Safety and Cybersecurity -- You Can't Have One Without the Other

Security planning needs to include safety. The two can no loner be separate concerns.

On the plant network and across multiple devices, safety and cybersecurity have tended to be separate concerns. Yet in our increasingly unsafe networked world, the two considerations have started to bleed into one another. Device manufacturers and embedded software designers, need to be vigilant in order to provide a safe and secure system for applications to do their work.

safety, cybersecurity, wind River

The blend of security and safety will be covered in detail in the session There Is No Safety Without Security and No Security Without Safety by Michel Chabroux, on Wednesday, December 7 at ESC Silicon Valley .

Chabroux works from the premise that a secure system is not necessarily safe. Systems can have defects and must be protected from errant software that may cause a failure. Combining safety and security ensures the system will have survivability from a hacker attack as well as errant software.

The goal is to make sure an attack doesn’t threaten safety. “From a security point of view, you want to make sure that the device is not hijacked to perform a nefarious task, like the recent distributed denial of service attack that leveraged everyday devices,” Chabroux told Design News . “When looking at it from a safety angle, you want to make sure that the function of the device remains stable under stress. This applies to devices that interact directly or indirectly with people and where malfunction can cause harm.”

ESC logoSecuring the Internet of Things. Today's IoT devices are under increasing attack. Device manufacturers and embedded software designers must be vigilant if they are to provide a secure system for applications to do their work. Learn more about securing IoT devices and applications in the Connected Devices track at ESC Silicon Valley . December 6-8, 2016 in San Jose. Register here for the event, hosted by Design News ’ parent company UBM.

Systems can be designed to be safe and secure by dividing up applications into multiple levels of criticality and they can be separated in time, space, and resources to ensure that no matter what happens to the lower critical sub-systems, the most critical ones continue to run. “Securing a device decreases the likelihood of it being tampered with, therefore increasing its reliability and effectiveness, such as, how safe it is to use,” said Chabroux.

Security is a must from initial boot. The goal is to establish a root of trust as well as establishing user privileges and encryption for both data at rest as well as data on the move. Chabroux noted that it’s no longer good enough to enable safety without security and vice versa. Modern systems cannot tolerate a failure. They must employ both safety and security, and that can be a challenge to resources. “Safety comes at a steep cost – think IEC 61508, ISO26262, DO-178C certifications – and security is complex.  Right now, every device manufacturer will try to balance the costs,” said Chabroux.


Possibly it is true that keeping a system safe can add to security, and certainly a non-secure system is intrinsically unsafe. But it is undoubtedly quite simple to have a system that is functionally unsafe despite being quite secure. Of course, I am talking about functional safety, the ability to prevent injury or damage to the system, not data safety, the ability to prevent theft or damage to any data.

Add new comment

By submitting this form, you accept the Mollom privacy policy.