On the plant network and across multiple devices, safety and cybersecurity have tended to be separate concerns. Yet in our increasingly unsafe networked world, the two considerations have started to bleed into one another. Device manufacturers and embedded software designers, need to be vigilant in order to provide a safe and secure system for applications to do their work.
The blend of security and safety will be covered in detail in the session There Is No Safety Without Security and No Security Without Safety by Michel Chabroux, on Wednesday, December 7 at ESC Silicon Valley.
Chabroux works from the premise that a secure system is not necessarily safe. Systems can have defects and must be protected from errant software that may cause a failure. Combining safety and security ensures the system will have survivability from a hacker attack as well as errant software.
The goal is to make sure an attack doesn’t threaten safety. “From a security point of view, you want to make sure that the device is not hijacked to perform a nefarious task, like the recent distributed denial of service attack that leveraged everyday devices,” Chabroux told Design News. “When looking at it from a safety angle, you want to make sure that the function of the device remains stable under stress. This applies to devices that interact directly or indirectly with people and where malfunction can cause harm.”
Securing the Internet of Things. Today's IoT devices are under increasing attack. Device manufacturers and embedded software designers must be vigilant if they are to provide a secure system for applications to do their work. Learn more about securing IoT devices and applications in the Connected Devices track at ESC Silicon Valley. December 6-8, 2016 in San Jose. Register here for the event, hosted by Design News’ parent company UBM.
Systems can be designed to be safe and secure by dividing up applications into multiple levels of criticality and they can be separated in time, space, and resources to ensure that no matter what happens to the lower critical sub-systems, the most critical ones continue to run. “Securing a device decreases the likelihood of it being tampered with, therefore increasing its reliability and effectiveness, such as, how safe it is to use,” said Chabroux.
Security is a must from initial boot. The goal is to establish a root of trust as well as establishing user privileges and encryption for both data at rest as well as data on the move. Chabroux noted that it’s no longer good enough to enable safety without security and vice versa. Modern systems cannot tolerate a failure. They must employ both safety and security, and that can be a challenge to resources. “Safety comes at a steep cost – think IEC 61508, ISO26262, DO-178C certifications – and security is complex. Right now, every device manufacturer will try to balance the costs,” said Chabroux.
Safety and security need to run through the same planning, since security breaches can adversely affect safety. “My point is that many things that apply to safety also increase security and vice-versa,” said Chabroux. “Safety standards have formal methods to verify things. Not so much for security. However, many of these methods do apply to security. So by being judicious, one can increase security and safety at the same time.”
Rob Spiegel has covered automation and control for 17 years, 15 of them for Design News. Other topics he has covered include supply chain technology, alternative energy, and cyber security. For 10 years he was owner and publisher of the food magazine Chile Pepper.
[Image source: Wind River]