 700 | 1 | |a Rinehart, Aaron |e Verfasser |4 aut | |
| 776 | 0 | 8 | |i Erscheint auch als |n Druck-Ausgabe |z 978-1-098-11382-7 |
| 912 | |a ZDB-30-PQE | ||
| 943 | 1 | |a oai:aleph.bib-bvb.de:BVB01-035005346 | |
| 966 | e | |u https://ebookcentral.proquest.com/lib/th-deggendorf/detail.action?docID=30460295 |l DE-1050 |p ZDB-30-PQE |q FHD01_PQE_Kauf |x Aggregator |3 Volltext | |
Datensatz im Suchindex
| _version_ | 1814902710092169216 |
|---|---|
| adam_text | |
| any_adam_object | |
| author | Shortridge, Kelly Rinehart, Aaron |
| author_facet | Shortridge, Kelly Rinehart, Aaron |
| author_role | aut aut |
| author_sort | Shortridge, Kelly |
| author_variant | k s ks a r ar |
| building | Verbundindex |
| bvnumber | BV049662140 |
| classification_rvk | ST 277 |
| collection | ZDB-30-PQE |
| contents | Cover -- Copyright -- Table of Contents -- Preface -- Who Should Read This Book? -- Scope of This Book -- Outline of This Book -- Conventions Used in This Book -- O'Reilly Online Learning -- How to Contact Us -- Acknowledgments -- Chapter 1. Resilience in Software and Systems -- What Is a Complex System? -- Variety Defines Complex Systems -- Complex Systems Are Adaptive -- The Holistic Nature of Complex Systems -- What Is Failure? -- Acute and Chronic Stressors in Complex Systems -- Surprises in Complex Systems -- What Is Resilience? -- Critical Functionality -- Safety Boundaries (Thresholds) Interactions Across Space-Time -- Feedback Loops and Learning Culture -- Flexibility and Openness to Change -- Resilience Is a Verb -- Resilience: Myth Versus Reality -- Myth: Robustness = Resilience -- Myth: We Can and Should Prevent Failure -- Myth: The Security of Each Component Adds Up to Resilience -- Myth: Creating a "Security Culture" Fixes Human Error -- Chapter Takeaways -- Chapter 2. Systems-Oriented Security -- Mental Models of System Behavior -- How Attackers Exploit Our Mental Models -- Refining Our Mental Models -- Resilience Stress Testing -- The E&E Resilience Assessment Approach Evaluation: Tier 1 Assessment -- Mapping Flows to Critical Functionality -- Document Assumptions About Safety Boundaries -- Making Attacker Math Work for You -- Starting the Feedback Flywheel with Decision Trees -- Moving Toward Tier 2: Experimentation -- Experimentation: Tier 2 Assessment -- The Value of Experimental Evidence -- Sustaining Resilience Assessments -- Fail-Safe Versus Safe-to-Fail -- Uncertainty Versus Ambiguity -- Fail-Safe Neglects the Systems Perspective -- The Fragmented World of Fail-Safe -- SCE Versus Security Theater -- What Is Security Theater? How Does SCE Differ from Security Theater? -- How to RAVE Your Way to Resilience -- Repeatability: Handling Complexity -- Accessibility: Making Security Easier for Engineers -- Variability: Supporting Evolution -- Chapter Takeaways -- Chapter 3. Architecting and Designing -- The Effort Investment Portfolio -- Allocating Your Effort Investment Portfolio -- Investing Effort Based on Local Context -- The Four Failure Modes Resulting from System Design -- The Two Key Axes of Resilient Design: Coupling and Complexity -- Designing to Preserve Possibilities -- Coupling in Complex Systems The Tight Coupling Trade-Off -- The Dangers of Tight Coupling: Taming the Forest -- Investing in Loose Coupling in Software Systems -- Chaos Experiments Expose Coupling -- Complexity in Complex Systems -- Understanding Complexity: Essential and Accidental -- Complexity and Mental Models -- Introducing Linearity into Our Systems -- Designing for Interactivity: Identity and Access Management -- Navigating Flawed Mental Models -- Chapter Takeaways -- Chapter 4. Building and Delivering -- Mental Models When Developing Software -- Who Owns Application Security (and Resilience)? |
| ctrlnum | (OCoLC)1437837203 (DE-599)BVBBV049662140 |
| discipline | Informatik |
| edition | First edition |
| format | Electronic eBook |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>00000nmm a2200000 c 4500</leader><controlfield tag="001">BV049662140</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="007">cr|uuu---uuuuu</controlfield><controlfield tag="008">240423s2023 |||| o||u| ||||||eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781098113780</subfield><subfield code="9">978-1-098-11378-0</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1437837203</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV049662140</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rda</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-1050</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 277</subfield><subfield code="0">(DE-625)143643:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Shortridge, Kelly</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Security