Learn to build secure and reliable systems with a new book from Google
In the new “Building Secure and Reliable Systems: Best Practices for Designing, Implementing, and Maintaining Systems” book, engineers across Google's security and SRE organizations share best practices to help you design scalable and reliable systems that are fundamentally secure.
Reliability matters for businesses throughout all kinds of ups and downs. We’ve also heard that security is an essential tool for many of you building your own SRE practices, and we’re pleased to bring the followup “Building Secure and Reliable Systems” book to practitioners across industries. We think it will be an essential read for those of you tasked with ensuring the security and reliability of the systems you run.
Just as the SRE Book quickly became foundational for practitioners across the industry, we think that the SRS Book will be an essential read for people responsible for the security and reliability of the systems they run. More than 150 contributors across dozens of offices and time zones present Google and industry stories, and share what we’ve learned over the years. We provide high-level principles and practical solutions that you can implement in a way that suits the unique environment specific to your product.
What you’ll find in the SRS book
This book was inspired by a couple of fundamental questions: Can a system be considered truly reliable if it isn't fundamentally secure? Or can it be considered secure if it's unreliable? At Google, we’ve spent a lot of time considering these concepts. When we published the SRE book (now inducted into a cybersecurity hall of fame!), security was one rather large topic that we didn't have the bandwidth to delve into, given the already large scope of the book.
Now, in the SRS book, we specifically explore how these concepts are intertwined. Because security and reliability are everyone’s responsibility, this book is relevant for anyone who designs, implements, or maintains systems. We’re challenging the dividing lines between the traditional professional roles of developers, SREs, and security engineers. We argue that everyone should be thinking about reliability and security from the very beginning of the development process, and should be integrating those principles as early as possible into the system life cycle.
In the book, we examine security and reliability through multiple perspectives:
Design strategies: For example, best practices to design for understandability, resilience, and recovery, as well as specific design principles such as least privilege
Recommendations for coding, testing, and debugging practices
Strategies to prepare for, respond to, and recover from incidents
Cultural best practices to help teams across your organization collaborate effectively
“Building Secure and Reliable Systems” is available now. You can find a freely downloadable copy on the Google SRE website. You can also purchase a physical copy from your preferred retailer.