Transcript Managing Change in a Changing World Jim Watson Division

Software Integrity and Cyber Security
Jim Watson
Division President & COO, Americas Division Management
New York, NY
October 28, 2015
NAMEPA: Managing Change in a Changing World
Software Integrity
2
Software Repair Costs Over Asset Lifecycle

Cost of poor quality – repairs to defects in software increase exponentially
through the vessel life cycle

Industry standard – 5 bugs per every thousand lines of code
at a cost of about $5 for every line

Major Korean shipyard estimates that each error costs an
average of $3,000 to find and fix

On average, 30% of errors on drilling units are interface
issues, requirements errors or software defects
Reduce costs by preventing or
repairing software defects early in the
development process
3
Software & Control System Complexity
4
Software Quality Engineering Services

Supporting Software Quality initiatives globally, our uniquely qualified
software engineers and project managers help train, prepare and guide
your team through the ISQM process in order to facilitate efficient and
successful conformity to the notation with ABS

What we do

Documentation and process review and recommendations

Factory acceptance and commissioning witnessing

Failure Modes, Effects and Criticality Analysis (FMEA/FMECA) support
(facilitation, subject matter expert, scribe)

Implementation review and consulting on notation related processes
– Gap Analysis
– Remediation Plan

Train on the notation concepts, processes and success factors

Certified project management training
5
Software & Control System Integrity
Newbuild
Concept
Requirements /
Design
Existing Asset
Construction
V&V / Transition
Operations /
Maintenance
Upgrade / Retrofit
Asset Buy / Sell
Decommissioning
Software Quality Engineering – ISQM Services, FAT/FMECA Expert and/or Facilitator, Training, Project Mgt.
Software Verification and Validation, 3rd Party Witness – HIL, SIL, Field Verification,
Project Mgt., Incident Investigation, Troubleshooting, Root Cause Analysis
Cybersecurity – Assessments, Backup/Restore, Incident Investigation, Disaster Recovery, Data Destruction
Control System Expertise
•
•
•
•
•
Drilling Control System
Dynamic Positioning
BOP Software control
Power Management
Vessel Management
6
Cybersecurity & Software Integrity


Cybersecurity Relationship with Software Integrity

Software integrity includes management of FUNCTIONAL ASSURANCE, with a direct
relationship to safety – both human and system

Risk assessment process from ISQM indicates critical components and failure modes

Information technology (IT)
and operational technology
(OT) both depend on
assurance in software,
from build process through
operational monitoring
Cybersecurity Dependencies
on Software Determine
System Reliability, Availability,
Maintainability

Resilience against attack or
failure requires both technical
testing and risk assessment
Source: http://control.ee.ethz.ch/~viking/
7
Cyber-Physical Incident: What It Can Mean
Health Monitoring
Systems
- Telemetry
- Metered drug
administration
- Alerts & warnings
Cyber-Physical
systems provide
data for environment
and advanced
warning
Health
Management
Systems
- Real-time
records
- History &
lessons
learned
Health
Information
Systems
- Dispatch
- Tracking
- Billing
Illustration source: http://128.143.136.29/~stankovic/cps.ht1.jpg
8
Maritime Cyber-Physical Environment
Source: http://www.shippipedia.com/wp-content/uploads/2010/10/monitoring-and-control-system-2.png
9
www.eagle.org