often not adequately recognized as essential elements—especially in system architectures, system
development, and in curricula. The attackers
seem to be gaining faster than the defenders. The
current state of the practice in the use of computer
systems in elections is particularly appalling; the
standards are weak, and the bar is set way below
the financial sector and even gambling machines.
Vulnerabilities in our critical
infrastructures are equally worrisome. High-assurance multilevel
security is still more or less a
dream, although its practical existence in mainstream systems
would provide possibilities that
do not exist today.
These and many more subjects
have been considered in ACM’s
SIGSOFT Software Engineering
Notes (SEN) (which I created in
1976 and edited until Will Tracz
took over in 1994; www.sig-soft.org/SEN/), the ACM Risks
Forum (since 1985; www.risks.
org), and CACM’s “Inside Risks”
columns (since July 1990; www.
html). (My book Computer-Related
Risks, published in 1995, is still basically sound despite its age, because
many things have not fundamentally changed.) Thus, it seems useful
to provide some background that
might not be familiar especially to
younger ACM members, and to
consider what lessons might be
SEN has served as an outlet for
discussions of systems that did
not work as expected, as well as
how such problems might be
avoided. But that was perhaps
only preaching to the converted.
For several years, SEN included
an annual updated list of Illustrative Risks to the
Public in the Use of Computers—until the list
became too long and became searchable online
With the ever-increasing volume of salient RISKS
cases, I am less inclined to keep the index current.
Besides, Lindsay Marshall has provided a nice
searchable Web site at Newcastle University for