Handbook of System Safety and Security


Book Description

Handbook of System Safety and Security: Cyber Risk and Risk Management, Cyber Security, Adversary Modeling, Threat Analysis, Business of Safety, Functional Safety, Software Systems, and Cyber Physical Systems presents an update on the world's increasing adoption of computer-enabled products and the essential services they provide to our daily lives. The tailoring of these products and services to our personal preferences is expected and made possible by intelligence that is enabled by communication between them. Ensuring that the systems of these connected products operate safely, without creating hazards to us and those around us, is the focus of this book, which presents the central topics of current research and practice in systems safety and security as it relates to applications within transportation, energy, and the medical sciences. Each chapter is authored by one of the leading contributors to the current research and development on the topic. The perspective of this book is unique, as it takes the two topics, systems safety and systems security, as inextricably intertwined. Each is driven by concern about the hazards associated with a system's performance. - Presents the most current and leading edge research on system safety and security, featuring a panel of top experts in the field - Includes several research advancements published for the first time, including the use of 'goal structured notation' together with a 'judgment calculus' and their automation as a 'rule set' to facilitate systems safety and systems security process execution in compliance with existing standards - Presents for the first time the latest research in the field with the unique perspective that systems safety and systems security are inextricably intertwined - Includes coverage of systems architecture, cyber physical systems, tradeoffs between safety, security, and performance, as well as the current methodologies and technologies and implantation practices for system safety and security




SafeWare


Book Description

We are building systems today-and using computers to control them-that have the potential for large-scale destruction of life and environment. More than ever, software engineers and system developers, as well as their managers, must understand the issues and develop the skills needed to anticipate and prevent accidents. Nancy Leveson examines what is currently known about building safe electromechanical systems and looks at past accidents to see what practical lessons can be applied to new computer-controlled systems.




Engineering Safe and Secure Software Systems


Book Description

This first-of-its-kind resource offers a broad and detailed understanding of software systems engineering from both security and safety perspectives. Addressing the overarching issues related to safeguarding public data and intellectual property, the book defines such terms as systems engineering, software engineering, security, and safety as precisely as possible, making clear the many distinctions, commonalities, and interdependencies among various disciplines. You explore the various approaches to risk and the generation and analysis of appropriate metrics. This unique book explains how processes relevant to the creation and operation of software systems should be determined and improved, how projects should be managed, and how products can be assured. You learn the importance of integrating safety and security into the development life cycle. Additionally, this practical volume helps identify what motivators and deterrents can be put in place in order to implement the methods that have been recommended.




Software and System Safety


Book Description

System safety is a widely accepted management and engineering approach to analyze and address risks in complex systems in order to prevent accidents. Because software and computing systems are integral to most systems, software safety has become a critical component of an overall system safety effort. Software and System Safety discusses critical elements of the discipline of system safety and shows how software and computing systems fit in the system safety process. Software-specific aspects of the system safety process are addressed to show concerns common to complex systems. The many accidents and incidents presented in this book illustrate important lessons learned and show how software-related hazards can be misidentified, software risks can be improperly assessed, hazard controls may be misapplied, and software and system testing may not effectively verify that the risk had been reduced. The lessons learned come from a variety of industries and organizations, and include the author’s personal experience. The real-world lessons provided in this book can be used to improve existing software safety and system safety efforts, and can help when planning new system safety programs.




Engineering a Safer World


Book Description

A new approach to safety, based on systems thinking, that is more effective, less costly, and easier to use than current techniques. Engineering has experienced a technological revolution, but the basic engineering techniques applied in safety and reliability engineering, created in a simpler, analog world, have changed very little over the years. In this groundbreaking book, Nancy Leveson proposes a new approach to safety—more suited to today's complex, sociotechnical, software-intensive world—based on modern systems thinking and systems theory. Revisiting and updating ideas pioneered by 1950s aerospace engineers in their System Safety concept, and testing her new model extensively on real-world examples, Leveson has created a new approach to safety that is more effective, less expensive, and easier to use than current techniques. Arguing that traditional models of causality are inadequate, Leveson presents a new, extended model of causation (Systems-Theoretic Accident Model and Processes, or STAMP), then shows how the new model can be used to create techniques for system safety engineering, including accident analysis, hazard analysis, system design, safety in operations, and management of safety-critical systems. She applies the new techniques to real-world events including the friendly-fire loss of a U.S. Blackhawk helicopter in the first Gulf War; the Vioxx recall; the U.S. Navy SUBSAFE program; and the bacterial contamination of a public water supply in a Canadian town. Leveson's approach is relevant even beyond safety engineering, offering techniques for “reengineering” any large sociotechnical system to improve safety and manage risk.




