[SystemSafety] [EC 61508 and cybersecurity
RICQUE Bertrand (SAGEM DEFENSE SECURITE)
bertrand.ricque at sagem.com
Wed Jun 3 14:01:37 CEST 2015
I totally support your position Jens.
There is still a lot to do and work is under progress. I am not sure that ED202 solves all the problems, but it creates processes. I am not sure that IEC 62443 solves all the problems, but it frames the picture. An so on …
The first issues of all these standards will certainly be improved in the next issues. For instance, it is clear that the appropriation of a common metamodel (like the one used by the NSA) would be a progress, like the adoption of the OSI model was a cornerstone for communication networks.
Nothing is never perfect and the sense of perfection is a question of perspective and of point of view. Perfection for end-users and for manufacturers could probably be safety AND security out of the box, for a lower cost than today.
This will not happen. Engineering is needed to solve the problems. The standards can suggest (meta)models to frame the problem, suggest processes to handle them, suggest methods and techniques to help achieve the objectives. They can also mandate the objectives, which would require a multi-sector, or at least sector, agreements on the objectives. We are far from that.
But, as you notice it, we are working on it. Anybody wanting to contribute is welcomed…
Bertrand Ricque
Program Manager
Optronics and Defence Division
Sights Program
Mob : +33 6 87 47 84 64
Tel : +33 1 58 11 96 82
Bertrand.ricque at sagem.com
From: systemsafety-bounces at lists.techfak.uni-bielefeld.de [mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de] On Behalf Of Braband, Jens
Sent: Wednesday, June 03, 2015 10:06 AM
To: systemsafety at lists.techfak.uni-bielefeld.de
Subject: Re: [SystemSafety] [EC 61508 and cybersecurity
As I am collaborating with Ingo Rolle in some committees, here is some additional information, both on IEC 61508 and the railway specific derivatives:
- IEC 61508 addresses IT Security explicitly e. g. in pt 1 7.4.2.3 a threat analysis may be performed as part of the risk assessment (if necessary). And also in other parts IT security is addressed. However IEC 61508 only tells you WHAT to do but not HOW. It refers to appropriate standards e. g. IEC 62433.
- The railway variant of IEC 61508, the EN 50129, has since its first version in the 90s a mandatory chapter in the safety case dealing with unauthorized access. Also IT security of communication is mandatory and EN 50159 is in use since 2001 and is also applied in other domains. The IT security aspects are extended in the maintenance of the EN 50129 which has just started.
- In Germany, but also internationally there is broad agreement that IT security and safety have to be regarded jointly, and activities to cover this in more detail in standardization have already started 2010, including activities using 62443 for railways. I wrote papers e. g. for SAFECOMP 2012 or ERTSS 20114 about such activities, but there are also plenty of other publications on this matter.
So I don’t understand the standardization bashing here, there are a lot of activities going on, there is some literature, and you may even get involved through your national committees…
Best regards
Jens Braband
PS These are my personal opinions, not necessarily those of my employer or other organizations, that I sometimes represent.
Von: systemsafety-bounces at lists.techfak.uni-bielefeld.de<mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de> [mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de] Im Auftrag von Rolle, Ingo
Gesendet: Montag, 1. Juni 2015 14:19
An: systemsafety at lists.techfak.uni-bielefeld.de<mailto:systemsafety at lists.techfak.uni-bielefeld.de>
Betreff: Re: [SystemSafety] [EC 61508 and cybersecurity
Since I’m secretary of the German mirror groups in charge of IEC 61508 and IEC 62443 I was asked to give a brief overview of principal differences between functional safety and IT security. I gave the following presentation before the TC 65 audience last year. The conclusion (i.e. my opinion) was that there are many principal differences, although some things may be coordinated. I tried to work through an example of a life-cycle considering both f.s. and IT security
The difference starts with the requirement that also non-safety functions must be protected against eavesdropping or data manipulation.
An overview of IEC 62443 may be here, although only in German: www.vde.com/62443<http://www.vde.com/62443>
I’m not aware of the difference between IT security and cyber security, perhaps somebody could tell me
Ingo Rolle (ingo.Rolle at vde.com<mailto:ingo.Rolle at vde.com>)
Von: systemsafety-bounces at lists.techfak.uni-bielefeld.de<mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de> [mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de] Im Auftrag von Andy Ashworth
Gesendet: Montag, 1. Juni 2015 13:27
An: RICQUE Bertrand (SAGEM DEFENSE SECURITE)
Cc: systemsafety at lists.techfak.uni-bielefeld.de<mailto:systemsafety at lists.techfak.uni-bielefeld.de>
Betreff: Re: [SystemSafety] [EC 61508 and cybersecurity
I have previously held the position of safety assurance manager at a nuclear research laboratory. While my team was required to demonstrate that the consequences of any credible accident would not be unacceptable, my colleagues in the security team regarded our analysis as a security threat since we were identifying potential worst scenarios for any deliberate attack.
