embedded systems
(or how to make sure the
infrastructure keeps running)
Prof. Jim Norton!
Steering Group Chair!
Secure Software Development Partnership!
Vice-President Professionalism!
BCS Chartered Institute for IT!
External Director!
UK Parliamentary Office of Science &
Technology (POST)!
www.profjimnorton.com!
Issues to be covered
So whats the problem?.
Why now?
What is the key commonality?
Breaking the vicious circle
Sustaining the breakout
Final thoughts
Issues to be covered
So whats the problem?.
Why now?
What is the key commonality?
Breaking the vicious circle
Sustaining the breakout
Final thoughts
Why now?
A series of reports published in the summer of 2009 stressed the need for
major investment in infrastructure renewal and hardening against a wide
range of threats
Issues to be covered
So whats the problem?.
Why now?
What is the key commonality?
Breaking the vicious circle
Sustaining the breakout
Final thoughts
10
11
Issues to be covered
So whats the problem?.
Why now?
What is the key commonality?
Breaking the vicious circle
Sustaining the breakout
Final thoughts
12
13
Again with grateful thanks to Prof. Martyn Thomas for inputs to the Secure Software Development Partnership.
Copyright 2010 Prof. Jim Norton
14
Issues to be covered
So whats the problem?.
Why now?
What is the key commonality?
Breaking the vicious circle
Sustaining the breakout
Final thoughts
15
16
Issues to be covered
So whats the problem?.
Why now?
What is the key commonality?
Breaking the vicious circle
Sustaining the breakout
Final thoughts
17
Final thoughts
We live today in a complex, densely networked and
heavily technology-reliant society. Extensive privatisation
and the pursuit of competitive advantage in globalised
markets, have also led us to pare down the systems we rely
upon until little or no margin for error remains. We have
switched to lean production, stretched supply chains,
decreased stock inventories and reduced redundancy in
our systems. We have outsourced, offshored and embraced
a just-in-time culture with little heed for just-in-case. This
magnifies not only efficiency but also vulnerability.
Everything depends on infrastructure functioning
smoothly and the infrastructure of modern life can be
brittle: interdependent systems can make for cascades of
concatenated failure when one link in the chain is
broken.
Lets use the opportunity of infrastructure renewal to drive a renaissance in
Security by Design, bringing back into widespread use the good practice that we
have long known and understood.
Copyright 2010 Prof. Jim Norton
18
Oh dear!
RiskConf 05.11.2009
19
10