Archives For incompatibility

Separation of privilege and the avoidance of unpleasant surprises

Another post in an occasional series on how Saltzer and Schroeder’s eight principles of security and safety engineering seem to overlap in a number of areas, and what we might get from looking at safety with from a security perspective. In this post I’ll look at the concept of separation of privilege.

Continue Reading…

At the height of the cold war with bombers carrying nuclear weapons on airborne alert and the strategic forces of both sides on a knife edge the possibility that a nuclear weapon could go off purely by accident and trigger nuclear war was a disquieting one.

Both sides realised that the risk of inadvertently starting World War III had to be minimised, and on the American side after several near misses in the 40s and 50s engineers at Los Alamos and Sandia labs started to work seriously on how to prevent nuclear weapons from going off by accident.

Continue Reading…