Re: [SystemSafety] Does "reliable" mean "safe" and or "secure" or neither?

From: Roberto Bagnara < >
Date: Mon, 18 Apr 2016 19:36:15 +0200


On 18/04/2016 18:25, Chris Hills wrote:
> I came across someone using the term "reliable" to also infer safe and
> secure.
> I contended that "reliable" does not automatically mean safe or secure.

And you are 100% correct!

> I can think of cases where systems behave in a reliable
> (repeatable/predictable) way that is not safe and other that are reliable
> land certainly not secure. I have seen a demo of a very reliable system
> that has a completely open password and will then use a well-known comms
> protocol to give you any information you ask for. Though it is safe doing
> what it is supposed to do (as long as you can't re-purpose it to be
> dangerous).

Precisely: these are examples showing that reliability implies neither safety nor security.

> What is the current thinking? Does "reliable" also infer safe or secure?

On reliability vs safety I suggest Chapter 2 of Nancy Leveson's excellent book

  https://mitpress.mit.edu/sites/default/files/titles/free_download/9780262016629_Engineering_a_Safer_World.pdf

I believe the same kind of reasoning applies to reliability vs security. Actually, there the situation can be even worse: increasing reliability can decrease security. For example: the electronic key of my car sometimes fails, i.e., I have to push the button several times in order to obtain the desired effect. In other words, it is not very reliable. Perhaps the cause is that the emitted signal is not strong enough. Emitting a stronger signal would make it more reliable, but would also make eavesdropping easier, i.e., it would make the system less secure. Kind regards,

   Roberto

-- 
     Prof. Roberto Bagnara

Applied Formal Methods Laboratory - University of Parma, Italy
mailto:bagnara_at_xxxxxx
                              BUGSENG srl - http://bugseng.com
                              mailto:roberto.bagnara_at_xxxxxx
_______________________________________________
The System Safety Mailing List
systemsafety_at_xxxxxx
Received on Mon Apr 18 2016 - 19:36:27 CEST

This archive was generated by hypermail 2.3.0 : Tue Apr 23 2019 - 05:17:08 CEST