[SystemSafety] Fwd: "Protected" Environments
Bruce Hunter
brucer.hunter at gmail.com
Mon Nov 12 06:46:45 CET 2018
Good analogy, Owen.
Unfortunately, there is no “silver bullet” to the uncertainty of
cybersecurity. The perfect cyber-secure Ethernet switch that addresses all
exploits does not (and will not) exist. Threat actors keep discovering new
vulnerabilities and become more proficient at bypassing controls and
deceiving gullible people. ICS-CERT published over 200 alerts and
advisories in 2017 and to date in 2018 over 300. State-sponsored and
well-founded cyber-criminals compound the ongoing and expanding risk.
There are some examples of ICS security architectures that do enforce
defence-in-depth principles, which is the most recommended approach. These
do involve segmenting networks and which is the best way to limit the risk
and provide the best change of responding to incident before a dangerous
failure occurs. However, this requires ongoing efforts to ensure
countermeasures are current against the threat landscape.
The weakest link continues to be people at all stages of the system
lifecycle. Most incidents reported relate to people bypassing established
measures either inadvertently or irresponsibly. People also introduce
vulnerabilities through design, installation, operation, maintenance, and
update. People also are very cunning and the instigators of advanced and
persistent threats. Luckily, people can also be the best defence.
We do need to get safety and security professional understanding each
other’s domain. We do need to establish best strategies to reduce the risk
of cyberattack on safety systems. We do need to ensure cybersecurity
countermeasures employed do not interfere with the effectiveness of safety
functions and vice versa. This is the aim of IEC TR 63069. It does not
prescribe countermeasures and controls but attempts to provide guidance on
applying IEC 62443 and IEC 61508 cooperatively.
Bruce Hunter
On Mon, 12 Nov 2018 at 06:55, Olwen Morgan <olwen at phaedsys.com> wrote:
>
> On 11/11/2018 06:00, Peter Bernard Ladkin wrote:
>
> <snip>
> > Can anyone name any civil system which has successfully established a
> > "security environment" (it looks a lot like a "zone" from IEC 62443
> > but apparently it is not), within which safety engineers can perform
> > safety analyses and design safety functions assuming everything is
> > cybersecure?
> <snip>
>
>
> To put this in another perspective, cybersecurity depends, among other
> things, on robust cryptography. Currently the strength of our
> cryptographic systems rests on the premise that nobody can break
> public-key ciphers. As it happens, I know a bit about the history of
> cryptography. Throughout that history ciphers have been broken whose
> inventors believed they were secure simply because they themselves
> didn't know how to break them. As Churchill said, "Those who do not
> learn from history are condemned to repeat it."
>
>
> Just a thought.
>
> olwen
>
>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
> Manage your subscription:
> https://lists.techfak.uni-bielefeld.de/mailman/listinfo/systemsafety
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20181112/db2905a5/attachment.html>
More information about the systemsafety
mailing list