Saturday, September 24th, 2016
Safety-Software and Security-Software have different aims:
Safety: risk for human lives or environment.
Safety-Software is associated with system-critical systems. Any errors in these types of systems could lead to a catastrophic failure condition, which results in the loss of human life and hence the need for a safety-critical system.
Safety is about protecting physical assets (life, property, environ).
Safety industry has always worked on the assumption that failures and errors are not malicious and this may not be a valid assumption in the current times. Usually, the safety industry has long development time cicles and reacts slowly to changes required.
Examples: nuclear reactor systems, airplane computers, life control systems.
In these systems, safety is critical to ensure there is a minimized risk of an accident.
Security: risk for privacy (organizational privacy) or national security.
Security-Software is always related to preserve privacy and prevent any unauthorized access from other people or software programs to our information.
Security is about protecting valuable information assets, in general or via computer networks. It can be considered to be about how exploitable a vulnerability might be.
Usually, the security industry has short development life cycles and reacts to change very quickly.
Examples: banking systems, insurance systems, health systems.
In these systems, a fault with a cryptographic function or access control could lead to a breach of security or financial loss and hence a security-critical system is required.