[SystemSafety] Making Standards available .....

Steve Tockey Steve.Tockey at construx.com
Fri May 13 02:57:48 CEST 2016 

Les,
Specifically on security, I found this to be a good resource:


WASC Threat Classification, Version 2.0, Web Applications Security
Consortium, Jan, 2010.

http://www.webappsec.org and
http://projects.webappsec.org/w/page/13246978/Threat%20Classification

It's the Web Apps Security Consortium's "Threat Catalog". It talks about
recognized security threat vectors commonly used against web applications.
Some of the threat vectors are web specific, but many are not.


Cheers,

-- steve 





-----Original Message-----
From: systemsafety <systemsafety-bounces at lists.techfak.uni-bielefeld.de>
on behalf of Les Chambers <les at chambers.com.au>
Date: Thursday, May 12, 2016 4:27 PM
To: 'Peter Bernard Ladkin' <ladkin at rvs.uni-bielefeld.de>,
"systemsafety at lists.techfak.uni-bielefeld.de"
<systemsafety at lists.techfak.uni-bielefeld.de>
Subject: Re: [SystemSafety] Making Standards available .....

Oh and I forgot. Head of School mentioned they were thinking about security
as a subject area. So if we could possibly integrate security and safety it
might make it more attractive. Some of the life cycle practices are pretty
similar, I think.

-----Original Message-----
From: systemsafety
[mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de] On Behalf Of
Peter Bernard Ladkin
Sent: Thursday, May 12, 2016 1:45 PM
To: systemsafety at lists.techfak.uni-bielefeld.de
Subject: Re: [SystemSafety] Making Standards available .....

On 2016-05-12 00:49 , Les Chambers wrote:
> Some information has such societal benefit that it must be free.

That's likely so, but I am not sure for a number of reasons that IEC 61508
quite falls into that category. The phrase does capture, though, an
anomalous situation which is not yet recognised by everyone on this list. I
am gratified increasingly to see others such as Les and Thomas grasping the
nettle firmly.

I don't think the issue will go away. And I don't think it should go away.

There is a document purporting to represent the state of the practice in
the
development of the E/E/PE parts of safety-critical systems. Nowadays, that
is pretty much all safety-critical engineered systems.

Getting safety-critical systems right is, um, critical. By which I mean
socially critical. We have enough people ploughing their cars into groups
of
pedestrians that we don't need the cars to do it by themselves. Not to
speak
of what happens when Fukushima Daichi NPP floods.

This document is of international legal significance. In many countries, it
represents the touchstone for whether you are criminally prosecuted for a
programmable-electrotechnical system failure which caused injury or death.
In at least those countries, it also represents the criteria under which
you
(or your company) may be convicted by a court for unlawful killing.

Pretty serious stuff. You'd think it would be a basic part of the education
of any electrotechnical engineer. But it's not. The main reason is that
most
engineers and engineering professors, and pretty much all students, can't
get hold of it.

That is a fact which some people here are apparently unwilling to concede.
They say: You can buy it (it'll only cost you a quarter of a new car). Your
company can buy it. It's in the library. If it's not in the library, it's
in
one a train ride away. It's there. Make the effort.

We could test the practicality of this suggestion easily. Let me propose
the
following game to someone who does not now have access to a copy either on
hisher bookshelf or computer or through the company. I give out a clause
number. You get a week to say here what that clause says. I'll give out
numbers at the rate of one a day. Let's see how long this game lasts. I
would guess not long enough for this list to violate copyright in any
substantial way. [1]

It is a basic principle in many countries that the law of the land is
available in source to its citizens, either freely or at a nominal charge.
Some would say that that is a basic principle of democracy (although not
all
countries are democratic, most like to claim that they are; it's seen as a
Good Thing for rulers to have The People's Backing). Because of its status
as a touchstone for prosecutions, IEC 61508 is one step removed from being
a
de facto law [2].

