Threat Modeling (TM) is a process for identifying and prioritizing potential cybersecurity threats to software, hardware or a system. Contributing to the high value of TM is:
- The ability to identify threats early…
exida explains Blog
Threat Modeling: How to Succeed at this High Value and High Effort Cybersecurity Activity
FMEA Evolution – Has the essence of FMEA been lost?
Has your FMEA entered the realm of the paperwork exercise that we force ourselves to do for no real reason than someone says we must do it?
I have enjoyed analysis using FMEA. I…
How Does Mission Time Work with Proof Testing to Impact SIL Verification?
I have been asked this question many times by various clients over the years. This comes down to whether a perfect proof test is assumed or not. Let us remember that Mission Time is defined as…
FMEA Mistakes
I find YouTube to be a good source of information on many subjects. Want to know how to fix a widget? There are probably a few videos on that exact subject. Technical subjects are also…
Risky Business: IEC 62443 and Legacy Products
When it comes to developing secure products, the IEC 62443 series of standards provide a lot of guidance and best practices which can be applied while developing the product. This is essentially an approach…
The value of RPN Numbers in a DFMEA
I learned about the Failure Modes and Effects Analysis (FMEA) process for designs some decades ago. I was Supervisor of an Embedded System development group. There seemed to be a lot of evidence that…
Environmental Impact on Failure Rates
Good component failure rate data is a cornerstone of good quality reliability metric analysis. As mentioned in a previous exida whitepaper, one of the shortcomings of reliability databases has been the inability to handle variations…
Why is Memory Management important for Functional Safety?
What is Memory Mapping?
Memory mapping is a technique used in computer systems to manage memory resources safely, it involves creating a virtual address space that corresponds directly to the physical memory or to…
Why do we do probabilistic models to predict risk reduction? Check the box only?
I had an engineer from a European Certification Body ask me why exida would bother paying any attention to these failure rate numbers, especially on mechanical devices? He said that he does not know…
Have we reached peak C?
The C programming language has undoubtably extremely successful. It consistently ranks highly in the various rankings of most popular programming languages however these studies seem to be measured. C is not a language that…
What Does Root Cause Analysis Really Mean?
This is an intriguing question. One that I often ask my classes when I’m teaching our FSE100 Functional Safety course. Very often, they do not know or do not fully understand what this means and…
What is a Pragmatic Approach to Cybersecurity?
Now that we have a little bit of context on what's driving our current cybersecurity landscape. The next question is, “where does this pragmatic approach come in? What is a pragmatic approach? What does the…
Many Different Forces are Influencing ICS Cybersecurity Adoption
When we look at some of the challenges that are facing control systems, we also have to think about what forces are influencing how asset owners adopt cybersecurity. We'll talk about four of those main…
Machine Safety Goals
From a machine safety management perspective, what goals are you looking to establish? Building a company safety culture, building awareness of the hazards, building the "buy in" to do things right and do things…
Forces Influencing Machine Safety Adoption
What is driving machine safety adoption? What are some of the key questions that companies are trying to answer when it comes to machine safety? For industrial facilities, whether it's a chemical plant, or…