Dr. Soper discusses software program security. Topics covered include incomplete mediation, race conditions, time-of-check to time-of-use vulnerabilities, backdoors, intentional and unintentional program flaws, the "penetrate and patch" method, security in the context of the software development life cycle, controls against software program threats, modularity, encapsulation and information hiding, mutual suspicion and confinement, fault detection and fault tolerance, configuration management, testing, and software development standards in the context of information security.