attacks must be addressed in your security policy and in your security
               model. TOCTTOU attacks, race condition exploits, and

               communication disconnects are known as state attacks because they
               attack timing, data flow control, and transition between one system
               state to another.


               Technology and Process Integration

               It is important to evaluate and understand the vulnerabilities in

               system architectures, especially in regard to technology and process
               integration. As multiple technologies and complex processes are
               intertwined in the act of crafting new and unique business functions,
               new issues and security problems often surface. As systems are
               integrated, attention should be paid to potential single points of failure
               as well as to emergent weaknesses in service-oriented architecture
               (SOA). An SOA constructs new applications or functions out of

               existing but separate and distinct software services. The resulting
               application is often new; thus, its security issues are unknown,
               untested, and unprotected. All new deployments, especially new
               applications or functions, need to be thoroughly vetted before they are
               allowed to go live into a production network or the public internet.


               Electromagnetic Radiation


               Simply because of the kinds of electronic components from which
               they’re built, many computer hardware devices emit electromagnetic
               (EM) radiation during normal operation. The process of
               communicating with other machines or peripheral equipment creates

               emanations that can be intercepted. It’s even possible to re-create
               keyboard input or monitor output by intercepting and processing
               electromagnetic radiation from the keyboard and computer monitor.
               You can also detect and read network packets passively (that is,
               without actually tapping into the cable) as they pass along a network
               segment. These emanation leaks can cause serious security issues but
               are generally easy to address.


               The easiest way to eliminate electromagnetic radiation interception is
               to reduce emanation through cable shielding or conduit and block
               unauthorized personnel and devices from getting too close to