I am studying security critical systems, and it has been posed to me that there are flaws in the concept of a firewall. It has also been inferred that some aspects of firewalls violate the fundamental design principles of high integrity systems. These principles are given to me as "hazard removal, risk reduction and hazard control".
My own thoughts are that I disagree. The person who posed the question, however, obviously feels that this is the case though. Since I disagree, I am struggling to come up with answers.
The best "flaw" I can come up with is that firewalls can block valid traffic (through misconfiguration). Possibly also that with the firewall login details, the firewall administration system could be accessed externally and compromise the network.
As far as "violating" the design principles? I also feel that they don't. To me, firewalls reinforce the design principles e.g. hazard removal - they block unwanted access to systems. Risk reduction - they reduce the risk of the unauthorised access hazard occurring. Also, hazard control - I suppose firewalls don't really do anything to reduce the damage once unauthorised access has been gained but this hardly constitutes a "violation" of the principle.
Do you have any suggestions as to what I'm missing? Or what my supervisor is getting at with the question?
Thanks in advance.