Archives For Collingridge’s dilemma

20140122-072236.jpg

The GAO has released its latest audit report on the FAA’s NextGen Air Traffic Management system. The reports updates the original GAO’s report and when read in conjunction with the original gives an excellent insight into how difficult cybersecurity can be across a national infrastructure program, like really, really difficult. At least they’re not trying to integrate military and civilian airspaces at the same time 🙂

My analogy is that on the cyber security front we’re effectively asking the FAA to hold a boulder over its head for the next five years or so without dropping it. And if security isn’t built into the DNA of NextGen?  Well I leave it you dear reader to ponder the implications  of that, in this ever more connected world of ours.

Linguistic security, and the second great crisis of computing

The components that make up distributed systems fundamentally need to talk to each other order to achieve coordinated behaviour. This introduces the need for components to have a common set of expectation of behaviour, including recognising the difference between valid and invalid messages. And fairly obviously this has safety and security implications. Enter the study of linguistic security to address the vulnerabilities introduced by the to date unrecognised expressive power of the languages we communicate with.

Continue Reading…