The Weakest Link Fallacy

A popular wisdom in the security field is that a system is as secure as its weakest link. In fact, it is probably one of the few sayings that is well known outside our community by the general public. This is not a big surprise. The saying sounds reasonable for anyone who has gotten his bike stolen because of a weak lock, or a cut chain. It also sounds obvious to anyone who got his house burgled through the back door, while the front door was locked tight.

The point is that secure systems, or at least properly designed secure systems, are never built as a chain. They are over-engineered, like planes, or bridges. If an engine on a plane fails, it will still be able to fly and land safely on an airport. The suspension of a bridge does not fail if one screw breaks.

A house may have locks on all doors and windows, but have a burglar alarm as well. A kind of intrusion detection system, in a way. If the first line of defence fails because a lock is broken, the intruder still has to bypass the alarm. The security of the system is not as weak as the weakest lock: it is as weak as the combination of the weakest lock _and_ the strength of the burglar alarm.

Leave a Comment