[SystemSafety] [EC 61508 and cybersecurity

Thu Jun 4 14:23:34 CEST 2015

Andrew,

Concerning your sentence about ISO 26262, it is only true in this direction. ISO 15288 and IEEE 12207 don't cover ISO 26262...

Bertrand Ricque
Program Manager
Optronics and Defence Division
Sights Program
Mob : +33 6 87 47 84 64
Tel : +33 1 58 11 96 82
Bertrand.ricque at sagem.com

From: systemsafety-bounces at lists.techfak.uni-bielefeld.de [mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de] On Behalf Of Andrew Banks
Sent: Thursday, June 04, 2015 2:12 PM
To: systemsafety at lists.techfak.uni-bielefeld.de
Subject: Re: [SystemSafety] [EC 61508 and cybersecurity

I also agree with both Chris and Christopher, but would go a step further...

I agree with much that Chris says but the problem is that the high level standards bodies often have little practical day to day experience
at the interface between security and safety - indeed most industries are just waking up to the possibilities with ISIL in control of several
refineries and ATM towers (plus associated engineers).

Standards bodies seem to have little understanding of what their existing portfolio covers... and seem to want to create new standards, including much the same material as existing standards, rather than adopt their own existing standards.

In the case of (the latest buzz-word) "cyber security" the ISO 270xx family covers just about every eventuality... but just doesn't include the buzz-word.  In the same way that ISO 26262 re-covers plenty of material from ISO 15288/12207 (etc)

I guess it just proves the old joke: The great thing about standards... there are plenty to choose from!

Regards
Andrew

#
" Ce courriel et les documents qui lui sont joints peuvent contenir des informations confidentielles, être soumis aux règlementations relatives au contrôle des exportations ou ayant un caractère privé. S'ils ne vous sont pas destinés, nous vous signalons qu'il est strictement interdit de les divulguer, de les reproduire ou d'en utiliser de quelque manière que ce soit le contenu. Toute exportation ou réexportation non autorisée est interdite Si ce message vous a été transmis par erreur, merci d'en informer l'expéditeur et de supprimer immédiatement de votre système informatique ce courriel ainsi que tous les documents qui y sont attachés."
******
" This e-mail and any attached documents may contain confidential or proprietary information and may be subject to export control laws and regulations. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. Unauthorized export or re-export is prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system."
#
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20150604/42a6353b/attachment-0001.html>