This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Summit 2011 Working Sessions/Session075"
Sarah Baso (talk | contribs) (Created page with '{{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions tab</noinclude> |- | summit_session_name = | summit_session_url = |- | summit_session_objec…') |
|||
(25 intermediate revisions by 7 users not shown) | |||
Line 1: | Line 1: | ||
− | {{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions tab</noinclude> | + | {{Template:<includeonly>{{{1}}}</includeonly><noinclude>Summit 2011 Working Sessions test tab</noinclude> |
|- | |- | ||
− | + | ||
− | | | + | | summit_session_attendee_name1 = Fred Donovan |
− | | | + | | summit_session_attendee_email1 = [email protected] |
− | + | | summit_session_attendee_username1 = | |
− | + | | summit_session_attendee_company1= | |
− | + | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed1= | |
− | + | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | | | ||
− | | | ||
− | | | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
| summit_session_attendee_name2 = | | summit_session_attendee_name2 = | ||
| summit_session_attendee_email2 = | | summit_session_attendee_email2 = | ||
− | | | + | | summit_session_attendee_username2 = |
+ | | summit_session_attendee_company2= | ||
+ | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed2= | ||
+ | |||
| summit_session_attendee_name3 = | | summit_session_attendee_name3 = | ||
| summit_session_attendee_email3 = | | summit_session_attendee_email3 = | ||
− | | | + | | summit_session_attendee_username3 = |
+ | | summit_session_attendee_company3= | ||
+ | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed3= | ||
+ | |||
| summit_session_attendee_name4 = | | summit_session_attendee_name4 = | ||
| summit_session_attendee_email4 = | | summit_session_attendee_email4 = | ||
− | | | + | | summit_session_attendee_username4 = |
+ | | summit_session_attendee_company4= | ||
+ | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed4= | ||
+ | |||
| summit_session_attendee_name5 = | | summit_session_attendee_name5 = | ||
| summit_session_attendee_email5 = | | summit_session_attendee_email5 = | ||
− | | | + | | summit_session_attendee_username5 = |
+ | | summit_session_attendee_company5= | ||
+ | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed5= | ||
+ | |||
| summit_session_attendee_name6 = | | summit_session_attendee_name6 = | ||
| summit_session_attendee_email6 = | | summit_session_attendee_email6 = | ||
− | | | + | | summit_session_attendee_username6 = |
+ | | summit_session_attendee_company6= | ||
+ | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed6= | ||
+ | |||
| summit_session_attendee_name7 = | | summit_session_attendee_name7 = | ||
| summit_session_attendee_email7 = | | summit_session_attendee_email7 = | ||
− | | | + | | summit_session_attendee_username7 = |
+ | | summit_session_attendee_company7= | ||
+ | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed7= | ||
+ | |||
| summit_session_attendee_name8 = | | summit_session_attendee_name8 = | ||
| summit_session_attendee_email8 = | | summit_session_attendee_email8 = | ||
− | | | + | | summit_session_attendee_username8 = |
+ | | summit_session_attendee_company8= | ||
+ | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed8= | ||
+ | |||
| summit_session_attendee_name9 = | | summit_session_attendee_name9 = | ||
| summit_session_attendee_email9 = | | summit_session_attendee_email9 = | ||
− | | | + | | summit_session_attendee_username9 = |
+ | | summit_session_attendee_company9= | ||
+ | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed9= | ||
+ | |||
| summit_session_attendee_name10 = | | summit_session_attendee_name10 = | ||
| summit_session_attendee_email10 = | | summit_session_attendee_email10 = | ||
− | | | + | | summit_session_attendee_username10 = |
+ | | summit_session_attendee_company10= | ||
+ | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed10= | ||
+ | |||
| summit_session_attendee_name11 = | | summit_session_attendee_name11 = | ||
| summit_session_attendee_email11 = | | summit_session_attendee_email11 = | ||
− | | | + | | summit_session_attendee_username11 = |
+ | | summit_session_attendee_company11= | ||
+ | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed11= | ||
+ | |||
| summit_session_attendee_name12 = | | summit_session_attendee_name12 = | ||
| summit_session_attendee_email12 = | | summit_session_attendee_email12 = | ||
− | | | + | | summit_session_attendee_username12 = |
+ | | summit_session_attendee_company12= | ||
+ | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed12= | ||
+ | |||
| summit_session_attendee_name13 = | | summit_session_attendee_name13 = | ||
| summit_session_attendee_email13 = | | summit_session_attendee_email13 = | ||
− | | | + | | summit_session_attendee_username13 = |
+ | | summit_session_attendee_company13= | ||
+ | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed13= | ||
+ | |||
| summit_session_attendee_name14 = | | summit_session_attendee_name14 = | ||
| summit_session_attendee_email14 = | | summit_session_attendee_email14 = | ||
