Do Security Systems Fail Because Of Entropy?

Document Type

Journal Article


Argonne National Laboratory


Faculty of Health, Engineering and Science


School of Computer and Security Science




This article was originally published as: Coole, M. P., & Brooks, D. J. (2014). Do Security Systems Fail Because of Entropy?. Journal of Physical Security, 7(2), 50-76. Original article available here


Security is implemented to mitigate an organisation’s identified risks, linking layered elements into a system to provide countermeasure by the functions of deter, detect, delay, response and recovery. For a system to maintain its effectiveness these functions must be efficaciously performed in order; however, such systems may be prone to decay leading to security failures. This study used a three-­‐phase qualitative methodology to develop an entropic theoretical foundation and to present a model of entropic security decay. Security decay is defined as degradation of the microscopic constituents propagating through the security system as a result of knowledge, cultural or economic factors. Security management should be primarily concerned with managing the entropic processes against commissioned security system levels; however, when decay occurs it is as a bottom-­‐up factor. This study suggests security controls should be measurable and be designed, applied, and managed to maintain security system efficacy.

Access Rights

Free to read on publishers website