OLeveson-215 Barriers LOCKOUTS Make access to dangerous state difficult or impossible Implications for software Avoiding EMI Authority limiting Controlling access to and modification of critical variables Can adapt some security techniques a LOCKIN Make it difficult or impossible to leave a safe state Need to protect software against environmental conditions e.g., operator errors data arriving in wrong order or at unexpected speed Completeness criteria ensure specified behavior robust against mistaken environmental conditionsc ��������������������� ���������� Barriers LOCKOUTS Make access to dangerous state difficult or impossible. Implications for software: Avoiding EMI Authority limiting Controlling access to and modification of critical variables Can adapt some security techniques c ��������������������� ���������� LOCKIN Make it difficult or impossible to leave a safe state. Need to protect software against environmental conditions. e.g., operator errors data arriving in wrong order or at unexpected speed Completeness criteria ensure specified behavior robust against mistaken environmental conditions