Re: [SystemSafety] Does "reliable" mean "safe" and or "secure" or neither?

From: Peter Bishop < >
Date: Thu, 21 Apr 2016 08:35:12 +0100

On 20/04/2016 17:30, Peter Bernard Ladkin wrote:

> A key technical point comes out of this, which we will address at the
> German standards authority on May 4, along with German colleagues
> active in ICS safety+security and NPP safety+security within the IEC.
> And that is that the requirements for updating safety-critical
> software conflict with the usual update cycle for security and nobody
> - nobody - I have talked to knows how to solve that problem. Roger is
> very aware of it. The recent IEC offerings on safety+security gloss
> over it. We've gotta solve it somehow. (For Bertrand, I mentioned
> this also to Gilles Deleuze. I know now that the French, the Brits
> and the Germans are all interested in a solution. Of course, being
> interested in one and getting one are two different things.)
I agree this clash between safety and security is a significant problem in the systems I have looked at.

For safety you don't want to changed your approved/accepted system unless you really have to. For security you have to update all the time to deal with new attacks / vulnerabilities.



Peter Bishop
Chief Scientist
Adelard LLP
Exmouth House, 3-11 Pine Street, London,EC1R 0JH
Recep:  +44-(0)20-7832 5850
Direct: +44-(0)20-7832 5855

Registered office: Stourside Place, Station Road, Ashford, Kent TN12 1PP
Registered in England & Wales no. OC 304551. VAT no. 454 489808

This e-mail, and any attachments, is confidential and for the use of
the addressee only. If you are not the intended recipient, please
telephone 020 7832 5850. We do not accept legal responsibility for
this e-mail or any viruses.
The System Safety Mailing List
Received on Thu Apr 21 2016 - 09:35:21 CEST

This archive was generated by hypermail 2.3.0 : Tue Jun 04 2019 - 21:17:08 CEST