[SystemSafety] A couple of anecdotes on requirements engineering

[Martyn Thomas]

Olwen

You might have more success if you pointed out

a) that any competent adversary wanting to compromise the system will
certainly try fuzzing, and

b) that any safety-related control system that hasn't been assured
against such attacks is potentially illegal in the UK under HSWA 1974
(2) and (3) [because risks haven't been reduced SFAIRP] and may (if
disruption could affect enough people) also violate the NIS directive
(leading to a fine of up to 4% of global turnover even if no disruption
ever occurs).

c) that a fatality could lead to a prosecution for corporate
manslaughter and that now the directors know of the problem, they could
go to jail if such a prosecution is brought successfully.

If you really want to stir things up, copy your message to the auditors
for consideration in their "continuing business" test, as that puts them
on the hook too.

Martyn


On 14/10/2018 18:44, Olwen Morgan wrote:
> Whenever I work on a safety-related control system, I always point out
> that the requirements should take account of the total system
> including both the control unit and the environment whence it receives
> stimuli. That way you can at least get some idea of a system's
> response to out-of-specification adventitious conditions. I've not yet
> succeeded in convincing anyone of the sense of this approach on a
> small-scale embedded development.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20181017/91b13f39/attachment.sig>