- by Michael Medoff , CFSE, CISA
- Thursday, May 24, 2012
- Industrial Cybersecurity
“Building Security In”
Cybersecurity continues to be a big problem for the world at large and for control systems specifically. The amount of time and effort that it can take to simply keep all of the security patches up to date on a large control system can be mind boggling. No…
Read More...
- by Robert J. Michalsky
- Thursday, August 08, 2019
- Industrial Cybersecurity
Building Cybersecurity into Software Applications
An April 2019 report from the Institute of Critical Infrastructure Technology (ICIT) makes the point that even though software ‘runs the world’, software security is an afterthought across virtually all industries.
The report states that this lack of software security is actually a National Threat given that this…
Read More...
- by Dave Butler, CFSE
- Friday, October 19, 2012
- Software
IEC 61508 Compliant Module Testing: Part 2
Last week you learned about what exactly a module is, and examples of different types of modules. Now we will move on to interfaces, the need for module testing, and code coverage requirements.
An interface, such as the 3D printer’s communication interface, or the format of the 3D data…
Read More...
- by Dave Butler, CFSE
- Thursday, October 25, 2012
- Software
IEC 61508 Compliant Module Testing: Part 3
The Test Plan
Assessment requires evidence that module tests are designed properly, run properly, and have been successfully run. Documented test results are also required. In order to meet these requirements it is generally a good idea to document a test plan for each module. Information that applies…
Read More...
- by Dave Butler, CFSE
- Tuesday, November 06, 2012
- Software
IEC 61508 Compliant Module Testing: Part 4
Part 3 covered the design of tests, resulting in one or more Module Test Plans. To execute a test plan, one would start with the test plan and a test results template (which could be a copy of the test plan as indicated previously), document the general test information…
Read More...
- by John Yozallinas, CFSE
- Thursday, January 12, 2017
- Functional Safety
IF COMPUTERS RULED THE WORLD…
What if the best minds of the world got together to generate the optimum requirements specification for human co-habitation? And built it into one large decision matrix to run on the best super-computers?
Decisions would be made solely on objective criteria; no mental arbitration, no skipping steps, no checking…
Read More...
- by Jonathan Moore
- Thursday, August 29, 2019
- Functional Safety
Let’s Talk About Configuration Management and ISO 26262
Most software developers are familiar with the need for and benefits of change control. Usually change control means one thing to a software developer and that is 'commits' to a source code revision control system. Not only do small and regular commits provide significant advantages to large teams of…
Read More...
- by John Yozallinas, CFSE
- Tuesday, September 15, 2015
- Software
Return to the “Just Do It” Approach
*The “Just Do It” approach was previously referenced in the blog entry Seat-of-your-Pants Software?
If used early in the development lifecycle, a “just do it” approach could help marketing determine the look-and-feel of an application program with a complex user interface. Early software prototyping on a PC…
Read More...
- by John Yozallinas, CFSE
- Wednesday, December 03, 2014
- Software
Seat-of-your-pants Software?
I’ve had software development folks tell me that the “just do it” approach is a valid lifecycle model for SW development. In their context, this means writing the code based on limited marketing and design information and then backfilling the requirements and design specifications to describe what was done. …
Read More...
- by John Yozallinas, CFSE
- Wednesday, March 06, 2013
- Software
So What’s an Impact Analysis?
It doesn’t take much to remember a time you wish you had “looked before you leaped.” The time you bought furniture that would not fit through the doorway, or the small tree you planted whose roots are now cracking through the sidewalk. Don’t you wish you had given more…
Read More...
- by Dave Butler, CFSE
- Thursday, August 29, 2013
- Software
Software Modeling and Functional Safety: Part 2
Part 1 of this blog entry discussed software modeling, modeling notation, and modeling tools. But, what does this have to do with Functional Safety? The IEC 61508 standard has requirements, for certain SIL levels, regarding the use of:
- “Semi-formal methods”
- Computer-aided specification and design tools
- Design standards
- Performance modeling
…
Read More...
- by Michael Medoff , CFSE, CISA
- Thursday, November 29, 2012
- Certification
Tool Qualification and Safety Standards
When building a product such as an anti-lock braking system for an automobile, or a railroad, or process control safety system, making sure that the product works as specified is a big part of functional safety. When it is time for the system to engage to prevent an accident,…
Read More...
- by Iwan van Beurden, CFSE
- Thursday, February 26, 2015
- Software
Using the PHAx™ Libraries

Conducting a Process Hazard Analysis (PHA) can be quite laborious. In a HAZOP, you will systematically evaluate the applicable deviations for each node, within each unit, within each plant. The exSILentia® v4 PHAx™ module is setup to use…
Read More...