Key points are not available for this paper at this time.
Systems of programs control more and more of our critical infrastructures. Forty years of system development and research have taught us many lessons in how to build software that is reliable, relatively free of vulnerabilities, and can enforce security policies. Those years of experience seem not to have taught us how to get these lessons put into practice, particularly with respect to security, except in a few specialized places. This essay suggests an approach to capturing what we know in a way that can make a difference in systems on which we all rely.
Carl E. Landwehr (Mon,) studied this question.