There was a story I read recently on the Times Online:
French troops were killed after Italy hushed up ‘bribes' to Taleban. What could this tragic event possibly have to do with IT security? Let me explain.
First,there were allegations that the Italian government had been payingbribes to the Taliban in exchange for save haven. But Italy vehemently denied it. Then, last year, ten French troops were killed in what they hadpreviously assessed to be a peaceful area of Afghanistan.
Before France went into this deadly area, they (of course) did a risk assessment. What factored considerably into France's conclusions was the fact that Italian troops were met by little aggression inthe same area. Unfortunately, France went in to the same area butended up in a deadly ambush, resulting in the tragic deaths.
Politicsaside, I think this example illustrates the importance ofconducting a thorough assessment during the requirements phase of anysecurity or software-related effort. If an observation is made during this phase, you should checkto see if there are any dependencies behind it. This way you canbetter identify any variables that could negatively impact thesoftware implementation. Trust but verify, in other words.
Some points to consider:
- Resarchand look for any underpinnings to your conclusions. Make sure there'sno dependencies behind what is observed that are not guaranteed to bethere.
- Interview and observe more than once. How you seethings one time may be completely different the following week. Over aseries of visits you should be able to aggregate and form a morereliable assessment.
In the book
97 Things Every Software Architect Should Know, Timothy Hugh has some good advice.
Bestpractices in software architecture state that you should document therationale behind each decision that is made, especially when thatdecision involves a tradeoff. In more formal approaches, it is commonto record along with each decision the context of that decision,including the "factors" that contributed to the final judgement.
As an analyst, you make certain assumptions after conductinginterviews. This is how we fill the gaps, not only out of time andbudget constraints, but also because this is just human nature. Recognizing and mitigating this behavior can help ensure what isperceived is indeed fact, and this can hopefully prevent ambushes,project-related or otherwise.
More...