Why We Cannot (Yet) Ensure the Cybersecurity of Safety-Critical Systems

There is a growing threat to the cyber-security of safety-critical systems. The introduction of Commercial Off The Shelf (COTS) software, including Linux, specialist VOIP applications and Satellite Based Augmentation Systems across the aviation, maritime, rail and power-generation infrastructures has created common, vulnerabilities. In consequence, more people now possess the technical skills required to identify and exploit vulnerabilities in safety-critical systems. Arguably for the first time there is the potential for cross-modal attacks leading to future ‘cyber storms’. This situation is compounded by the failure of public-private partnerships to establish the cyber-security of safety critical applications. The fiscal crisis has prevented governments from attracting and retaining competent regulators at the intersection of safety and cyber-security. In particular, we argue that superficial similarities between safety and security have led to security policies that cannot be implemented in safety-critical systems. Existing office-based security standards, such as the ISO27k series, cannot easily be integrated with standards such as IEC61508 or ISO26262. Hybrid standards such as IEC 62443 lack credible validation. There is an urgent need to move beyond high-level policies and address the more detailed engineering challenges that threaten the cyber-security of safety-critical systems. In particular, we consider the ways in which cyber-security concerns undermine traditional forms of safety engineering, for example by invalidating conventional forms of risk assessment. We also summarise the ways in which safety concerns frustrate the deployment of conventional mechanisms for cyber-security, including intrusion detection systems

Foreword: The Perpetual Controversy

[Excerpt] “Two qualities of American capital punishment perhaps explain its ability to command the attention of the Court, year by year, decade after decade. First, an exceptionally talented and dedicated specialist capital defense bar continually mounts new challenges to the institution of the death penalty. This year, for example, we await a decision from the Supreme Court on the claim that the lethal injection method of execution violates the cruel and unusual punishments clause of the Constitution. Never before has the Supreme Court confronted this claim; indeed, not for more than a hundred years has the Supreme Court addressed a claim that a method of execution violates the Constitution.

Evaluating the adaptive capacity of cultural landscapes to climate change: Incorporating site-specific knowledge in National Park Service vulnerability assessments

Cultural landscapes are complex systems of natural and cultural resources that are affected by changes in climatic and non-climatic factors. The National Park Service, Pacific West Region, has developed a vulnerability assessment (VA) model for identifying, evaluating, and responding to the effects of climate change to cultural landscapes by utilizing peer-reviewed data and local knowledge to inform management strategies that can reduce the vulnerability of cultural landscapes to deterioration and loss. Key to developing site-specific adaption plans is a VA based on analysis of the significance, exposure, and sensitivity of landscape characteristics and features, and identification of the management capacity to reduce the sensitivity of the cultural landscape to change. The resulting assessment compares the level of projected vulnerability of the landscape as a whole and of each characteristic or feature under evaluation, and the identification of methods for minimizing the sensitivity of the cultural landscape to climate change. This paper provides an overview of the VA model through case studies from the state of Washington, the territory of Guam, and Tinian, commonwealth of the Northern Marianas Islands

Tax reform in the UK and changes in the progressivity of the tax system, 1985-95

From the middle of the 1980s until the end of that decade, the government experienced a growing economy and consequently buoyant tax revenues. In addition to cutting the public sector borrowing requirement (PSBR) and increasing spending, these revenues were used as a means of financing massive tax cuts, and in particular cuts in income tax rates. By the early 1990s, however,it had become clear that tax revenues had been cut to an unsustainably low level as recession led to a PSBR that threatened to run out of control. In response to this, in the two Budgets of 1993 the two Chancellors introduced a package of tax increases which, in terms of revenue raised, will reverse most of the tax reductions of the late 1980s. But taxes were increased in a way very different from that in which they were reduced. The overall effect has been a substantial reform of the UK tax system. This paper examines the changes that have been made in the tax system as they affect the personal sector, i.e. changes to taxes on personal income, on personal property and on expenditure. We start the analysis with the 1985 tax system as the base, for it was in 1986 that the first cut in income tax rates was introduced and the trend for significant tax cuts was set. And it was from this date that taxation as a proportion of GDP started to fall steadily until the end of the 1980s. We end the analysis with the tax system as it would have been left at the end of 1995 by the tax changes announced in the 1993 Budgets. A decade of contrasting tax changes are examined.