Nuclear powered software security

Christopher Riley (30.Sep.2017 at 12:00, 50 min)
Talk at PHP North West 2017 (English - UK)

Rating: 5 of 5

It seems to be almost a weekly occurrence that another company makes the news headlines for being hacked and in the process disclosing sensitive user data and company secrets. These security meltdowns can cause catastrophic effects to the company in lost user trust and huge costs putting things right. A nuclear power plant is considered one of the most dangerous things mankind has built, yet they very rarely go wrong. The systems engineering that goes into making nuclear power plants safe is a fascinating topic to study but on the surface it seems entirely irrelevant to PHP developers. In this talk I'm going to show you how this level of safety is achieved, what happens when it goes wrong and then see what lessons we, as PHP developers, can learn from it to help us secure our applications from meltdown.

Who are you?

Claim talk

Talk claims have been moved to the new Joind.in site.

Please login to the new site to claim your talk

Want to comment on this talk? Log in or create a new account or comment anonymously

Write a comment

 
Please note: you are not logged in and will be posting anonymously!
= three plus four

Comments

Rating: 5 of 5

30.Sep.2017 at 13:46 by Kat Zien (8 comments) via Web2 LIVE

Brilliant and enjoyable talk. Informative, and the advice given was easy to understand and clear examples were given.
Loved the analogy to the real world high-risk systems like nuclear power plants and aeroplanes, was awesome to hear more about how those systems are designed and operated and interesting to hear the failure stories too! The occasional jokes were great too (I won't be mindlessly clicking on alerts from now on haha).

The talk was well structured and Chris was well prepared. Kudos for staying completely calm despite losing the slides for a while!

Rating: 5 of 5

30.Sep.2017 at 18:56 by Obinna Johnphill (7 comments) via Web2 LIVE

Handled slight technical difficulties very well, and delivered a great speech.

Rating: 5 of 5

30.Sep.2017 at 23:03 by Adam Campbell-Smith (7 comments) via Web2 LIVE

A well structured talk with some good humour thrown in. The use of real world examples really helped to cement the concepts.

Rating: 5 of 5

01.Oct.2017 at 14:03 by Daniel Powley (3 comments) via Web2 LIVE

Very pleased I attended this, I plan to do an exercise with fault tree analysis in the near future. Lots of other good advice provided too.

Rating: 4 of 5

01.Oct.2017 at 16:03 by Claire Gurman (6 comments) via Web2 LIVE

Slightly ironic technology failure during the talk, but well handled and good real-world comparisons made to illustrate points.

Rating: 5 of 5

01.Oct.2017 at 21:29 by Ben Plummer (44 comments) via Web2 LIVE

Great talk that was clearly and confidently delivered. The different methods of analysis to display risks and highlight areas that can be mitigated was very interesting, amongst other things. A lot of useful points taken away from this talk.

Rating: 4 of 5

02.Oct.2017 at 09:21 by M1ke (12 comments) via Web2 LIVE

An essential concept to learn about and a good example to use to teach security. The fault tree analysis was well mapped up to active web development; I thought the aircraft example worked well but would have been interesting to hear more examples of how independent systems could protect PHP security. Additionally, an extension of security from hackers is security from internal actors - I'd love to learn how nuclear power stations protect against that and if there's more we could learn!

Rating: 4 of 5

02.Oct.2017 at 09:36 by Patrick Asare (28 comments) via Web2 LIVE

A great talk. I found the fault tree analysis approach to security very insightful. Enjoyed all the analogies and examples.

Rating: 5 of 5

02.Oct.2017 at 09:46 by Thomas Dutrion (14 comments) via Web2 LIVE

Very interesting parallel between security in the industry and software security. I liked the idea of giving a security talks that's not about tools, checklists and processes, especially given the conference offered a few other options for these.

Rating: 5 of 5

02.Oct.2017 at 20:15 by Dave Liddament (35 comments) via Web2 LIVE

Interesting to learn about nuclear meltdowns how the how analysis to mitigate the risks and reduce the impact of such disasters can be applied to software.

I'm also impressed that despite requiring a full computer reboot the talk went on smoothly.

Rating: 5 of 5

02.Oct.2017 at 20:26 by Martin Price (7 comments) via Web2 LIVE

Great talk, I went in wondering whether the "Nuclear powered" aspect of the title would be a tenuous link to whatever computer security approaches were going to be discussed; however, I was pleasantly reassured by very coherent examples of security techniques used in the nuclear and aeronautical industries and how they can relate to software development.

Rating: 4 of 5

03.Oct.2017 at 12:20 by Ronald D. (31 comments) via Web2 LIVE

Good talk!

© Joind.in 2017