8th IET International System Safety Conference incorporating the Cyber Security Conference 2013
15 - 17 October 2013 | Cardiff, UK
15 October 2013
Each tutorial will have a duration of 3.5 hours and will comprise a mixture of presentation material, examples and exercises.
Tutorial 1 - An introduction to system safety
The IET System Safety Conference 2012 will incorporate the inaugural IET Cyber Security Conference to provide an opportunity for delegates to broaden their professional knowledge. There is much in common between the disciplines of System Safety and Cyber Security and practitioners from each discipline can benefit immensely from an enhanced understanding of the other.
This half-day tutorial will give delegates unfamiliar with System Safety a chance to gain a good foundation in the discipline before the main conference begins and delegates can then choose to attend presentations dedicated to a single discipline or they can move freely between both.
This half-day tutorial will present An Introduction to System Safety and no prior knowledge of the subject is assumed of delegates.
Tutorial 2 - An introduction to cyber security
This tutorial is aimed at delegates unfamiliar with Cyber Security. Exploring what cyberspace comprises, its role in society, the trends for the future, this introduction will demystify the jargon. It will touch on topical concepts like Cloud Computing, Big Data, BYOD, explaining what this all means in terms of cyber security.
It will show that cyber security is concerned with making that environment safe enough to balance the risks and benefits. Second, using a case study, the audience will get an opportunity to explore the practical issues that arise when one uses technology, policy and education to improve security. The impact cyberspace and associated technology on Industrial Controls Systems forms the third part of this introduction.
This half-day tutorial will encourage participants to ask questions, to explore the subject and dispel the fog and mystique that can seem to shroud this subject.
Tutorial 3 - System safety assurance
This tutorial will introduce and explain the general notion of assurance as applied to products and processes, and cover methods and tools that are designed to provide assurance of safety to a third party.
These techniques include high assurance ones such as formal methods (formal specification, modelling and verification) and also semi-formal or lightweight techniques such as structured system documentation and flow analysis.
The tutorial will discuss the kinds of assurance that are required by safety standards such as MIL STD 882E, DefStan 00-56, the CENELEC standards EN 50126, DO-178B/C and DEF(AUST)5679.
Tutorial 4 - Deriving functional safety requirements for safety-related systems
International functional-safety standard IEC 61508 uses the term safety-related to identify a class of (control and/or protection) systems whose primary purpose is to reduce the risks associated a host system – the so-called equipment under control (EUC). It is clear that this necessary risk reduction depends entirely on the functionality / performance of the safety related system (SRS) and yet little guidance on this relationship is given in the standard.
The same is true of some industry-specific standards – e.g. the CENELC series of European railway standards and the EUROCONTROL air traffic management (ATM) Safety Assessment Methodology – which, like IEC 61508, devote most of their content to analysis of potential failures of SRSs. The same is not true, however, of the international standards covering the certification of large commercial jet aircraft.
The tutorial will start by examining how this situation has arisen, why it might not have been a problem historically, why it is now becoming a problem on systems employing new operational concepts enabled by rapid advances in technology, and how it could lead to illogical conclusions in a system safety case.
It will then use a mixture of presentation material, examples and exercises to show how conventional systems-engineering techniques can be adapted to derive appropriately-rigorous Functional Safety Requirements to ensure that SRSs for a variety of applications (rail, aviation, ATM and automotive) will be adequately safe when they are working as intended (i.e. in the absence of failure) rather than just “not unsafe” in the event of failure.
Tutorial 5 - Intermediate cyber security introduction
This Cyber Security tutorial builds on the morning’s session on the basics of Cyber Security. The first part of this afternoon looks at “Who is charge in cyber security: who sets the rules?” Mike StJohn-Green will look at the UK, the United States, EU and further afield to identify the who’s who of Cyber Security. He will then consider what those rules say, what part legislation and regulation plays, and the role of the market to improve “cyber hygiene”.
In the second part, Hugh Boyes will consider Cyber Security in the built environment. Smart Cities will build on the Smart Grid, Smart Transport, Intelligent Buildings, with greater integration of information systems, including the Internet of Things. He will show how cyber security concepts affect infrastructure and other complex engineering systems, and how improved systems and software engineering can deliver trustworthiness and bring greater resilience. Case studies of systems failures illustrate the potential impact of poor cyber security and resilience.
Finally, Mike StJohn-Green will look at some of the stories in the headlines – what is hype and what is truly frightening in the contemporary cyber security environment? This part will be interactive, so participants are encouraged to bring questions about contemporary cyber security topics.
Hugh Boyes CEng FIET CISSP, Cyber Security Lead, Institution of Engineering and Technology
Tutorial 6 - Software systems safety
Software allows unprecedented levels of system complexity and new failure modes that can overwhelm standard safety engineering approaches. This half-day tutorial will examine the challenges and complexity that managers and engineers face when required to provide safety assurance for software that is to be integrated into complex, safety-related systems.
The tutorial aims enable delegates to fulfil the role of an 'intelligent customer' in safety-related software procurement programmes which typically will be based upon international system and software safety standards (e.g. IEC-61508, UK Defence Standard 00-56, Defence Standard (Aust) 5679, US MIL-STD 882, DO-178, DO-278 etc.). The aim of the course is not to learn how to satisfy a particular systems or software safety standard but rather how to design a software safety programme that will be most effective for the procurement, development, maintenance and operation of software-intensive systems.
Delegates will be assumed to have a basic understanding of the concepts of System Safety and to be moderately familiar with Software Engineering terminology, methods and techniques.
IET Safety Community annual open meeting
Five presentations '’New developments in the IET Safety Community’
Safety Community Steering Group members
|18:15||IEC 61508 Proven in Use - Audrey Canning|
|18:25||IEC 61508 Human Factors Integration - Carl Sandom|
|18:35||Recent developments in the defence industry - James Inge|
|18:45||Upcoming changes in functional safety for the process industry - Audrey Canning|
|18:55||Recent developments in the automotive industry - Ireri Ibarra|
|19:05||Open discussion - where next?|
Invitation to join the Safety Community Steering Group in the bar