[SystemSafety] Safety and effective or not cybersecurity countermeasures (was: IEC 63069, and Cybersecurity in IEC 61508)
David MENTRÉ
David.MENTRE at bentobako.org
Wed Jun 5 08:24:04 CEST 2019
Hello,
Le 05/06/2019 à 00:34, Brent Kimberley a écrit :
> >> How would you produce a safe device without assuming effective
> cybersecurity countermeasures make it immune to such network attacks?
> Resiliency: Design the system such that it can fail safe / detect /
> tolerate internal failure?
>
> Concept such as Cyber-Parkinson's / remedial action / dynamic failure
> effect minimization / self-heaing aren't new.
I'm not against those concepts but how to do that in practice?
Typically, if the device can detect cyberattacks, it is because the
cybersecurity countermeasure is effective. If the device can tolerate
the attack, it is because the cybersecurity countermeasure is also
effective to circumvent it to a specific perimeter.
In my example, how would you design the system to avoid unsafe effects
of software overwrite?
Best regards,
D. Mentré
More information about the systemsafety
mailing list