Philosophy of security engineering

Item does not contain fulltextIn this contribution, we cover the major philosophical concepts describing the field of security engineering, drawing on literature from philosophy, criminology, and engineering disciplines, with a focus on computer science and cybersecurity. We show that security distinguishes itself as a topic in engineering because it entails a combination of (a) dealing with adversaries and adversarial risk, (b) the intricacies of non-functional requirements and associated verifiability problems, (c) poorly established guidelines for a "science of security" and associated metrics, and (d) a heavily politicized context. While outlining these topics, we will touch upon several key debates in the field, such as secret versus transparent security, and user versus designer responsibility