Book Review: Engineering Trustworthy Systems

If you had to name three amazing places to have worked that would cement your background and reputation as an expert in cyber security, then you could do a whole lot worse than NSA, NASA, and DARPA. My good friend and colleague of three decades – Sami Saydjari – has, in fact, spent time during his career in each of these organizations. His work has been focused on helping to make our country safe from advanced, nation-state cyber threats.

I was therefore delighted when Sami told me earlier this year about a new book he was writing – and even more excited when I saw an early draft of Engineering Trustworthy Systems. I recognized immediately this was going to be an amazing and insightful contribution to our field - one that would cover the correct topics in sufficient technical detail with great examples. And now this fine book is available for you to read from the good folks at McGraw-Hill Education.

I love this book so much, because it moves smoothly from traditional topics such as mandatory access control, to modern topics such as advanced cloud security. The diagrams are crisp and useful, and the questions at the end of each chapter do a great job reinforcing the chapter coverage. I specifically liked the discussion on Command and Control: What to Do About Attacks. This is the type of material that could only have been written by someone with Sami’s unique background.

If I had to (honestly) sum up my assessment of this book, it would be this: I am damn jealous that my good friend can produce something this well-done and useful. It seems weird to suggest that you make this book your August beach reading, but – if you are like me – then this is exactly the sort of big fat technical text that makes a sunny afternoon out on the Jersey Shore sand that much better. You can purchase the book here, and I hope you’ll take the time to read it. And as always, please share your review with all of us.