-
David Cummings on Phil Koopman/Michael Barr’s Unintended-Acceleration Testimony
In October 2013, an Oklahoma civil court found that it was more likely than not that faulty control SW had caused a car crash in which the car accelerated, contrary to the apparent intention of the driver, resulting in death and severe injury to the occupants. Readers may find some discussion of this at the…
-
“Security Risk” and Probability
In the last little while I have repeatedly encountered people in safety&security standardisation circles who are trying to equate IEC 61508 SILs (Safety Integrity Levels) with IEC 62443 SLs (Security Levels). I saw another instance yesterday, in a paper written for AMAA 2015 by someone actively involved in international safety+security standardisation. A SIL is a pure reliability…
-
Safety and Cybersecurity. Again.
IEC 61508:2010 is the latest edition of the general functional safety standard for E/E/PE systems. IEC 61511:2016 is the latest edition of the functional safety standard for E/E/PE systems in IACS. Last Thursday I gave a short talk (twice) to the German electrotechnical standardisation organisation DKE’s annual one-day get-together event, now called the Innovation Campus…
-
IACS Safety and Security Intertwined; A Realistic Example
Restarting a nuclear reactor is a complex and sensitive process. The process is essentially controlled through the neutron density at any point. The density is governed by processes which are fundamentally exponential in time, and is controlled by damping the exponent in various ways. It is physically possible for the process to become uncontrolled, on…
-
An Observation on the Intertwining of Safety and Security
The security of safety-related and safety-critical systems with components incorporating digital processing is becoming a major issue. We have seen partial control taken, from a remote location, of a car which is being driven. A major electricity outage in an East-European country was caused by intrusion into the digital parts of control systems. Intrusions into…
-
Thoughts on Sustainable Electric Home Heating
I own a largish building of about 360 sq.m., of divided use, some of which is my home. It was built about 110 years ago. Heating it is an issue. Heating and hot water cost me about 40,000 kWh per annum, about 110 kWh per day. I use a hyperefficient gas heater and pay the…
-
SILs, the Safety-Related System Lifecycle and Security Level (Ingo Rolle)
[Ingo Rolle is the Secretary of the German National Committee responsible for matters concerning IEC 61508 as well as the German National Committee responsible for matters concerning IEC 62443. This is an invited essay. PBL] IEC 61508:2010 is the international standard for functional safety of electrical, electronic and programmable electronic systems. It applies to the…
-
Power Plants and Cyberawareness
There is a considerable challenge in raising the awareness of engineering-plant personnel about the criticality of the computer systems they might be using. We addressed some electricity blackouts at the Safety-Critical Systems Symposium 2016. In the 2003 North American blackout, the malfunction of two computer systems on which operators and oversight personnel relied was causal…
-
Risk
There are a few different notions of risk used in dependability engineering. One notion, used in finance and in engineering safety, is from De Moivre (1712, De Mensura Sortis in the Proceedings of the Royal Society) and is (A) the expected value of loss (people in engineering say “combination of severity and likelihood”). A second…