0 37.5 75 112.5 150 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 Electrocution Deaths in Construction (in US) Data from The Center for Construction Research and Training
; V[0], V[1] is the 64 bit input vector mov V_0H Y_HIGH mov V_0L Y_LOW mov V_1H Z_HIGH mov V_1L Z_LOW ; encode V[0], V[1] jsr r7 ENCODE ; CTX is the cipher text mov Y_HIGH CTX_0H mov Y_LOW CTX_0L mov Z_HIGH CTX_1H mov Z_LOW CTX_1L ; reverse the encryption jsr r7 DECODE ; PTX is the recovered plain text ; should be the same as V[0], V[1] mov Y_HIGH PTX_0H mov Y_LOW PTX_0L mov Z_HIGH PTX_1H mov Z_LOW PTX_1L halt Image created by Stefan Kögl
• Lack of documentation • Insufficient testing • Cryptic / frequent error messages • Complicated software programmed in assembly language • Custom real time operating system • No fault tolerance / redundancy • Systemic failures — no hardware safeguards for software faults Therac-25: Major Flaws
• Test properly and thoroughly • Software quality and assurance must be a design priority from the beginning • Safety and quality are system attributes, not code attributes • Interface usability is important • Safety critical systems should be created by qualified personnel Therac-25: Learnings
• Overconfidence in software • Confusing reliability with safety • Lack of defensive design • Unrealistic risk assessments • Inadequate investigation of incident • Inadequate software and system engineering practices • Software reuse • Safe vs “Friendly” User Interfaces • User and Government Oversight Standards Therac-25: 30 years later https://www.computer.org/csdl/mags/co/2017/11/mco2017110008.html
“…security is expensive to set up and a nuisance to run… While we await a catastrophe, simpler setup is the most important step toward better security.” Butler Lampson, USENIX Security Keynote Address, 2005
Top 5 Action Varieties in Incidents (2017) DoS Loss Phishing Misdelivery Ransomware 0 7500 15000 22500 30000 Data from Verizon Data Breach Investigations Report, 2018
• Align on how we talk about our systems and our failures • Share lessons across the industry • Identify trends • Connect trends to risk / impact Learning Better
• Security experts agree on proper patterns for fixing problems • Create real world implementations of the patterns • Ensure that it is trivial to use implementations correctly • Integrate security into computing ecosystem Fixing Better
0 25 50 75 100 Aug 2015 Feb 2016 Aug 2016 Feb 2017 Aug 2017 Feb 2018 Aug 2018 Percentage of Alexa 1M Sites With HTTPS Data from https://scotthelme.co.uk/alexa-top-1-million-analysis-august-2018/
bdpayne
oracle4engineer
hirosatogamo
kyonmm
kenta_hi
.jpg){kind=avatar}
izzii
bengo4com
konifar
colopl
lmt_swallow
ymotongpoo
moriyuya
kashira
sstephenson
roundedbygravity
lauravandoore
michaelherold
akosma
malarkey
holman
mongodb
mclloyd
philnash
speakerdeck
danielanewman