Re: [SystemSafety] A couple of references on security

From: Chris Hills < >
Date: Thu, 16 Jan 2014 17:18:49 -0000


Happy New Year All  

I too have been looking at the Toyota/Brookout transcripts and it brought home to me something I have been ranting about since 2000. That was regarding the proposed changes to the UK Corporate Manslaughter act from
"controlling mind" to "duty of care" which became law in 2008. (IANAL and
you should seek professional advice).  

My point to anyone who would listen in 2000-2007 before it became an Act was that: When the Bill becomes an Act, whilst the new law will not be not retrospective [it only applied to deaths since 6th April 2008] is that the cars, boats, planes, industrial plant etc. involved in said accidents were all going to have been built, with software written, well before the date the new Corporate Manslaughter Act came into force.  

So you need to ensure you are using "appropriate Best Practice" NOW when you write the code. Lest in a decade you get some crusty academic expert witness* with no project manager screaming "Deadlines!" at him go through your code in court with several papers on Best Practice in his hand, assisted by a prosecution lawyer. A Lawyer whose job is to find you
"Guilty!" on behalf of his clients.
 

*My rant at the time (2000-2007). No implied comment on the Brookout /Toyota expert witnesses.  

This is effectively what we see in the Brookout/Toyota case, code written over a decade ago is in the dock.  

It is no use saying it does not apply to me because, as in the case of the UK Corporate Manslaughter Act, laws can change. Code written in 2006 with one Corporate Manslaughter Act in place will be looked at from 2008 under a very different law. So your only real defence, as far as I can see and I am not a lawyer, is to work to current appropriate Best Practice now. Even if, at the moment, you are not required to work to any particular standard.    

Subject: Re: [SystemSafety] A couple of references on security  

and as the Internet of things

[CAH] PLEASE PLEASE PLEASE can we not start using that horrible phrase. All networks connect "things". It is a vacuous phrase.  

What are we all going to do when 'everything' is running Linux?

[CAH] simple.. Die. J  

The problem is not Linux per say but the religion that goes with it. I have seen some Devotees specify a Cortex M6 + Linux to run an http Server when the more appropriate solution was a PIC16 or 8051 (or even a Cortex M0 at a push) with a standalone TCP/IP Stack. Thus using Megabytes more, of vastly more complex, code than was needed.      



The System Safety Mailing List
systemsafety_at_xxxxxx Received on Thu Jan 16 2014 - 18:19:15 CET

This archive was generated by hypermail 2.3.0 : Sun Feb 17 2019 - 20:17:06 CET