chaos engineering</subfield><subfield code="b">sustaining resilience in software and systems</subfield><subfield code="c">Kelly Shortridge with Aaron Rinehart</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">First edition</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Beijing</subfield><subfield code="b">O'Reilly</subfield><subfield code="c">2023</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 Online-Ressource (xix, 406 Seiten)</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Cover -- Copyright -- Table of Contents -- Preface -- Who Should Read This Book? -- Scope of This Book -- Outline of This Book -- Conventions Used in This Book -- O'Reilly Online Learning -- How to Contact Us -- Acknowledgments -- Chapter 1. Resilience in Software and Systems -- What Is a Complex System? -- Variety Defines Complex Systems -- Complex Systems Are Adaptive -- The Holistic Nature of Complex Systems -- What Is Failure? -- Acute and Chronic Stressors in Complex Systems -- Surprises in Complex Systems -- What Is Resilience? -- Critical Functionality -- Safety Boundaries (Thresholds)</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Interactions Across Space-Time -- Feedback Loops and Learning Culture -- Flexibility and Openness to Change -- Resilience Is a Verb -- Resilience: Myth Versus Reality -- Myth: Robustness = Resilience -- Myth: We Can and Should Prevent Failure -- Myth: The Security of Each Component Adds Up to Resilience -- Myth: Creating a "Security Culture" Fixes Human Error -- Chapter Takeaways -- Chapter 2. Systems-Oriented Security -- Mental Models of System Behavior -- How Attackers Exploit Our Mental Models -- Refining Our Mental Models -- Resilience Stress Testing -- The E&E Resilience Assessment Approach</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Evaluation: Tier 1 Assessment -- Mapping Flows to Critical Functionality -- Document Assumptions About Safety Boundaries -- Making Attacker Math Work for You -- Starting the Feedback Flywheel with Decision Trees -- Moving Toward Tier 2: Experimentation -- Experimentation: Tier 2 Assessment -- The Value of Experimental Evidence -- Sustaining Resilience Assessments -- Fail-Safe Versus Safe-to-Fail -- Uncertainty Versus Ambiguity -- Fail-Safe Neglects the Systems Perspective -- The Fragmented World of Fail-Safe -- SCE Versus Security Theater -- What Is Security Theater?</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">How Does SCE Differ from Security Theater? -- How to RAVE Your Way to Resilience -- Repeatability: Handling Complexity -- Accessibility: Making Security Easier for Engineers -- Variability: Supporting Evolution -- Chapter Takeaways -- Chapter 3. Architecting and Designing -- The Effort Investment Portfolio -- Allocating Your Effort Investment Portfolio -- Investing Effort Based on Local Context -- The Four Failure Modes Resulting from System Design -- The Two Key Axes of Resilient Design: Coupling and Complexity -- Designing to Preserve Possibilities -- Coupling in Complex Systems</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">The Tight Coupling Trade-Off -- The Dangers of Tight Coupling: Taming the Forest -- Investing in Loose Coupling in Software Systems -- Chaos Experiments Expose Coupling -- Complexity in Complex Systems -- Understanding Complexity: Essential and Accidental -- Complexity and Mental Models -- Introducing Linearity into Our Systems -- Designing for Interactivity: Identity and Access Management -- Navigating Flawed Mental Models -- Chapter Takeaways -- Chapter 4. Building and Delivering -- Mental Models When Developing Software -- Who Owns Application Security (and Resilience)?</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer security / Management</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Sécurité informatique / Gestion</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computer security / Management</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Softwareentwicklung</subfield><subfield code="0">(DE-588)4116522-6</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Qualitätsmanagement</subfield><subfield code="0">(DE-588)4219057-5</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Qualitätsmanagement</subfield><subfield code="0">(DE-588)4219057-5</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Softwareentwicklung</subfield><subfield code="0">(DE-588)4116522-6</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="2"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Rinehart, Aaron</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Druck-Ausgabe</subfield><subfield code="z">978-1-098-11382-7</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-30-PQE</subfield></datafield><datafield tag="943" ind1="1" ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-035005346</subfield></datafield><datafield tag="966" ind1="e" ind2=" "><subfield code="u">https://ebookcentral.proquest.com/lib/th-deggendorf/detail.action?docID=30460295</subfield><subfield code="l">DE-1050</subfield><subfield code="p">ZDB-30-PQE</subfield><subfield code="q">FHD01_PQE_Kauf</subfield><subfield code="x">Aggregator</subfield><subfield code="3">Volltext</subfield></datafield></record></collection> |
