Safety and security engineering have, over the years, developed their own regulations, standards, cultures, and practices. However, there’s a growing realisation that security is closely connected to safety. Safety must be security-informed: if a safety-critical system isn’t secure, it isn’t safe. A safety demonstration is incomplete and unconvincing unless it considers security. In our work for government and industry, we have used the Claims, Arguments, Evidence (CAE) framework to analyse the impact of security on a safety justification or safety case and identified the significant changes needed to address security explicitly. This will impact the design and implementation process as well as the assurance and V&V approach.ududIn this paper we discuss the impact of integrating security when developing a safety demonstration of a smart device. A smart device is an instrument, device or component that contains a microprocessor (and therefore contains both hardware and software) and is programmed to provide specialised capabilities, often measuring or controlling a process variable. Examples of smart devices include radiation monitors, relays, turbine governors, uninterruptible power supplies and heating ventilation, and air conditioning controllers.
展开▼
机译:多年来,安全和安保工程已经制定了自己的法规,标准,文化和实践。但是,人们越来越意识到安全与安全紧密相关。安全必须告知安全性:如果安全关键系统不安全,那么它也不安全。除非考虑安全性,否则安全演示是不完整和令人信服的。在我们为政府和行业所做的工作中,我们使用了“索赔,论据,证据”(CAE)框架来分析安全对安全理由或安全案例的影响,并确定了显式解决安全问题所需的重大更改。这将影响设计和实施过程以及保证和V&V方法。 ud ud本文讨论了在开发智能设备的安全演示时集成安全性的影响。智能设备是一种仪器,设备或组件,包含微处理器(因此也包含硬件和软件),并经过编程以提供专门的功能,通常可以测量或控制过程变量。智能设备的示例包括辐射监测器,继电器,涡轮调节器,不间断电源和供暖通风以及空调控制器。
展开▼
