[SystemSafety] IEC 61508 and cybersecurity

Andrew Banks andrew at andrewbanks.com
Thu Sep 19 16:52:29 CEST 2019


While the article shows a reasonable understanding of things I note:

>> I have long advocated for peer review of standards documents at the final pre-publication stage by acknowledged senior scientists in the area.

Anyone (Note 1) can join their National Body mirror panel.  The National Body members get to comment and vote at DIS and FDIS. 


But to the nub of the article... I can understand IEC 61508 not wishing to become yet another security standard... there are plenty to choose from already.  In this, I think ISO 26262 got it right (Note 2), by addressing the interaction between safety and security, and emphasising that (cyber)security must be considered, but going no deeper.

Notes:
1: subject to a little vetting - but I have never heard of a viable person being refused...
2: declaration - I was involved with 26262 but that was someone else's work; I just happen to agree with it


Regards
A


-----Original Message-----
From: systemsafety [mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de] On Behalf Of Peter Bernard Ladkin
Sent: 16 September 2019 08:28
To: The System Safety List
Subject: [SystemSafety] IEC 61508 and cybersecurity

I have banged on about this before. There is a proposal to take "(cyber)security" out of consideration for any part of IEC 61508 NextEd. That means, in NewSpeak, "(cyber)security is out of scope for IEC 61508."

How can that be?

Well, it can't be. The reasoning, which is brief, is in https://abnormaldistribution.org/index.php/2019/09/16/system-safety-cybersecurity-the-scope-of-iec-61508-and-broken-standards/


PBL

Prof. Peter Bernard Ladkin, Bielefeld, Germany MoreInCommon Je suis Charlie
Tel+msg +49 (0)521 880 7319  www.rvs-bi.de








More information about the systemsafety mailing list