Please log in using either your email address or your membership number.
Please register with your name, email address, password and email preferences. You will be sent an email to verify the address.
Please enter the email address used for your account. A temporary password will be emailed to you.
The SCSC publishes a range of documents:
The club publishes its newsletter Safety Systems three times a year in February, June and October. The newsletter is distributed to paid-up members and can be made available in electronic form for inclusion on corporate members' intranet sites.
The proceedings of the annual symposium, held each February since 1993, are published in book form. Since 2013 copies can be purchased from Amazon.
The club publishes the Safety-critical Systems eJournal (ISSN 2754-1118) containing high-quality, peer-reviewed articles on the subject of systems safety.
If you are interested in being an author or a reviewer please see the Call for Papers.
All publications are available to download free by current SCSC members (please log in first), recent books are available as 'print on demand' from Amazon at reasonable cost.
Systems and Covid-19 contains papers presented at the 29th annual Safety-Critical Systems Symposium, held as an online virtual conference, in February 2021.
The Symposium is for engineers, managers and academics in the field of system safety, across all industry sectors,so the papers making up this volume offer wide coverage of current safety topics and a blend of academic research and industrial experience. They include both recent developments in the field and discussion of open issues and questions.
The topics covered in this volume include: Systems related to Covid-19, Internet of Things (IoT), Embedded Systems, Future Assurance, Software, Security Informed Safety and Human Factors and Safety Culture.
Contents
In 2019, Wind River was notified by security researchers of identified vulnerabilities in the IPnet networking stack which is used in various real-time operating systems (RTOS), including specific versions of VxWorks, the world’s most widely used RTOS. These vulnerabilities, dubbed “Urgent/11”, could potentially impact certain configurations of connected devices which used IP net-working, although at that time (nor at any time since) was there any indication of the discovered vulnerabilities having ever been exploited in the wild. In this paper, we will present Wind River’s security response, including the timeline of events, analysis of vulnerabilities and issuance of patches to help device makers mitigate potential risks to deployed systems, and lessons learnt. The importance of a coordinated Responsible Disclosure will also be presented, along with the communication approach Wind River used for internal communications and externally with its customers.