Dealing with complex networks of process interactions: a security measure

The majority of faults and consequent errors and failures in computer systems stem from the complexity of the system itself according to B. Schneier (2000). Yet complexity as a non-functional property is largely disregarded from initial development phases or at best is considered "manageable" by the process life cycle. Although at large the property is considered as having being conquered, valid sources inform us as stated in W. B. Kernighan (1987) that complexity as a property - borne by the system or emergent - is the cause of most failures. Furthermore the second most frequent case of failures is that of interaction with the system. In this paper we are looking at one aspect of process interactions. We are presenting a method for modelling and analyzing information system process interactions for the purpose of enhancing security. The paper introduces our work in the area of complex systems and gives a general introduction to our modelling methodology and its usage.