You have the world's best firewall, your Windows computers update their antivirus software regularly and your Information Security staffers enforce our policies with an iron fist. Does this mean you're safe? Modern computer systems are plagued by security vulnerabilities. Whether it is the latest UNIX buffer overflow or bug in Microsoft Internet Explorer, our applications and operating systems are full of security flaws on many levels. From the viewpoint of the traditional security paradigm, it should be possible to eliminate such problems through more extensive use of formal methods and better software engineering.