Not all standards are alike. IEC 61508 is not like a standard for
electrical-system sockets in buildings or for the plugs that fit them. The
device itself is all you need to be able to check if it conforms, a
phenomenon validated by business travelers the world over on a daily basis.
But to check if kit conforms to IEC 61508 is a specialist professional
skill
which costs great expense to exercise. And, unlike plugs, retroactive
conformance is all but impossible to ascertain.

This situation is deliberately maintained by an elite. I am part of that
elite. I am a volunteer worker on that standard. I'm very lucky. Germany
basically lets anyone with appropriate technical background and sufficient
motivation participate as a guest in standards committees. Thereby I have
free personal access to what must amount by now to a six-figure-sum of
intellectual property [3] [4] [5]. Most countries don't have comparable
arrangements, and I didn't know about any of this when I chose to come here
over two decades ago. Most professional engineers don't have such
opportunity.

People who are part of the elite don't think of themselves as such. I talk
about matters concerning IEC 61508 with other members of the elite many
times a week. It's like talking about the weather, our kid's schooling or
suchlike. We all share the privilege. Such conversations are difficult to
impossible on this list because most people don't have access. That is,
access to the document which is supposedly the foundation of the
professional activity of almost everyone here (except the aerospace,
automotive and medical people).

There is also the issue of technical quality. Quality through obscurity is
about as effective as its companion, security through obscurity [6].

The key questions are thus. Is this what we think is the best way to
determine and exercise engineering best practice on system safety? If not,
how can we improve it?

PBL

Footnotes

[1] Let's also compare this game with that knowledge represented, say, by
Bedford and Cooke's text on Probabilistic Risk Analysis or Birolini's text
on Reliability Engineering. I'll give out a section number. You quote me
the
first two sentences of that section. That game, in contrast, would be
pointless.

[2] Its rail equivalents, CENELEC 50128 and 50129, actually are law in
Germany.

[3] And which, I assure German taxpayers, does get passed on to students
who
take our uni courses.
Which will end, after fifteen years, probably permanently, in two months
time. Some of those students and former students have contributed to the
standardisation process in return. Thank you Chris Goeker, Hauke Kaufhold,
Jan Sanders, Tim Schürmann and Bernd Sieker!

[4] A data point. We once gave technical advice on a very specific piece of
relatively simple, and small, physical kit which had gone wrong. Just
obtaining the standards pertaining to that specific kit, its use,
installation and maintenance, cost our clients a five-figure amount.

[5] It is well protected. There is a blue folder which says I shall not
give
it to third parties, to whose conditions I have legally committed myself.

[6] There are notable exceptions. William Kahan won the Turing Award for,
amongst other things, his technical contributions to the IEEE standard 754
on floating-point arithmetic for microprocessors ( See for example
http://scholar.google.de/scholar_url?url=http://i-n-d-e-p-t-h.googlecode.co
m
/files/IEEE754.pdf&hl=de&sa=X&scisig=AAGBfm3ZeM2pqTnY4wkwL68WLh_miz2U9Q&nos
s
l=1&oi=scholarr&ved=0ahUKEwiH8uWdu9PMAhVJ2hoKHSeXCa4QgAMIKigCMAA
  ). This standard, negotiated in committee during the 1970's by my
grad-school pal Jerry Coonen who got his PhD for this work with Kahan, is
of
the very highest technical quality, as acknowledged clearly through
Coonen's
PhD with the then-leading math department in the world, and Kahan's award.
That was my introduction to engineering standards. Nothing else has quite
lived up......

Prof. Peter Bernard Ladkin, Faculty of Technology, University of Bielefeld,
33594 Bielefeld, Germany Je suis Charlie
Tel+msg +49 (0)521 880 7319  www.rvs.uni-bielefeld.de







_______________________________________________
The System Safety Mailing List
systemsafety at TechFak.Uni-Bielefeld.DE

More information about the systemsafety mailing list