<Li> Code reviews and unit testing, approaches to make modules more secure where formal correctness proofs are not possible . </Li> <Li> Defense in depth, where the design is such that more than one subsystem needs to be violated to compromise the integrity of the system and the information it holds . </Li> <Li> Default secure settings, and design to "fail secure" rather than "fail insecure" (see fail - safe for the equivalent in safety engineering). Ideally, a secure system should require a deliberate, conscious, knowledgeable and free decision on the part of legitimate authorities in order to make it insecure . </Li> <Li> Audit trails tracking system activity, so that when a security breach occurs, the mechanism and extent of the breach can be determined . Storing audit trails remotely, where they can only be appended to, can keep intruders from covering their tracks . </Li>

Generally the following methods of security may be used