[SystemSafety] Safety and effective or not cybersecurity countermeasures (was: IEC 63069, and Cybersecurity in IEC 61508)
Brent Kimberley
brent_kimberley at rogers.com
Wed Jun 5 00:34:24 CEST 2019
>> How would you produce a safe device without assuming effective cybersecurity countermeasures make it immune to such network attacks?Resiliency: Design the system such that it can fail safe / detect / tolerate internal failure?
Concept such as Cyber-Parkinson's / remedial action / dynamic failure effect minimization / self-heaing aren't new. On Tuesday, June 4, 2019, 04:01:05 p.m. EDT, David MENTRÉ <David.MENTRE at bentobako.org> wrote:
Dear Mr Ladkin,
Le 27/05/2019 à 09:15, Peter Bernard Ladkin a écrit :
[begin quote]
Security countermeasures should effectively prevent or guard against adverse impacts of
threats to safety-related systems and their implemented safety functions. Evaluations of
safety functions should be based on the assumption of effective (security) countermeasures.
[end quote]
There is nothing wrong with recommending that security countermeasures should be effective (sentence
1). However, (sentence 2) there is a lot wrong with *assuming effective cybersecurity
countermeasures are in place* while evaluating safety functions.
On the other side, it seems difficult to me to have effective safety function without a minimum of effective cybersecurity countermeasures.
Taking as example an software based railway interlocking control device with some networking function. If one cannot assume that through appropriate countermeasures the device is immune to network attacks, then the attacker could probably in the worst case overwrite the original control software and do anything with the device, including producing unsafe outputs like triggering train collision.
How would you produce a safe device without assuming effective cybersecurity countermeasures make it immune to such network attacks?
Best regards,
D. Mentré
_______________________________________________
The System Safety Mailing List
systemsafety at TechFak.Uni-Bielefeld.DE
Manage your subscription: https://lists.techfak.uni-bielefeld.de/mailman/listinfo/systemsafety
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20190604/44d98d82/attachment.html>
More information about the systemsafety
mailing list