[kelnos]

It's more like "open is a prerequisite for personal verification of security".

A system can be closed and secure, just you can't verify it.

[feanaro]

Yes, but I tend to view security as a somewhat epistemological phenomenon. It's not enough for the security to exist "somewhere out there in the universe" in an absolute, objective sense. If you have no way of verifying it, it could simply be a lie, and is thus useless for threat modelling.