What is SafSec
Are these your problems?
Do you have safety and security requirements?
Do you have safety and security certification issues?
Do you need to manage your risks when gaining certification?
Do your costs of gaining certification need to be minimised?
Do you have a modular system architecture?
Are you concerned with obsolescence?
Do you have COTS and legacy components in the system?
Do you have to illustrate compliance with current safety and security standards?
Do you currently lack a solid plan for gaining certification?
We have a solution
SafSec is a method of managing safety and security risks in a system development project. By addressing the safety and security requirements in an integrated approach, early in the lifecycle, the likelihood of resolving conflicts and gaining certification will be mitigated early on in that lifecycle.
Through the use of a unified risk assessment, covering hazards, threats and the operational requirements, the subsequent design will be risk directed, ensuring all requirements are designed in at the beginning which results in the levels of risk and the residual risk being acceptable. This will lead to reduced risks in gaining certification pre-inservice and in minimised costs to attaining the same. Why are the costs minimised... because re-use of the evidence and arguments, illustrating that risks are acceptably mitigated, is maximised within safety and security certification domains.
Modularity within system architecture and certification eases future upgrades through lessening the impact of changes within the system. The issue of obsolescence gets larger with the passage of time therefore contracts, or interface definitions , on a module1 level enable modular certification to take place at that module level which in turn enables modules to be replaced/upgraded by re-use of component cases. The use of COTS and legacy is also addressed with modularity as the identification of their interface definition sets the expectation placed upon them and the level of risk that they pose, and hence the required mitigation's, to ensure their acceptability.
Standards change to stay in line with current best practice, e.g. DefStan 00-56 issue 4 and expected change in Common Criteria. There fore compliance against the current safety and security standards will cost more if the current program structure is not as up-to-date as the standards. SafSec helps you to be more agile in following standards by giving you a goal based, product centric approach, rather than a technology or process-centric approach.
The SafSec Methodology (SafSec Standard and Guidance Document) will give you a solid plan to execute to gain certification. It will reduce both your development risk and your ownership risk.
1 Module = generic term for physical component, subsystem, software package, or a combo of h/w
Adopting this solution
To adopt a SafSec approach you can:
- Download the SafSec Standard and Guidance Document, and proceed with it's application;
- Attend a course on the application of the SafSec approach and proceed with its application;
- Invest in a SafSec domain expert to conduct knowledge transfer and capability enhancement to enable others to champion its application;
- Invest in a SafSec domain expert to champion the application of the SafSec approach.
In addtion there is tool support for the SafSec approach with eDC (electronic dependability cases based upon Atran electronic safety case know-how) and customised templates to aid in the provision of a certification framework. The templates must be customised to suit the needs of individual programmes and systems.
Adopting the SafSec approach can give you a strong return on investment. The areas of particular value are:
- The ability to re-use the arguments and evidence within safety and security certification domains removes duplication of effort = lower costs in the certification aspects of the development phase;
- The ability to develop certification incrementally reduces the risk to reaching certification of the entire system = lower costs at the end of the development phase;
- The ability to incorporate COTS and legacy components into the certification architecture due to the knowledge of the risks that it poses and enabling their subsequent mitigation = lower costs early in the development phase;
- The ability to verify the safety and security properties at a component level enables change and impact analysis to be more localised = lower costs over the whole life cycle;
- The ability to re-use components due to the modular approach = lower costs in other systems life cycles;
- The ability to unify safety and security risk early in the lifecycle allows for the conflicts and gaps to be resolved earlier, which will minimise costs and maximise the likelihood of smoother certification = lower costs throughout the development lifecycle;
- The ability to use eDC with customised templates within your certification framework does not entail the purchase of other underlying tools = lower costs in the whole life cycle.
When the return from the above areas is combined the return on adopting a SafSec approach is monetarily tangible.