In a software development scenario of your choosing describe

In a software development scenario of your choosing, describe a situation in which designing software for a fail open failure state is preferable to designing for a fail secure failure state.

Solution

System can be designed so that they fail in fail-open state or fail-secure state.

In application development the concept of Fail Open vs. Fail Closed typically relates to how an application should behave when errors and exceptions are encountered. When exceptions are thrown, Fail Open systems allow access as opposed to Fail Closed systems that block access.

When handling errors, developers need to carefully choose what actions to take. In deciding whether to fail open or to fail closed, the outcomes of each must be considered. There are situations where each could be considered more secure than the other. These cases differ and must be decided on an individual basis.

Consider a shopping application that sells music. If a user is purchasing a digital album that will be immediately available for download, what should the application do if an error is encountered while attempting to verify the user’s credit card? Most likely, the application should fail closed and not allow the user access to the digital download. The store would likely not want to give the music away until payment is verified.

In the same application, suppose a user purchases a vinyl album that will be shipped after purchase. If an error is again encountered during the verification of the user’s credit card, the application may wish to fail open. In this case, the music store may be able to reattempt the credit card verification before the vinyl album is shipped. Failing closed in this situation could cost the music store business.

As illustrated in the music store example, there are situations where it is more appropriate to fail open and situations where it is more appropriate to fail closed. If these situations are not analyzed, serious logical security flaws could be introduced.

Often during application development, explicit error handling behaviors are not thought out. When there is not a detailed fail open or fail closed requirement, error handling behaviors could introduce logical security flaws.

Developers and application teams need to be trained in core security concepts. Making incorrect security assumptions could lead to serious vulnerabilities. Understanding the idea of Fail Open vs. Fail Closed helps ensure secure development.