University of Cambridge > Talks.cam > Computer Laboratory Security Group meeting presentations > Security informed safety

Security informed safety

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Ross Anderson.

n Adelard we have been assessing the safety of computer based systems for many years. Recently we have been researching an approach to security informed safety, trying to identify what the similarities and differences are and what should be done about it, particularly how safety cases need to change. Broadly speaking, we see safety as concerned with protecting the environment from the system whereas security is concerned with protecting the system from the environment.

This brief talk will introduce the range of work we do and our applied research to give an idea of my background and then review some overlaps and tension between safety and security principles. From a safety system perspective, security principles such as economy of mechanism, least privilege, and psychological acceptability are probably all readily acceptable. Other principles, such as complete mediation and end-to-end arguments, could have a significant impact on the architecture and performance of systems. But perhaps the most radical security principles from a safety perspective are those based on Kerchoffs’ principle, ease of recovery and open design.

I would like to discuss how we might take a principled approach to open design that has technical underpinning and would also welcome exchanges on any of the issues raised by security informed safety.

This talk is part of the Computer Laboratory Security Group meeting presentations series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.

 

© 2006-2024 Talks.cam, University of Cambridge. Contact Us | Help and Documentation | Privacy and Publicity