− | | | + | | summit_session_attendee_username14 = |
+ | | summit_session_attendee_company14= | ||
+ | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed14= | ||
+ | |||
| summit_session_attendee_name15 = | | summit_session_attendee_name15 = | ||
| summit_session_attendee_email15 = | | summit_session_attendee_email15 = | ||
− | | | + | | summit_session_attendee_username15 = |
+ | | summit_session_attendee_company15= | ||
+ | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed15= | ||
+ | |||
| summit_session_attendee_name16 = | | summit_session_attendee_name16 = | ||
| summit_session_attendee_email16 = | | summit_session_attendee_email16 = | ||
− | | | + | | summit_session_attendee_username16 = |
+ | | summit_session_attendee_company16= | ||
+ | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed16= | ||
+ | |||
| summit_session_attendee_name17 = | | summit_session_attendee_name17 = | ||
| summit_session_attendee_email17 = | | summit_session_attendee_email17 = | ||
− | | | + | | summit_session_attendee_username17 = |
+ | | summit_session_attendee_company17= | ||
+ | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed17= | ||
+ | |||
| summit_session_attendee_name18 = | | summit_session_attendee_name18 = | ||
| summit_session_attendee_email18 = | | summit_session_attendee_email18 = | ||
− | | | + | | summit_session_attendee_username18 = |
+ | | summit_session_attendee_company18= | ||
+ | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed18= | ||
+ | |||
| summit_session_attendee_name19 = | | summit_session_attendee_name19 = | ||
| summit_session_attendee_email19 = | | summit_session_attendee_email19 = | ||
− | | | + | | summit_session_attendee_username19 = |
+ | | summit_session_attendee_company19= | ||
+ | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed19= | ||
+ | |||
| summit_session_attendee_name20 = | | summit_session_attendee_name20 = | ||
| summit_session_attendee_email20 = | | summit_session_attendee_email20 = | ||
− | | | + | | summit_session_attendee_username20 = |
+ | | summit_session_attendee_company20= | ||
+ | | summit_session_attendee_notes,_reason_for_participating_and_issues_to_be discussed20= | ||
+ | |||
+ | |- | ||
+ | | summit_track_logo = [[Image:T._owasp.jpg]] | ||
+ | | summit_ws_logo = [[Image:WS._owasp.jpg]] | ||
+ | | summit_session_name = S is for Safety (as well as Security) | ||
+ | | summit_session_url = http://www.owasp.org/index.php/Summit_2011_Working_Sessions/Session075 | ||
+ | | mailing_list = | ||
+ | |||
+ | |- | ||
+ | |||
+ | | short_working_session_description= | ||
+ | [[File:Banner-securitysafety-2.png]] | ||
+ | |||
+ | This session has two aspects - safety critical systems, and safety in regards to protection of vulnerable groups (e.g. children). | ||
+ | |||
+ | * What can OWASP learn from software safety engineering? | ||
+ | * What can OWASP contribute to software safety engineering? | ||
+ | * How does OWASP's work tie in to wider concerns about internet safety? | ||
+ | |||
+ | Get your helmets (hard hats) on and come along to discuss whether we need a new OWASP project, a new OWASP guide or embed safety thinking throughout OWASP's work. | ||
+ | |||
+ | This session will be particularly relevant to those interested in process control, safety critical applications, critical national infrastructure and other applications that could have a direct impact on system & human safety. | ||
+ | |- | ||
+ | |||
+ | | related_project_name1 = | ||
+ | | related_project_url_1 = | ||
+ | |||
+ | | related_project_name2 = | ||
+ | | related_project_url_2 = | ||
+ | |||
+ | | related_project_name3 = | ||
+ | | related_project_url_3 = | ||
+ | |||
+ | | related_project_name4 = | ||
+ | | related_project_url_4 = | ||
+ | |||
+ | | related_project_name5 = | ||
+ | | related_project_url_5 = | ||
+ | |||
+ | |- | ||
+ | |||
+ | | summit_session_objective_name1= Create a whitepaper on ''application security for critical systems'' | ||
+ | |||
+ | | summit_session_objective_name2 = Create a whitepaper on ''how application security protects people'' | ||
+ | |||
+ | | summit_session_objective_name3 = | ||
+ | |||
+ | | summit_session_objective_name4 = | ||
+ | |||
+ | | summit_session_objective_name5 = | ||
+ | |||
+ | |- | ||
+ | |||
+ | | working_session_date_and_time = | ||
+ | |||
+ | |- | ||
+ | |||
+ | | discussion_model = participants and attendees | ||
+ | |||
+ | |- | ||
+ | |||
+ | | operational_resources = Projector, whiteboards, markers, Internet connectivity, power | ||
+ | |||
+ | |- | ||
+ | |||
+ | | working_session_additional_details = | ||
+ | |||
+ | |||
+ | Safety is not only concerned with confidentiality, integrity and availability. A safety-critical system (or life-critical system) is one where failure or malfunction can lead to ([http://en.wikipedia.org/wiki/Life-critical_system Wikipedia]): | ||
+ | * death or serious injury to people, or | ||
+ | * loss or severe damage to equipment or | ||
+ | * environmental harm. | ||
