Safety vs. Security: Why do people die despite good safety?

Kuntze, Nicolai; Rudolph, Carsten; Brisbois, Brooke; Boggess, Megan; Endicott-Popovsky, Barbara; Leivesley, Sally

doi:10.1109/icnsurv.2015.7121276

Cited by 6 publications

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

Cetratus: A framework for zero downtime secure software updates in safety‐critical systems

2020

View full text Add to dashboard Cite

SummarySafety‐critical systems are evolving into complex, networked, and distributed systems. As a result of the high interconnectivity among all networked systems and of potential security threats, security countermeasures need to be incorporated. Nonetheless, albeit cutting‐edge security measures are adopted and incorporated during the system development, such as latest recommended encryption algorithms, these protection mechanisms may turn out obsolete because of the long operational periods. New security flaws and bugs are continuously detected. Software updates are then essential to restore the security level of the system. However, system shutdowns may not be acceptable when high availability is required. As expressed by the European Union Agency for Network and Information Security (ENISA) “the research in the area of patching and updating equipment without disruption of service and tools” is needed. In this article, a novel live updating approach for zero downtime safety‐critical systems named Cetratus is presented. Cetratus, which is based on a quarantine‐mode execution and monitoring, enables the update of non‐safety‐critical software components while running, without compromising the safety integrity level of the system. The focus of this work lies on the incorporation of leading‐edge security mechanisms while safety‐related software components will remain untouched. Other non‐safety‐related software components could also be updated.

show abstract