Safe vs Secure
A software engineers point of view
When I hear “safety” in the context of software development, I’m always reminded that I need to automate my backup solution. The potential harm most software developers have to deal with is luckily only data loss due to hardware failures.
Safety is resilience against accidential harm to people, property, or the environment.
Aspects of safety in software development and operations include:
- Availability: A single server could be cut off the internet by construction workers, a hard drive could reach its end of life, a fire could break out, an earthquake could hit the region.
- Scalability: Web services might go down when they are too successful. It’s sometimes called the “hug of death” when a huge website links to a small one. Or just when you have a successful marketing campaign.
- Integrity: All ways to send data are prone to errors. Package loss or bit-flips happen. We have error-correcting protocols to deal with that.
Software can also be safety-critical, for example when you think about airbags. A defect there can put lives under risk (example). Other examples of safety-critical software include traffic lights, life-support systems, software managing the electrical power grids, industrial software which is used in machines that produce medicine, pacemakers, and many more.
When we are talking about security in software development, we are thinking about hackers. Wikipedia has a pretty nice explanation:
Security is resilience against harm caused by others.
Aspects of security in software development and operations include:
- Accountability: You want to have a log of changes. This includes source code. In the version control system git, you can even cryptographically sign the changes so that others cannot tamper with your changes.
- Availability: An attacker might run a Denial-of-Service attack (DOS).
- Confidentiality: Man-in-the-middle (MITM) attacks that apply packet sniffing come to my mind. wrote a nice article about this topic.
- Integrity: Think of a bank account. An attacker wants to increase the money on one account. Cryptojacking is an example where not data, but the software is affected.
Measures to increase security include:
- Code Reviews and Unit Tests: Anything that improves overall code quality
- Software Composition Analysis (SCA), e.g. by safety, VeraCode, WhiteSource, BlackDuck, and many more.
- Static Application Security Testing (SAST), e.g. by bandit, Coverity, and many more.
- Dynamic Application Security Testing (DAST), e.g. supported by OWASP ZAP, Arachni Scanner, Synopsys, and many more.
TL;DR: Differences between Safety and Security
See also
- IEC 61508: “Functional Safety of […] Programmable Electronic Safety-related Systems”.
- IEEE STD-1228:
- OmniSecu: Types of Network Attacks against Confidentiality, Integrity and Avilability
