A New Approach to IoT Safety, Risk, and Vulnerability Analysis
The ugly truth is that the interconnection of devices with IoT systems can lead to failures which result in physical injury, unacceptable risk, or cybersecurity vulnerabilities. Preventing such accidents requires identifying hazards, risks, and security vulnerabilities during development. Traditional hazard analysis techniques—failure modes and effects analysis, fault tree analysis, and root cause analysis—were developed for simple hardware controllers and are based on single-point failures. However, software fails differently than hardware. Most accidents, system failures, and many cyber attacks involving software-controlled systems are not caused by software failure—where the software stopped working—but rather by unforeseen interactions between the software and other system components. Vicki and Greg Pope explain how to use a robust hazard analysis technique called systemic theoretic process analysis. In actual usage on complex, software controlled systems, this technique has been able to identify more hazards, risks, and security vulnerabilities than previous methods.
Gregory Pope has more than forty years’ experience developing software in the commercial and government sectors. Greg has held positions from programmer to CEO and now works for the Lawrence Livermore National Laboratory as a software quality engineering group leader. Previously, Greg founded and ran a software testing company and patented automated software testing tools. He has held varied positions involved with mission critical testing of military systems and development of software codes for electronic countermeasures, telemetry, and data acquisition systems for flight.