Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Tag Archives: Engineering Safe and Secure Software Systems

Software Security Recall for Jeeps

– Author’s Note: This is a follow-up to my July 27, 2015 BlogInfoSec column “Jeep Hacked, Manufacturer ‘Dismayed.’” Fiat Chrysler’s recall of vehicles for security-related, versus safety-related, vulnerabilities is a very big deal and may pave the way for an entirely new approach to…

Jeep Hacked, Manufacturer “Dismayed”

– Dismayed? Is that as much emotion that Fiat Chrysler can muster when informed that their vehicles can be hacked remotely and many of the vehicle-control systems can be taken over by researchers Charlie Miller and Chris Valasek, including those systems that handle steering and braking (okay, right…

FAA, GAO … Please Read My Book!

– … and my articles, columns, etc. about the dangers of connecting information systems to control systems. The GAO (US Government Accountability Office) released an April 2015 report, GAO-15-370, on the cybersecurity of air traffic control and avionics systems, with the title “Air Traffic…

Did Markey Miss the Mark on Vehicle Hacking?

– The staff of Edward J. Markey, U.S. Senator for Massachusetts, issued a report on February 10, 2015, called “Tracking & Hacking: Security & Privacy Gaps Put American Drivers at Risk,” which is available at…

Putting Application Security into Context

– For some time now, I have wondered why InfoSec practitioners are paying so little attention to context with respect to application security and why InfoSec professionals and software safety engineers do not collaborate as much as they should. Then I read a column on the Op Ed page of The New York…