| id | DE-604.BV049662140 |
| illustrated | Not Illustrated |
| indexdate | 2024-11-05T17:01:41Z |
| institution | BVB |
| isbn | 9781098113780 |
| language | English |
| oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-035005346 |
| oclc_num | 1437837203 |
| open_access_boolean | |
| owner | DE-1050 |
| owner_facet | DE-1050 |
| physical | 1 Online-Ressource (xix, 406 Seiten) |
| psigel | ZDB-30-PQE ZDB-30-PQE FHD01_PQE_Kauf |
| publishDate | 2023 |
| publishDateSearch | 2023 |
| publishDateSort | 2023 |
| publisher | O'Reilly |
| record_format | marc |
| spelling | Shortridge, Kelly Verfasser aut Security chaos engineering sustaining resilience in software and systems Kelly Shortridge with Aaron Rinehart First edition Beijing O'Reilly 2023 1 Online-Ressource (xix, 406 Seiten) txt rdacontent c rdamedia cr rdacarrier Cover -- Copyright -- Table of Contents -- Preface -- Who Should Read This Book? -- Scope of This Book -- Outline of This Book -- Conventions Used in This Book -- O'Reilly Online Learning -- How to Contact Us -- Acknowledgments -- Chapter 1. Resilience in Software and Systems -- What Is a Complex System? -- Variety Defines Complex Systems -- Complex Systems Are Adaptive -- The Holistic Nature of Complex Systems -- What Is Failure? -- Acute and Chronic Stressors in Complex Systems -- Surprises in Complex Systems -- What Is Resilience? -- Critical Functionality -- Safety Boundaries (Thresholds) Interactions Across Space-Time -- Feedback Loops and Learning Culture -- Flexibility and Openness to Change -- Resilience Is a Verb -- Resilience: Myth Versus Reality -- Myth: Robustness = Resilience -- Myth: We Can and Should Prevent Failure -- Myth: The Security of Each Component Adds Up to Resilience -- Myth: Creating a "Security Culture" Fixes Human Error -- Chapter Takeaways -- Chapter 2. Systems-Oriented Security -- Mental Models of System Behavior -- How Attackers Exploit Our Mental Models -- Refining Our Mental Models -- Resilience Stress Testing -- The E&E Resilience Assessment Approach Evaluation: Tier 1 Assessment -- Mapping Flows to Critical Functionality -- Document Assumptions About Safety Boundaries -- Making Attacker Math Work for You -- Starting the Feedback Flywheel with Decision Trees -- Moving Toward Tier 2: Experimentation -- Experimentation: Tier 2 Assessment -- The Value of Experimental Evidence -- Sustaining Resilience Assessments -- Fail-Safe Versus Safe-to-Fail -- Uncertainty Versus Ambiguity -- Fail-Safe Neglects the Systems Perspective -- The Fragmented World of Fail-Safe -- SCE Versus Security Theater -- What Is Security Theater? How Does SCE Differ from Security Theater? -- How to RAVE Your Way to Resilience -- Repeatability: Handling Complexity -- Accessibility: Making Security Easier for Engineers -- Variability: Supporting Evolution -- Chapter Takeaways -- Chapter 3. Architecting and Designing -- The Effort Investment Portfolio -- Allocating Your Effort Investment Portfolio -- Investing Effort Based on Local Context -- The Four Failure Modes Resulting from System Design -- The Two Key Axes of Resilient Design: Coupling and Complexity -- Designing to Preserve Possibilities -- Coupling in Complex Systems The Tight Coupling Trade-Off -- The Dangers of Tight Coupling: Taming the Forest -- Investing in Loose Coupling in Software Systems -- Chaos Experiments Expose Coupling -- Complexity in Complex Systems -- Understanding Complexity: Essential and Accidental -- Complexity and Mental Models -- Introducing Linearity into Our Systems -- Designing for Interactivity: Identity and Access Management -- Navigating Flawed Mental Models -- Chapter Takeaways -- Chapter 4. Building and Delivering -- Mental Models When Developing Software -- Who Owns Application Security (and Resilience)? Computer security / Management Sécurité informatique / Gestion Computer security / Management fast Softwareentwicklung (DE-588)4116522-6 gnd rswk-swf Qualitätsmanagement (DE-588)4219057-5 gnd rswk-swf Computersicherheit (DE-588)4274324-2 gnd rswk-swf Qualitätsmanagement (DE-588)4219057-5 s Softwareentwicklung (DE-588)4116522-6 s Computersicherheit (DE-588)4274324-2 s DE-604 Rinehart, Aaron Verfasser aut Erscheint auch als Druck-Ausgabe 978-1-098-11382-7 |
