This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Difference between revisions of "Summit 2011 Working Sessions/Session075"

Jump to: navigation, search
(One intermediate revision by one other user not shown)
Line 2: Line 2:
| summit_session_attendee_name1 =  
| summit_session_attendee_name1 = Fred Donovan
| summit_session_attendee_email1 =  
| summit_session_attendee_email1 = [email protected]
| summit_session_attendee_username1 =  
| summit_session_attendee_username1 =  
| summit_session_attendee_company1=  
| summit_session_attendee_company1=  
Line 219: Line 219:
| summit_session_leader_name1 = Colin Watson
| summit_session_leader_name1 = Colin Watson
| summit_session_leader_email1 = colin.watson(at)
| summit_session_leader_email1 =  
| summit_session_leader_name2 =  
| summit_session_leader_name2 =  

Latest revision as of 10:04, 4 February 2011

Global Summit 2011 Home Page
Global Summit 2011 Tracks

WS. owasp.jpg S is for Safety (as well as Security)
Please see/use the 'discussion' page for more details about this Working Session
Working Sessions Operational Rules - Please see here the general frame of rules.
Short Work Session Description Banner-securitysafety-2.png

This session has two aspects - safety critical systems, and safety in regards to protection of vulnerable groups (e.g. children).

  • What can OWASP learn from software safety engineering?
  • What can OWASP contribute to software safety engineering?
  • How does OWASP's work tie in to wider concerns about internet safety?

Get your helmets (hard hats) on and come along to discuss whether we need a new OWASP project, a new OWASP guide or embed safety thinking throughout OWASP's work.

This session will be particularly relevant to those interested in process control, safety critical applications, critical national infrastructure and other applications that could have a direct impact on system & human safety.

Related Projects (if any)

Email Contacts & Roles Chair
Colin Watson

Operational Manager
Mailing list
Subscription Page
  1. Create a whitepaper on application security for critical systems
  2. Create a whitepaper on how application security protects people

Venue/Date&Time/Model Venue/Room
OWASP Global Summit Portugal 2011
Date & Time

Discussion Model
participants and attendees

Projector, whiteboards, markers, Internet connectivity, power

Safety is not only concerned with confidentiality, integrity and availability. A safety-critical system (or life-critical system) is one where failure or malfunction can lead to (Wikipedia):
  • death or serious injury to people, or
  • loss or severe damage to equipment or
  • environmental harm.

In languages other than English, the distinction between "safety" and "security" may be less clear. Here is a good description of their slightly different meanings in English.

With software being used in so many safety-critical systems, the impact of application security flaws can have critical impacts on humans, equipment and the environment. There have been great advances in safety system design, but control system security is less advanced (Byres & Cusimano).

This session will discuss whether and how OWASP should contribute to the efforts in system safety.

Proposed by Working Group Approved by OWASP Board

A white paper describing how the safety ecosystem overlaps with the OWASP ecosystem and whether there should be more bridges built between them.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

After the Board Meeting - fill in here.

Working Session Participants

(Add you name by clicking "edit" on the tab on the upper left side of this page)

Name Company Notes & reason for participating, issues to be discussed/addressed
Fred Donovan @