Software Systems Safety


Book Description

Until quite recently, the correctness and security of software systems was a largely theoretical problem relevant only for a small group of computer specialists. Today it is a fundamental problem for society at large, with security breaches in banking software, malware attacks and bugs in programs affecting millions of people and making the headlines almost daily. The computer science community is developing verification and synthesis tools which will mechanize ever more tasks in the design of secure programs. This book presents the papers delivered at the NATO Advanced Study Institute (ASI) Summer School Marktoberdorf 2013 – Software Systems Safety. The participants represented research groups from both industry and academia, and the subjects covered included: software model checking via systematic testing, program synthesis, E voting systems, probabilistic model checking in biology, infinite state model checking, Boolean satisfiability, interactive proof, and software security by information flow control. The Marktoberdorf Summer School is one of the most renowned international computer science summer schools, and this book, with its detailed overview of current research results with special emphasis on the solving of software systems security problems, will be of interest to all those whose work involves systems security.




Software System Reliability and Security


Book Description

To make communication and computation secure against catastrophic failure and malicious interference, it is essential to build secure software systems and methods for their development. This book describes the ideas on how to meet these challenges in software engineering.




Design for Safety


Book Description

A one-stop reference guide to design for safety principles and applications Design for Safety (DfSa) provides design engineers and engineering managers with a range of tools and techniques for incorporating safety into the design process for complex systems. It explains how to design for maximum safe conditions and minimum risk of accidents. The book covers safety design practices, which will result in improved safety, fewer accidents, and substantial savings in life cycle costs for producers and users. Readers who apply DfSa principles can expect to have a dramatic improvement in the ability to compete in global markets. They will also find a wealth of design practices not covered in typical engineering books—allowing them to think outside the box when developing safety requirements. Design Safety is already a high demand field due to its importance to system design and will be even more vital for engineers in multiple design disciplines as more systems become increasingly complex and liabilities increase. Therefore, risk mitigation methods to design systems with safety features are becoming more important. Designing systems for safety has been a high priority for many safety-critical systems—especially in the aerospace and military industries. However, with the expansion of technological innovations into other market places, industries that had not previously considered safety design requirements are now using the technology in applications. Design for Safety: Covers trending topics and the latest technologies Provides ten paradigms for managing and designing systems for safety and uses them as guiding themes throughout the book Logically defines the parameters and concepts, sets the safety program and requirements, covers basic methodologies, investigates lessons from history, and addresses specialty topics within the topic of Design for Safety (DfSa) Supplements other books in the series on Quality and Reliability Engineering Design for Safety is an ideal book for new and experienced engineers and managers who are involved with design, testing, and maintenance of safety critical applications. It is also helpful for advanced undergraduate and postgraduate students in engineering. Design for Safety is the second in a series of “Design for” books. Design for Reliability was the first in the series with more planned for the future.




Embedded Software Development for Safety-Critical Systems, Second Edition


Book Description

This is a book about the development of dependable, embedded software. It is for systems designers, implementers, and verifiers who are experienced in general embedded software development, but who are now facing the prospect of delivering a software-based system for a safety-critical application. It is aimed at those creating a product that must satisfy one or more of the international standards relating to safety-critical applications, including IEC 61508, ISO 26262, EN 50128, EN 50657, IEC 62304, or related standards. Of the first edition, Stephen Thomas, PE, Founder and Editor of FunctionalSafetyEngineer.com said, "I highly recommend Mr. Hobbs' book."




Developing Safety-Critical Software


Book Description

The amount of software used in safety-critical systems is increasing at a rapid rate. At the same time, software technology is changing, projects are pressed to develop software faster and more cheaply, and the software is being used in more critical ways. Developing Safety-Critical Software: A Practical Guide for Aviation Software and DO-178C Compliance equips you with the information you need to effectively and efficiently develop safety-critical, life-critical, and mission-critical software for aviation. The principles also apply to software for automotive, medical, nuclear, and other safety-critical domains. An international authority on safety-critical software, the author helped write DO-178C and the U.S. Federal Aviation Administration’s policy and guidance on safety-critical software. In this book, she draws on more than 20 years of experience as a certification authority, an avionics manufacturer, an aircraft integrator, and a software developer to present best practices, real-world examples, and concrete recommendations. The book includes: An overview of how software fits into the systems and safety processes Detailed examination of DO-178C and how to effectively apply the guidance Insight into the DO-178C-related documents on tool qualification (DO-330), model-based development (DO-331), object-oriented technology (DO-332), and formal methods (DO-333) Practical tips for the successful development of safety-critical software and certification Insightful coverage of some of the more challenging topics in safety-critical software development and verification, including real-time operating systems, partitioning, configuration data, software reuse, previously developed software, reverse engineering, and outsourcing and offshoring An invaluable reference for systems and software managers, developers, and quality assurance personnel, this book provides a wealth of information to help you develop, manage, and approve safety-critical software more confidently.