Skip to content

Instantly share code, notes, and snippets.

@dannycastonguay
Last active October 6, 2019 20:02
Show Gist options
  • Save dannycastonguay/93f593dd98d2df751a7092e9dde7cd4c to your computer and use it in GitHub Desktop.
Save dannycastonguay/93f593dd98d2df751a7092e9dde7cd4c to your computer and use it in GitHub Desktop.
Element SUBSAFE CYBERSAFE
Purpose Watertight integrity, recoverability, and safety (weapon, fire, and nuclear) Data integrity, privacy and security (tamper-free ability to recover from disruptions or misdirections).
Design requirements Clean, concise and non-negotiable requirements Same with the addition of Privilege Separation both at software and at process level, as well as the Principle of Least Priviledge at the individual level.
Audit Multiple structured audits that hold personnel accountable at all levels for safety Same.
Training Annual mandatory training for everyone with a strong emphasis on emotional lessons from past failures Same.
Material and fabrication Controls and documentation in place to ensure correct material: receipt, inspection, storage, handling, installation. Use of version control (e.g., git) not just for writing code but also for every piece of documentation and should be trackable and linked; application of robust and well-documented libraries within the stack and code reviews.
Testing Involves a formal checklist to collect specific documentation and information, successful sea trials, and a secondary review before unrestricted operations On top of penetration testing and security patches, application of DevOps and test-driven dev’t to every activity within the organization rendering tasks effortless and automated.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment