At 11:56 AM -0700 4/22/04, Jim & Mary Ronback wrote:>>high security software.Safety critical sofware has a lot of overlap with the requirements for
Can anyone think of any _differences_ between those domain (process and code-wise, not regulatory-wise).
I think the primary difference is that security focuses on failures that are a result of an attacker's intentional actions, while safety focuses on unintentional failures. A buffer overflow is both a safety and a security failure, as an overflow can cause a program to crash as well as causing it to execute unintended actions. However, while both security and safety design processes will attempt to avoid such failures, the actions they take to minimalize the impact of failures when they occur are likely different. For example, the security design might require that the program only have minimal privileges, in order to reduce the attacker's access in case an exploitable buffer overflow makes it into the final code, while the safety design might have a redundant system to ensure that the action is carried out successfully by a different program.
-- James Walden, Ph.D. Visiting Assistant Professor of EECS The University of Toledo @ LCCC http://www.eecs.utoledo.edu/~jwalden/ [EMAIL PROTECTED]
