Re: [SystemSafety] [EC 61508 and cybersecurity

From: Peter Bishop < >
Date: Wed, 03 Jun 2015 10:23:03 +0100

I agree the consequences of "something" can be modelled in the same way whether random or deliberate.

- The "something"s are a relatively static set in a conventional safety analysis (equipment, power failure...), but are an ever-increasing set for security (new forms of attack on the same system)


Peter Bernard Ladkin wrote:
> On 2015-06-01 13:06 , RICQUE Bertrand (SAGEM DEFENSE SECURITE) wrote:

>> Safety is a roughly 2D problem ( probability x consequence), the two dimensions being usually
>> stable along the unique system timescale.

>> Security is a 3D problem with sub dimensions

> The analysis of what the consequences are and how they happen is very similar for both safety and
> security. Something happens to your system that cause it to do what you do not want. That
> "something" can be happenstance, or it can be deliberate. But the consequences are determined
> exactly the same way by the system properties in both cases. For analytical purposes, for security
> incidents you turn some of the possible events into quasi-Booleans (turning happenstance into
> intention) and formally propagate through the Causal Fault Graph.
> Prof. Peter Bernard Ladkin, Faculty of Technology, University of Bielefeld, 33594 Bielefeld, Germany
> Je suis Charlie
> Tel+msg +49 (0)521 880 7319

The System Safety Mailing List

Peter Bishop
Chief Scientist
Adelard LLP
Exmouth House, 3-11 Pine Street, London,EC1R 0JH
Recep:  +44-(0)20-7832 5850
Direct: +44-(0)20-7832 5855
The System Safety Mailing List
Received on Wed Jun 03 2015 - 11:23:21 CEST

This archive was generated by hypermail 2.3.0 : Tue Jun 04 2019 - 21:17:07 CEST