Security and Quality

Security is a matter of usability and one of elements of quality of a system. ain’t it literally a matter of “safety”? how come Quality does care about a defect related to safety of a user in physical world but not the virtual world?

security bug is named differently: security vulnerability, but ain’t just a bug that needs to be taken care of during quality controls? security has been always part of quality, we just ignored it, and by “we” I mean software developers and system designers.

let me state again: Security has to be part of Quality Assurance. Security bugs aka vulnerabilities, have to be addressed just like any other bugs to make the software “Usable” and with better Quality.

I personally think if years ago we really understood ISO 9001, we would not need to have a new framework or standard for Security! everything in 9001 imply improving Quality of a Product, Processes which support the Usability of a system.

and it is about willingness to do, when we are not willing to do, does not matter how different you say or how many different standard or regulation we make, we will ignore it, and that’s why I believe none of those (standards, regulations, frameworks…) are really adding any value to security community, as long as we ignore.

Kaveh Mofidi

By Kaveh Mofidi

I find simple solutions for complex problems. While I enjoy working with information security and computers, our challenges extend far beyond securing data. The real task is to discover solutions for unlimited clean energy, drinkable water, and addressing the root causes of hunger, war, and injustice. Our primary goal should be to keep our planet livable; that is the true challenge we face on Earth!

Leave a comment