Software Security

Archive for the 'Security Standards and Compliance' Category

 

Software glitch causes FAA to order Boeing 787s powered down

Until Boeing provides a permanent software fix, airlines with 787 Dreamliners in their fleet will have to power down the planes once every 22 days. A software glitch that could result in the loss of controllability for the 787s manifests itself after several hours of continuous use. The FAA says “all three flight control modules […]

Continue Reading...

Posted in Embedded Software Testing, Security Standards and Compliance | Comments Off on Software glitch causes FAA to order Boeing 787s powered down

 

5 software licenses you need to understand

There are different types of software licenses with some requiring you to make your source code public. Do you know what’s in your software? If you wrote the software yourself, the answer would be yes. But, if you’re like most people, you probably only wrote a portion of it. Industry practices vary but studies do […]

Continue Reading...

Posted in Application Security, Security Standards and Compliance | Comments Off on 5 software licenses you need to understand

 

AAMI TIR57 recognized by the FDA as a foundational cybersecurity standard for medical devices

It took a few years to make it happen, but the AAMI TIR57 “Principles for medical device security – Risk management” standard was finally published by AAMI this summer, and the FDA formally recognized it as a foundational standard less than a month after it came out. It really is no surprise that the FDA […]

Continue Reading...

Posted in Medical Device Security, Security Standards and Compliance | Comments Off on AAMI TIR57 recognized by the FDA as a foundational cybersecurity standard for medical devices

 

Helping the automotive industry prepare for regulations

The U.S. Government has proposed new regulation of Highly Automated Vehicles while the industry works toward self-regulation. On Monday, the Detroit News Website reported that the U.S. government will attempt regulate autonomous vehicles. Such regulation will be available in an official document titled “Federal Automated Vehicles Policy”. According to the article “[r]egulators say they will […]

Continue Reading...

Posted in Automotive Security, Security Standards and Compliance | Comments Off on Helping the automotive industry prepare for regulations

 

Software testing included in final ISA / IEC 62443-4-1

A new standard covering the secure product development lifecycle has been ratified, officially making static code analysis, software composition analysis, and malformed input testing part of the requirements. Known officially as ISA-62443-4-1 Security for industrial automation and control systems Part 4-1: Secure product development life-cycle requirement, it is part of a larger certification program designed […]

Continue Reading...

Posted in Security Standards and Compliance | Comments Off on Software testing included in final ISA / IEC 62443-4-1

 

Breaking bad security habits (5 things you should stop doing right now)

We’ve all sat through those humdrum “security awareness” training sessions designed to break us of bad security habits; cautioning us against revealing sensitive information to social engineers and folks fishing through our trash cans for any trace of personally identifiable information. Let’s just assume for a moment that we’re at least aware of those attack vectors, […]

Continue Reading...

Posted in Application Security, Security Standards and Compliance | Comments Off on Breaking bad security habits (5 things you should stop doing right now)

 

CodenomiCON USA 2016

The sixth annual CodenomiCON USA 2016 attracted hundreds of security professionals for an evening of panel discussions and networking at the House of Blues in Mandalay Bay. The Master of Ceremonies for the night was Mike Ahamdi, Director of Critical Systems Security at Synopsys. He introduced each of the panels covering supply chain security, medical […]

Continue Reading...

Posted in Automotive Security, Internet of Things, Medical Device Security, Security Conference or Event, Security Standards and Compliance | Comments Off on CodenomiCON USA 2016

 

CodenomiCON 2016 brings elite hackers together in Las Vegas

Once again Synopsys will host an elite group of cybersecurity professionals during Black Hat for an evening of thought leadership, networking, and entertainment. For the past half dozen years, CodenomiCONs have been held the evening before the start of the Black Hat briefings during the Black Hat conference. This year’s 8th annual CodenomiCON will be […]

Continue Reading...

Posted in Automotive Security, Internet of Things, Medical Device Security, Security Conference or Event, Security Standards and Compliance | Comments Off on CodenomiCON 2016 brings elite hackers together in Las Vegas

 

VA to adopt UL Cybersecurity Assurance Program

The U.S. Department of Veteran Affairs (VA) and UL (Underwriters Laboratories) have signed Cooperative Research and Development Agreement Program (CRADA) for medical devices cybersecurity standards and certification approaches. CRADA project will support improvement of Veterans patient safety and security through the use and verification of UL’s Cybersecurity Assurance Program (UL CAP), an independent third-party testing […]

Continue Reading...

Posted in Medical Device Security, Security Standards and Compliance | Comments Off on VA to adopt UL Cybersecurity Assurance Program

 

Podcast: ISO 26262 compliance through software testing

Standards are, without a doubt, important in any industry. Swipe your credit card at the cash register, and behind scenes there’s PCI-DSS safeguarding how the credit card information is processed and stored. For wireless communications there’s IEEE 802. And for the automotive industry there’s ISO 26262, a standard which covers electronic systems in automobiles and […]

Continue Reading...

Posted in Security Standards and Compliance | Comments Off on Podcast: ISO 26262 compliance through software testing