There is definitely a contradiction between safety and security I terms of openness - for safety we want to be seen to be safe, but he security world requires us to hide the specific vulnerabilities of our systems.
Andy
Sent from Andy's iPad
On Jun 1, 2015, at 07:06, RICQUE Bertrand (SAGEM DEFENSE SECURITE) <bertrand.ricque at sagem.com<mailto:bertrand.ricque at sagem.com>> wrote:
It is not that simple.
Safety is a roughly 2D problem ( probability x consequence), the two dimensions being usually stable along the unique system timescale.
Security is a 3D problem with sub dimensions (attacker(motivation, capability), vulnerability(inherent, introduced), consequence), these dimensions being variable along two different timescales (target system timescale, attacker timescale).
Bertrand Ricque
Program Manager
Optronics and Defence Division
Sights Program
Mob : +33 6 87 47 84 64
Tel : +33 1 58 11 96 82
Bertrand.ricque at sagem.com<mailto:Bertrand.ricque at sagem.com>
From: systemsafety-bounces at lists.techfak.uni-bielefeld.de<mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de> [mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de] On Behalf Of Chris Hills
Sent: Monday, June 01, 2015 12:50 PM
To: martyn at thomas-associates.co.uk<mailto:martyn at thomas-associates.co.uk>; systemsafety at lists.techfak.uni-bielefeld.de<mailto:systemsafety at lists.techfak.uni-bielefeld.de>
Subject: Re: [SystemSafety] [EC 61508 and cybersecurity
I have always though that safety and security are two sides of the same coin. Often it is just a difference of emphasis or wording but the requirements are very similar if not the same.
The trouble is “cyber security” is the new buzzword so we need a standard for it….. Surely it is better build on 61508 for something that is both safe and secure?
Or do you want something that is secure but unsafe? ☺
Regards
Chris
Phaedrus Systems Ltd Tel: FREEphone 0808 1800 358
96 Brambling B77 5PG Vat GB860621831 Co Reg #04120771
Http://www.phaedsys.com<http://www.phaedsys.com/> chills at phaedsys.com<mailto:chills at phaedsys.com>
From: systemsafety-bounces at lists.techfak.uni-bielefeld.de<mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de> [mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de] On Behalf Of Martyn Thomas
Sent: 01 June 2015 10:09
To: systemsafety at lists.techfak.uni-bielefeld.de<mailto:systemsafety at lists.techfak.uni-bielefeld.de>
Subject: Re: [SystemSafety] [EC 61508 and cybersecurity
Where can I find details of the content of IEC 62443, and of the IEC workgroup?
Martyn
On 01/06/2015 09:42, RICQUE Bertrand (SAGEM DEFENSE SECURITE) wrote:
There is currently an IEC workgroup on what to do with IEC 61508 and cybersecurity (IEC 62443). The topic is thus not ignored.
#
" Ce courriel et les documents qui lui sont joints peuvent contenir des informations confidentielles, être soumis aux règlementations relatives au contrôle des exportations ou ayant un caractère privé. S'ils ne vous sont pas destinés, nous vous signalons qu'il est strictement interdit de les divulguer, de les reproduire ou d'en utiliser de quelque manière que ce soit le contenu. Toute exportation ou réexportation non autorisée est interdite.Si ce message vous a été transmis par erreur, merci d'en informer l'expéditeur et de supprimer immédiatement de votre système informatique ce courriel ainsi que tous les documents qui y sont attachés."
******
" This e-mail and any attached documents may contain confidential or proprietary information and may be subject to export control laws and regulations. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. Unauthorized export or re-export is prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system."
#
_______________________________________________
The System Safety Mailing List
systemsafety at TechFak.Uni-Bielefeld.DE<mailto:systemsafety at TechFak.Uni-Bielefeld.DE>
#
" Ce courriel et les documents qui lui sont joints peuvent contenir des informations confidentielles, être soumis aux règlementations relatives au contrôle des exportations ou ayant un caractère privé. S'ils ne vous sont pas destinés, nous vous signalons qu'il est strictement interdit de les divulguer, de les reproduire ou d'en utiliser de quelque manière que ce soit le contenu. Toute exportation ou réexportation non autorisée est interdite Si ce message vous a été transmis par erreur, merci d'en informer l'expéditeur et de supprimer immédiatement de votre système informatique ce courriel ainsi que tous les documents qui y sont attachés."
******
" This e-mail and any attached documents may contain confidential or proprietary information and may be subject to export control laws and regulations. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. Unauthorized export or re-export is prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system."
#
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20150603/5058ff8f/attachment-0001.html>
More information about the systemsafety
mailing list