Further Explanation of the Application Behavior Chart

Correct Vs. Secure. 
Software can be correct without being secure.  Indeed, software can meet every requirement and perform every specified action flawlessly yet still be exploited by a malicious user.  This is because security bugs are different from traditional bugs.  In order to locate and prevent security bugs, developers and testers have to think differently.

This chart shows two overlapping circles. The first circle represents the software’s intended, perfect behavior. The second circle represents the actual behavior as coded into the product by developers. As you might expect, these two circles rarely, if ever, overlap perfectly; that is, the software executes its intended functions - and only its intended functions - as it was designed to. 

The intersection of the two circles represents the behaviors that are correct and secure. This part of the software, shown in medium blue, is the intersection of intended and actual functionality—that is, the behaviors that were coded exactly as intended, without insecure side effects. Obviously, the larger this intersection, the better and more secure the software.

The left part of the figure, shown in light green is the portion of the software’s intended behavior that never got implemented or that was implemented with deficient functionality. It is here that we find most traditional software bugs: behaviors that should work one way but are either incompletely or incorrectly implemented.

The right part of the figure shows the portion of the software’s actual behavior that is not part of its intended behavior. In other words, rather than not executing correctly the functions it was designed to perform (that is, traditional software bugs), the software does extra things that it is not supposed to do. It is in this area that many security vulnerabilities exist. The problem here is that the behaviors that are not supposed to happen are often masked by the fact that the software also satisfied its requirements. These additional behaviors are called side effects, and they represent the biggest threat to software security.

Imagine a web server that is supposed to accept http requests from port 80 but that also sometimes manages to overrun buffers by not checking for maliciously crafted packets. Simply observing behavior will not detect the overrun, and the fact that the software appears to function correctly masks the buffer overrun from scrutiny.

Imagine a media player that flawlessly plays any form of digital audio or video but that does so by writing the files out to unencrypted temporary storage.  This is a side effect that software pirates will be all too ready to exploit and just one example of thousands of unintended behavioral issues inherent in today's software. 

Security Innovation Helps you Unite These Two Circles.   Through years of research and practice, Security Innovation understands how applications behave and fail, with respect to security, better than anyone else.  Our engineers and trainers help organizations build and deploy more secure applications by delivering services that ensure that the intended and actual behaviors of their applications overlap as much as possible.   By narrowing this  gap, you reduce the amount of vulnerable and attack areas that malicious users seek to exploit.