28 Apr 15. Together with eleven international partners, SYSGO starts the EU project SAFURE that aims at the development of a platform for integrated safety and security for critical systems in the Internet of Things. Main objective of the project is to provide a framework for integrated safety and security that identifies and avoids security threats for the functional safety of networked systems. A new methodology enables the joint design of functional safety and security and provides system designers and developers with the necessary tools at hand. The SAFURE partners respond to demands from the industry for more openness, communication and increasing the use of multi-core processors in safety-critical networked systems. SAFURE cares for a holistic approach in the design of critical systems to detect and prevent attacks and to improve the performance of IT security and functional safety, thus overcoming the previous separation of IT security and functional safety. Designers and developers obtain analysis, development tools and features that enable a holistic view of system requirements in terms of IT security, functional safety, communications and runtime behavior.
Expansion of standards
IT security should be integrated into industry-specific standards of functional safety to allow for the development of safe and secure products. Implementations for Automotive and Telecommunication
As part of SAFURE, the integrated platform and the methodology are implemented for the automotive and the telecommunications market in order to use the knowledge gained in real projects. In the project SAFURE, PikeOS hypervisor is used as a platform for the joint design of IT security and functional safety. It builds the basis for the development of the SAFURE demonstrators.
27 Apr 15. According to the results of a new survey commissioned by Lockheed Martin (LMT), corporations are wiser to rely on metrics more diverse than Return on Investment, and to embrace innovation when it comes to using existing technologies to full effect. The survey also revealed that the most important metrics are the least reliable: though 70 percent of survey respondents believe Return on Investment (ROI) and Total Cost of Ownership (TCO) are critical metrics for investment and measuring a technology’s economic benefits, the same number say it is difficult to calculate an accurate ROI for a given security technology. Sixty-one percent say the same of TCO calculations.
Additional key findings include:
* Survey respondents cited cost, performance, and vendor support as the most important factors when investing in security technologies. However, important features such as interoperability, proven risk reduction, and lack of complexity were not considered as important.
* An overwhelming 90 percent of survey respondents say their organization has invested in a security technology that was ultimately discontinued or scrapped before or soon after deployment. The organizations deemed most innovative have found ways to use existing technologies that are more efficient and cost-effective to create a more secure organization.
“As cyber threats increase, it is troubling to see so many cybersecurity tools purchased by organizations end up as shelfware,” said Greg Boison, director of Homeland & Cybersecurity at Lockheed Martin. “When cyber dollars are scarce, organizations should not only evaluate which tools their enterprise needs, but whether they have the internal and external resources to deploy, maintain and leverage them.”
The Risk & Innovation in Cybersecurity Investments survey was independently conducted in February by data security research group Ponemon Institute. It polled 618 U.S.-based senior IT practitioners from a variety of sectors, including financial services, the federal government, healthcare, utilities, energy, and pharmaceuticals. The margin of error for survey questions ranged from ± 1.0 percent to ± 5.6 percent, with an overall average of ± 3.6 perc