| spellingShingle | Shortridge, Kelly Rinehart, Aaron Security chaos engineering sustaining resilience in software and systems Cover -- Copyright -- Table of Contents -- Preface -- Who Should Read This Book? -- Scope of This Book -- Outline of This Book -- Conventions Used in This Book -- O'Reilly Online Learning -- How to Contact Us -- Acknowledgments -- Chapter 1. Resilience in Software and Systems -- What Is a Complex System? -- Variety Defines Complex Systems -- Complex Systems Are Adaptive -- The Holistic Nature of Complex Systems -- What Is Failure? -- Acute and Chronic Stressors in Complex Systems -- Surprises in Complex Systems -- What Is Resilience? -- Critical Functionality -- Safety Boundaries (Thresholds) Interactions Across Space-Time -- Feedback Loops and Learning Culture -- Flexibility and Openness to Change -- Resilience Is a Verb -- Resilience: Myth Versus Reality -- Myth: Robustness = Resilience -- Myth: We Can and Should Prevent Failure -- Myth: The Security of Each Component Adds Up to Resilience -- Myth: Creating a "Security Culture" Fixes Human Error -- Chapter Takeaways -- Chapter 2. Systems-Oriented Security -- Mental Models of System Behavior -- How Attackers Exploit Our Mental Models -- Refining Our Mental Models -- Resilience Stress Testing -- The E&E Resilience Assessment Approach Evaluation: Tier 1 Assessment -- Mapping Flows to Critical Functionality -- Document Assumptions About Safety Boundaries -- Making Attacker Math Work for You -- Starting the Feedback Flywheel with Decision Trees -- Moving Toward Tier 2: Experimentation -- Experimentation: Tier 2 Assessment -- The Value of Experimental Evidence -- Sustaining Resilience Assessments -- Fail-Safe Versus Safe-to-Fail -- Uncertainty Versus Ambiguity -- Fail-Safe Neglects the Systems Perspective -- The Fragmented World of Fail-Safe -- SCE Versus Security Theater -- What Is Security Theater? How Does SCE Differ from Security Theater? -- How to RAVE Your Way to Resilience -- Repeatability: Handling Complexity -- Accessibility: Making Security Easier for Engineers -- Variability: Supporting Evolution -- Chapter Takeaways -- Chapter 3. Architecting and Designing -- The Effort Investment Portfolio -- Allocating Your Effort Investment Portfolio -- Investing Effort Based on Local Context -- The Four Failure Modes Resulting from System Design -- The Two Key Axes of Resilient Design: Coupling and Complexity -- Designing to Preserve Possibilities -- Coupling in Complex Systems The Tight Coupling Trade-Off -- The Dangers of Tight Coupling: Taming the Forest -- Investing in Loose Coupling in Software Systems -- Chaos Experiments Expose Coupling -- Complexity in Complex Systems -- Understanding Complexity: Essential and Accidental -- Complexity and Mental Models -- Introducing Linearity into Our Systems -- Designing for Interactivity: Identity and Access Management -- Navigating Flawed Mental Models -- Chapter Takeaways -- Chapter 4. Building and Delivering -- Mental Models When Developing Software -- Who Owns Application Security (and Resilience)? Computer security / Management Sécurité informatique / Gestion Computer security / Management fast Softwareentwicklung (DE-588)4116522-6 gnd Qualitätsmanagement (DE-588)4219057-5 gnd Computersicherheit (DE-588)4274324-2 gnd |
| subject_GND | (DE-588)4116522-6 (DE-588)4219057-5 (DE-588)4274324-2 |
| title | Security chaos engineering sustaining resilience in software and systems |
| title_auth | Security chaos engineering sustaining resilience in software and systems |
| title_exact_search | Security chaos engineering sustaining resilience in software and systems |
| title_full | Security chaos engineering sustaining resilience in software and systems Kelly Shortridge with Aaron Rinehart |
| title_fullStr | Security chaos engineering sustaining resilience in software and systems Kelly Shortridge with Aaron Rinehart |
| title_full_unstemmed | Security chaos engineering sustaining resilience in software and systems Kelly Shortridge with Aaron Rinehart |
| title_short | Security chaos engineering |
| title_sort | security chaos engineering sustaining resilience in software and systems |
| title_sub | sustaining resilience in software and systems |
| topic | Computer security / Management Sécurité informatique / Gestion Computer security / Management fast Softwareentwicklung (DE-588)4116522-6 gnd Qualitätsmanagement (DE-588)4219057-5 gnd Computersicherheit (DE-588)4274324-2 gnd |
| topic_facet | Computer security / Management Sécurité informatique / Gestion Softwareentwicklung Qualitätsmanagement Computersicherheit |
| work_keys_str_mv | AT shortridgekelly securitychaosengineeringsustainingresilienceinsoftwareandsystems AT rinehartaaron securitychaosengineeringsustainingresilienceinsoftwareandsystems |