software integrity and cyber security namepa: managing change in a changing world jim watson...
TRANSCRIPT
Software Integrity and Cyber Security
NAMEPA: Managing Change in a Changing World
Jim WatsonDivision President & COO, Americas Division Management
New York, NYOctober 28, 2015
2
Software Integrity
3
Cost to repair defectsReduce costs by preventing or repairing software defects early in the development process
Software Repair Costs Over Asset Lifecycle
Cost of poor quality – repairs to defects in software increase exponentially through the vessel life cycle
Industry standard – 5 bugs per every thousand lines of code at a cost of about $5 for every line
Major Korean shipyard estimates that each error costs an average of $3,000 to find and fix
On average, 30% of errors on drilling units are interface issues, requirements errors or software defects
4
Software & Control System Complexity
5
Software Quality Engineering Services
Supporting Software Quality initiatives globally, our uniquely qualified software engineers and project managers help train, prepare and guide your team through the ISQM process in order to facilitate efficient and successful conformity to the notation with ABS
What we do Documentation and process review and recommendations Factory acceptance and commissioning witnessing Failure Modes, Effects and Criticality Analysis (FMEA/FMECA) support
(facilitation, subject matter expert, scribe) Implementation review and consulting on notation related processes
– Gap Analysis
– Remediation Plan
Train on the notation concepts, processes and success factors Certified project management training
6
Software & Control System Integrity
Existing AssetNewbuild
Software Verification and Validation, 3rd Party Witness – HIL, SIL, Field Verification, Project Mgt., Incident Investigation, Troubleshooting, Root Cause Analysis
Software Quality Engineering – ISQM Services, FAT/FMECA Expert and/or Facilitator, Training, Project Mgt.
Cybersecurity – Assessments, Backup/Restore, Incident Investigation, Disaster Recovery, Data Destruction
ConceptRequirements / Design
Construction
V&V / Transitio
n
Operations /
Maintenance
Upgrade / Retrofit
Asset Buy / Sell
Decommissioning
Control System Expertise
• Drilling Control System• Dynamic Positioning• BOP Software control• Power Management• Vessel Management
7
Cybersecurity & Software Integrity
Cybersecurity Relationship with Software Integrity Software integrity includes management of FUNCTIONAL ASSURANCE, with a direct
relationship to safety – both human and system Risk assessment process from ISQM indicates critical components and failure modes Information technology (IT)
and operational technology (OT) both depend on assurance in software, from build process through operational monitoring
Cybersecurity Dependencies on Software Determine System Reliability, Availability,Maintainability
Resilience against attack or failure requires both technical testing and risk assessment
Source: http://control.ee.ethz.ch/~viking/
8
Cyber-Physical Incident: What It Can Mean
Illustration source: http://128.143.136.29/~stankovic/cps.ht1.jpg
Cyber-Physical systems provide data for environmentand advanced warning
Health Information Systems- Dispatch- Tracking- Billing
Health Management Systems- Real-time
records- History &
lessonslearned
Health Monitoring Systems- Telemetry- Metered drug
administration- Alerts & warnings
9
Maritime Cyber-Physical Environment
Source: http://www.shippipedia.com/wp-content/uploads/2010/10/monitoring-and-control-system-2.png
www.eagle.org