This session covers fundamental elements of an integrated approach to managing safety and cyber-security risk for complex systems that provide critical services. In particular, this training focuses on how an established system/software safety process can be extended to take account of cyber-security threats.
Increasing automation, remote operation, inter-connection of “smart” systems are among the technology trends that potentially heighten exposure to security threats. Transportation systems, public utilities, medical devices, and industrial process control are examples of sectors that face growing concerns about the potential impact of security vulnerabilities on safety risk. Several recent cybersecurity related events (e.g., Florida water treatment hack, Medical Devices in BC) have underscored the importance incorporating security engineering practices throughout the software and systems development lifecycle. This need will only increase as autonomous technologies such as self-driving cars, and marine autonomous surface ships (MASS) become common place.
Conventional IT security measures centered on equipment level mitigations such as firewalls and encryption are unlikely to be a complete solution. Such measures need to be complemented by strategies, processes, and techniques that focus on a top-down systems-of-system understanding of how security threats impact safety—which is the subject of this seminar.
From this training, participants can:
- Learn how security threats can increase the risk associated with known safety-related hazards.
- Become familiar with relevant standards and published guidance.
- Gain an understanding of how an existing safety process can be extended to include consideration of security threats.
The practical application of concepts covered in this seminar will help an organization:
- Identify causes of safety risk that result from unrecognized security vulnerabilities.
- Identify conflicts between safety mitigations and security mitigations which could result in costly changes and delays if not discovered until late in development.
- Avoid wasteful duplication of effort {e.g., safety engineers searching for security vulnerabilities that are already known to the security specialists, and vice versa).
- More effectively allocate resources to mitigate security risks.
- Gain a competitive business advantage in a world marketplace that is increasingly concerned about security threats.
Participants should have a basic familiarity with conventional safety engineering methodology and a general awareness of concerns about cyber-security. While primarily intended for “security-minded” safety engineers and system engineers, this training might also be of interest to IT security specialists who have a role in the development or maintenance of safety-critical systems.
The tentative outline is:
- Introduction.
- Identifying the problem (i.e., how safety risk can increase due to cyber- security risk and why existing practices are not necessarily enough to limit this risk). Examples of cyber-security incidents affecting safety (real and simulated).
- Overview of both conventional system/software safety methodology and security methodology.
- A generic integrated safety/security engineering process.
- Security risk assessment for safety-critical systems.
- Overview of specialized techniques (e.g., fault trees vs. attack trees).
- Strategies and best practices for managing safety risk over the lifetime of a system in the face of constantly evolving cyber-security threats.
- Summary.
Co-founder, Critical Systems Labs Inc.
Dr. Jeffrey Joyce, P.Eng., is the co-founder of Critical Systems Labs Inc. He has a doctorate from the University of Cambridge following earlier degrees from the University of Calgary and the University of Waterloo. Dr. Joyce’s recent and current clients cover a wide spectrum of technical domains ranging from autonomous road vehicles to nuclear fusion reactors. He has contributed to both an aerospace standard for the development of airborne software, RTCA DO 178C, as well as a standard for functional safety of electronic control systems in road vehicles, ISO 26262.
VP Chief Technology Officer, Critical Systems Labs Inc.
Mr. Laurent Fabre is the VP Chief Technology Officer for Critical Systems Labs. He earned a M.Sc. in Electrical Engineering from the French Institute of Telecommunications, ENST de Bretagne. Mr. Fabre has been involved in safety related engineering projects in a variety of sectors including aerospace, defense, maritime navigation and rail signaling. He contributed to the development of RTCA DO-326A “Airworthiness Security Process” that addresses information security risks (i.e., cyber-security risks that could impact flight safety). He is knowledgeable about safety standards and relevant regulations in the Aerospace and Defense industries and currently practices system safety for clients in these industries.
Critical Systems Labs Inc.
Mr. Simon Diemert is a Software and Systems Engineer at Critical Systems Labs Inc. He earned a Master of Science (Computer Science) and Bachelor of Software Engineering from the University of Victoria. Simon is actively involved in a number of safety related projects in the automotive, medical, rail, and industrial sectors. He was the lead author of Engineers and Geoscientists BC’s "Professional Practice Guidelines: Development of Safety Critical Software" and is currently the chair of Engineers and Geoscientists BC’s Software Engineering Advisory Group.