+ | In languages other than English, the distinction between "safety" and "security" may be less clear. [http://www.dailywritingtips.com/safety-and-security/ Here] is a good description of their slightly different meanings in English. | ||
+ | |||
+ | With software being used in so many safety-critical systems, the impact of application security flaws can have critical impacts on humans, equipment and the environment. There have been great advances in safety system design, but control system security is less advanced ([http://www.controlglobal.com/articles/2010/SafetySecurity1004.html Byres & Cusimano]). | ||
+ | |||
+ | This session will discuss whether and how OWASP should contribute to the efforts in system safety. | ||
+ | |- | ||
+ | |||
+ | |summit_session_deliverable_name1 = A white paper describing how the safety ecosystem overlaps with the OWASP ecosystem and whether there should be more bridges built between them. | ||
+ | |||
+ | |summit_session_deliverable_name2 = | ||
+ | |||
+ | |summit_session_deliverable_name3 = | ||
+ | |||
+ | |summit_session_deliverable_name4 = | ||
+ | |||
+ | |summit_session_deliverable_name5 = | ||
+ | |||
+ | |summit_session_deliverable_name6 = | ||
+ | |||
+ | |summit_session_deliverable_name7 = | ||
+ | |||
+ | |summit_session_deliverable_name8 = | ||
+ | |||
+ | |- | ||
+ | |||
+ | | summit_session_leader_name1 = Colin Watson | ||
+ | | summit_session_leader_email1 = | ||
+ | |||
+ | | summit_session_leader_name2 = | ||
+ | | summit_session_leader_email2 = | ||
+ | | summit_session_leader_username2 = | ||
+ | |||
+ | | summit_session_leader_name3 = | ||
+ | | summit_session_leader_email3 = | ||
+ | | summit_session_leader_username3 = | ||
+ | |||
+ | |- | ||
+ | |||
+ | | operational_leader_name1 = | ||
+ | | operational_leader_email1 = | ||
+ | | operational_leader_username1 = | ||
+ | |||
+ | |- | ||
+ | |||
+ | | meeting_notes = | ||
+ | |||
|- | |- | ||
| session_name_mask = <!--Please replace DO NOT EDIT this string --> Session075 | | session_name_mask = <!--Please replace DO NOT EDIT this string --> Session075 | ||
| session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session075 | | session_home_page = <!--Please replace DO NOT EDIT this string --> Summit_2011_Working_Sessions/Session075 | ||
}} | }} |
Latest revision as of 10:04, 4 February 2011
Global Summit 2011 Home Page
Global Summit 2011 Tracks
S is for Safety (as well as Security) | ||||||
---|---|---|---|---|---|---|
Please see/use the 'discussion' page for more details about this Working Session | ||||||
Working Sessions Operational Rules - Please see here the general frame of rules. |
WORKING SESSION IDENTIFICATION | ||||||
---|---|---|---|---|---|---|
Short Work Session Description |
This session has two aspects - safety critical systems, and safety in regards to protection of vulnerable groups (e.g. children).
Get your helmets (hard hats) on and come along to discuss whether we need a new OWASP project, a new OWASP guide or embed safety thinking throughout OWASP's work. This session will be particularly relevant to those interested in process control, safety critical applications, critical national infrastructure and other applications that could have a direct impact on system & human safety. | |||||
Related Projects (if any) |
| |||||
Email Contacts & Roles | Chair Colin Watson |
Operational Manager |
Mailing list Subscription Page |
WORKING SESSION SPECIFICS | ||||||
---|---|---|---|---|---|---|
Objectives |
| |||||
Venue/Date&Time/Model | Venue/Room OWASP Global Summit Portugal 2011 |
Date & Time
|
Discussion Model participants and attendees |
|
---|
WORKING SESSION OPERATIONAL RESOURCES | ||||||
---|---|---|---|---|---|---|
Projector, whiteboards, markers, Internet connectivity, power |
|
---|
WORKING SESSION ADDITIONAL DETAILS | ||||||
---|---|---|---|---|---|---|
Safety is not only concerned with confidentiality, integrity and availability. A safety-critical system (or life-critical system) is one where failure or malfunction can lead to (Wikipedia):
In languages other than English, the distinction between "safety" and "security" may be less clear. Here is a good description of their slightly different meanings in English. With software being used in so many safety-critical systems, the impact of application security flaws can have critical impacts on humans, equipment and the environment. There have been great advances in safety system design, but control system security is less advanced (Byres & Cusimano). This session will discuss whether and how OWASP should contribute to the efforts in system safety. |
WORKING SESSION OUTCOMES / DELIVERABLES | ||
---|---|---|
Proposed by Working Group | Approved by OWASP Board | |
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. |
Working Session Participants
(Add you name by clicking "edit" on the tab on the upper left side of this page)
WORKING SESSION PARTICIPANTS | ||||||
---|---|---|---|---|---|---|
Name | Company | Notes & reason for participating, issues to be discussed/addressed | ||||
Fred Donovan @ |
|
| ||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
|