article thumbnail

Safety and Security in Automated Driving

Adam Shostack

Safety First For Automated Driving " is a big, over-arching whitepaper from a dozen automotive manufacturers and suppliers. I also like Figure 27 & 28 (shown), showing risks associated with a generic architecture. Lets explore the risks associated with Automated Driving.

Risk 189
article thumbnail

Hoarding, Debt and Threat Modeling

Adam Shostack

This is why I included interpersonal factors in the Jenga whitepaper.) On the other side is a whiteboard with a software architecture diagram We all have too many tasks, and those where you cant imagine success, or where success seems not worth the price, are ones we want to skip.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Taming the Wild West of ML: Practical Model Signing with Sigstore

Google Security

This could range from just a slight alteration of the model weights that control model behavior, to injecting architectural backdoors completely new model behaviors and capabilities that could be triggered only on specific inputs.

Risk 90
article thumbnail

WHITEPAPER: Authentication Does Not Equal Zero Trust

Security Boulevard

Many vendor claims are unclear as to what they’re promising in this space, but they are quite insistent that without Zero Trust network architectures, organizations are at great risk for data breaches and other network sabotage. The post WHITEPAPER: Authentication Does Not Equal Zero Trust appeared first on Security Boulevard.

article thumbnail

Safety and Security in Automated Driving

Adam Shostack

“ Safety First For Automated Driving ” is a big, over-arching whitepaper from a dozen automotive manufacturers and suppliers. I also like Figure 27 & 28 (shown), showing risks associated with a generic architecture.

Risk 140
article thumbnail

MITRE ATT&CK: The Magic of Application Mitigations

Cisco Security

Today’s application architectures support fast, continuous innovation. Back end architectures use small, independent code modules called microservices. Clearly today’s application architectures use a lot of components, making them more complex, but the benefits run deep. They were simpler, sure, but so are horse-drawn carriages.

article thumbnail

A Spectre proof-of-concept for a Spectre-proof web

Google Security

We've confirmed that this proof-of-concept, or its variants, function across a variety of operating systems, processor architectures, and hardware generations. In 2019, the team responsible for V8, Chrome’s JavaScript engine, published a blog post and whitepaper concluding that such attacks can’t be reliably mitigated at the software level.