19
May 2021

Managing Cyber Threats to Safety-Critical Systems

Status: The event is open
Date: Wednesday, May 19, 2021 - Friday, May 21, 2021
Time: Registration and Login (Day 1–3): 8:15 AM–8:30 AM PST
Day 1: 8:30 AM–12:30 PM PST
Day 2: 8:30 AM–12:30 PM PST
Day 3: 8:30 AM–12:30 PM PST
Location: Webinar
Presenter: Dr. Jeffrey Joyce, P. Eng. 
Co-founder, Critical Systems Labs Inc.

Laurent Fabre 
VP Chief Technology Officer, Critical Systems Labs Inc.

Simon Diemert, P.Eng.
Critical Systems Labs Inc.
Credit: 12 CE Hour(s) of Technical Learning in the Formal category
Cost: Engineers and Geoscientists BC Registrant Early Bird Price: $600.00 + GST = $630.00 until May 5, 2021

Engineers and Geoscientists BC Registrant Regular Price: $700.00 + GST = $735.00

Non-Registrant Price: $700.00 + GST = $735.00

Student Price: $350.00 + GST = $367.50
Please Note:
  • Student Price is eligible for participants in Engineers and Geoscientists BC’s Student Program
  • If you are not an Engineers and Geoscientists BC registrant, and you do not already have an existing account, please proceed to creating a new account to create a profile before completing your event registration
  • For webinar sessions, the webinar login instructions will be made available 3 business days prior to the webinar date
  • A minimum number of registrations are needed by May 05, 2021 to proceed with this seminar. Please register early to avoid cancellation
  • All prices are subject to applicable taxes
Contact: Shirley Chow | Professional Development Specialist
Direct: 604.412.4865
Toll Free: 1.888.430.8035 ext.4865
Fax: 604.639.8180
Email: [email protected]
This session covers fundamental elements of an integrated approach to managing safety and cyber-security risk for complex systems that provide critical services. In particular, this training focuses on how an established system/software safety process can be extended to take account of cyber-security threats.

Seminar Description

This session covers fundamental elements of an integrated approach to managing safety and cyber-security risk for complex systems that provide critical services. In particular, this training focuses on how an established system/software safety process can be extended to take account of cyber-security threats.

Increasing automation, remote operation, inter-connection of “smart” systems are among the technology trends that potentially heighten exposure to security threats. Transportation systems, public utilities, medical devices, and industrial process control are examples of sectors that face growing concerns about the potential impact of security vulnerabilities on safety risk. Several recent cybersecurity related events (e.g., Florida water treatment hack, Medical Devices in BC) have underscored the importance incorporating security engineering practices throughout the software and systems development lifecycle. This need will only increase as autonomous technologies such as self-driving cars, and marine autonomous surface ships (MASS) become common place.

Conventional IT security measures centered on equipment level mitigations such as firewalls and encryption are unlikely to be a complete solution. Such measures need to be complemented by strategies, processes, and techniques that focus on a top-down systems-of-system understanding of how security threats impact safety—which is the subject of this seminar.

Objectives

From this training, participants can:

  • Learn how security threats can increase the risk associated with known safety-related hazards.
  • Become familiar with relevant standards and published guidance.
  • Gain an understanding of how an existing safety process can be extended to include consideration of security threats.

The practical application of concepts covered in this seminar will help an organization:

  • Identify causes of safety risk that result from unrecognized security vulnerabilities.
  • Identify conflicts between safety mitigations and security mitigations which could result in costly changes and delays if not discovered until late in development.
  • Avoid wasteful duplication of effort {e.g., safety engineers searching for security vulnerabilities that are already known to the security specialists, and vice versa).
  • More effectively allocate resources to mitigate security risks.
  • Gain a competitive business advantage in a world marketplace that is increasingly concerned about security threats.

Prerequisites

Participants should have a basic familiarity with conventional safety engineering methodology and a general awareness of concerns about cyber-security. While primarily intended for “security-minded” safety engineers and system engineers, this training might also be of interest to IT security specialists who have a role in the development or maintenance of safety-critical systems.

Outline

The tentative outline is:

  • Introduction.
  • Identifying the problem (i.e., how safety risk can increase due to cyber- security risk and why existing practices are not necessarily enough to limit this risk). Examples of cyber-security incidents affecting safety (real and simulated).
  • Overview of both conventional system/software safety methodology and security methodology.
  • A generic integrated safety/security engineering process.
  • Security risk assessment for safety-critical systems.
  • Overview of specialized techniques (e.g., fault trees vs. attack trees).
  • Strategies and best practices for managing safety risk over the lifetime of a system in the face of constantly evolving cyber-security threats.
  • Summary.

Presenters

Dr. Jeffrey Joyce, P. Eng.

Co-founder, Critical Systems Labs Inc.

Dr. Jeffrey Joyce, P.Eng., is the co-founder of Critical Systems Labs Inc. He has a doctorate from the University of Cambridge following earlier degrees from the University of Calgary and the University of Waterloo. Dr. Joyce’s recent and current clients cover a wide spectrum of technical domains ranging from autonomous road vehicles to nuclear fusion reactors. He has contributed to both an aerospace standard for the development of airborne software, RTCA DO 178C, as well as a standard for functional safety of electronic control systems in road vehicles, ISO 26262.

Laurent Fabre 

VP Chief Technology Officer, Critical Systems Labs Inc.

Mr. Laurent Fabre is the VP Chief Technology Officer for Critical Systems Labs. He earned a M.Sc. in Electrical Engineering from the French Institute of Telecommunications, ENST de Bretagne. Mr. Fabre has been involved in safety related engineering projects in a variety of sectors including aerospace, defense, maritime navigation and rail signaling. He contributed to the development of RTCA DO-326A “Airworthiness Security Process” that addresses information security risks (i.e., cyber-security risks that could impact flight safety). He is knowledgeable about safety standards and relevant regulations in the Aerospace and Defense industries and currently practices system safety for clients in these industries.

Simon Diemert, P.Eng.

Critical Systems Labs Inc.

Mr. Simon Diemert is a Software and Systems Engineer at Critical Systems Labs Inc. He earned a Master of Science (Computer Science) and Bachelor of Software Engineering from the University of Victoria. Simon is actively involved in a number of safety related projects in the automotive, medical, rail, and industrial sectors. He was the lead author of Engineers and Geoscientists BC’s "Professional Practice Guidelines: Development of Safety Critical Software" and is currently the chair of Engineers and Geoscientists BC’s Software Engineering Advisory Group.



View the full listing of events sponsored and organized by other groups.
Contact Professional Development
Email: [email protected]
Phone: 604.430.8035
Toll-free: 1.888.430.8035
View our career listings or place an employment ad.
Presentations for Post-Secondary Students
Email: [email protected]
Phone: 604.412.4860
 
Presentations for High School Students
Email: [email protected]
Phone: 604.412.4892