These videos support the material in Chapters 13 and 14 in the 10th edition of Software Engineering. Videos marked with (*) have been specially made by the author to support the book. Others have been vetted as relevant to the book and of reasonable quality. Slides to accompany specially made videos can be downloaded from slideshare.
System security (*)
This video explains what system security is and its relationship with other dependability attributes.
This video explains why technical approaches are not enough to deal with the problems of cybersecurity and why it is essential to view cybersecurity as a sociotechnical issue.
A Google video that discusses important software security knowledge. Made in 2007, the principles are still relevant but the 2nd part of the video that discusses where to learn about security is a bit out of date. Best to stop watching around 22 minutes.
A good introduction to software security testing. Quite long.
This video explains what is meant by ‘cybersecurity’ and discusses why this has become a serious problem for society.
This video discusses the difficulties of estimating the costs of breaches of cybersecurity and explains why cybersecurity has become such a major problem .
This video discusses some of the steps that individuals and organisations should take to improve their cybersecurity and illustrates how to construct relatively secure passwords.
Cyber attacks (*)
This video describes 5 different types of cyber attacks that can occur. Part of the series of videos on cybersecurity.
A good talk that introduces the idea of resilience from a safety rather than a security perspective. But everything he says about maintaining safety is equally valid for system security.
A really nice short introduction to what hardware/software resilience means.
A webinar aimed at management that discusses some of the problems of cybersecurity and which gives a high level view of cyber-resilience issues.
Reason’s Swiss Cheese Model of Accidents illustrated with real slices of Swiss Cheese.
This video describes a cyber attack on a critical infrastructure (sewage system) in Australia.
This video discusses a cyberwarfare case study – the Stuxnet worm which was used to attack Iran’s uranium processing facilities.
Critical national infrastructure
The following videos are not directly related to material in the book but provide background on critical national infrastructure and a technology that is widely used in industrial control systems. Both the Maroochy water breach and the Stuxnet worm cyberattacks made use of vulnerabilities in this technology.
The videos on critical national infrastructure explains why this means, why it is important and why infrastructure dependability and resilience is essential to maintain the services that our societies require. I introduce SCADA technology – Supervisory Control and Data Acquisition – which is the basic control technology used in a wide range of industrial control systems.
SCADA security (*)