Traditionally, safety and security have been treated as separate disciplines, with their own regulation, standards, culture and engineering but this is increasingly becoming infeasible and there is a growing realization that security and safety are closely interconnected: it is no longer acceptable to assume that a safety system is immune from malware because it is built using bespoke hardware and software, or that it cannot be attacked because it is separated from the outside world by an "air gap". In reality, the existence of the air gap is often a myth and safety systems are built using commodity hardware and software, connected together and communicating with each other using off-the-shelf network equipment and standard communication protocols. Thus, safety systems operate in an open environment and they need to be secure in order to be safe.
To understand more about cyber issues on safety critical and safety related computer systems please see the articles and videos below.
If you would like to understand more about security in safety critical computer controlled systems and what standards may be applicable to your project, please contact us or join our Security-informed safety training course.
Secure by design: countering cyber threats
With information technology leading the way, the world's railways need to take full advantage of the opportunities that this new revolution offers. In doing so they also have to recognise the challenges that information technology presents, particularly that of cyber security, by Francis How, Chief Executive IRSE and Robert Stroud, Principal Consultant Adelard LLP.
Read what Adelard's research and practice reveals about the impact of cyber issues on safety critical and safety related computer systems, by Kate Netkachova and Robin E Bloomfield, Adelard LLP and City University London.
Safety and Security
View Dr Robert Stroud of Adelard as he briefly introduces what security means in the context of a safety case.
Security in Safety Standards
Security in safety standards such as IEC 61508 has been around for 6 years.
View this short video clip for an insight into the issues you need to be aware of.