If you would like to know more about ASRG, watch our brief introduction at https://youtu.be/SYbv_B45PCI, visit our web page at https//www.asrg.io or contact us directly.

This time we have the pleasure of hosting Bogdan Gradinaru (Head of Cybersecurity at clockworkX GmbH). During this presentation we will discuss security and safety levels. Thea is needed for two reasons: they are not binary attributes, where a system can be secure or insecure, or secure and non-secure, and also because of increased product complexity and associated costs, which require different levels of engineering. effort

PRESENTATION:
/"Security integrity versus cybersecurity assurance levels/" Security and safety levels are necessary for two reasons: they are not binary characteristics, where a system can be secure or unsafe, or secure and non-secure, and also because of the increased product offering The complexity and the costs involved require varying levels of engineering effort. From cross-sector SILs (Safety Integrity Levels) to Automotive SILs (ASILs), through military DALs (Development Assurance Levels), the integrity/assurance levels reflect different degrees of control to be applied during all phases of development and is intended as a tool, as a convention, to refer to the same minimum set of technical practices among different stakeholders, within the same sector. However, in the field of functional safety, they can be linked to a risk relatively easily. Cyber ​​security risk is more difficult to estimate because it is more unpredictable. To address this issue, the recently published ISO 21434 provides recommendations for a classification scheme, similar to ASILs, based on “Cybersecurity Assurance Levels”. Methods are recommended in the same way as in ISO 26262, without addressing post-production phases or referring to any specific technical security recommendations or different types of security strengths.

ABOUT THE PRESENTER:
Bogdan Gradinaru: Bogdan studied electronics in Iasi, Romania and has more than 14 years of experience in embedded systems programming. For seven years he has been an expert in the field of functional safety, mainly in the automotive industry, but also for the railway and machinery industries, where he dealt with a wide range of aspects, such as assessments, audits, coaching and training , but also management and engineering advice. clockworkX GmbH is a small start-up with about 10 employees, focused on 2 areas of activity: safe/secure systems and predictive/reliable operations. Its main areas of activity are customer consulting, mainly in the automotive sector, but also in the rail, medical and renewable energy industries, and tool-assisted predictive maintenance. At clockworkX, Bodgan is Head of Cybersecurity and primarily advises clients on projects related to risk assessments, TARA and cybersecurity management. His personal interests consist of journalistic and socio-political lectures, which also determined his passion to organize training and discussion sessions, share ideas and teach other people.

Please take the opportunity to connect and share this video with your friends and family if you find it helpful.