A description of principles for designing and implementing security controls in security critical systems, with a special focus on rubyists. Also lists some research objectives for improving ruby security. The presentation is breadth over depth and has lots of links to related information. From RubyConf 2015 in San Antonio, TX