November 2019

Post thumbnail

[Update: The goat survived, for the third year in a row!] For 51 years, the gallant people of Gavle, Sweden, have been putting up a straw goat, and arsonists have been burning it. Apparently, they didn’t have Twitter back then, and needed alternate ways to get into flame wars. Previously: Gavle Goat at Shostack &…

Read More The Gavle Goat is up

Post thumbnail

I was not aware that the ITU had formalized swim lane diagrams into Message Sequence Charts. While you don’t need to use these formalizations, the choices they made, and the comparisons to UML’s diagrams can be interesting, especially if there are tricky corners where you’re having trouble modeling some flow. For example, “They work particularly…

Read More Message Sequence Charts

Recently, I’ve seen four cybersecurity approaches for medical devices, and we can learn by juxtaposing them. The Principles and Practices for Medical Device Cybersecurity is a process-centered and comprehensive document from the International Medical Device Regulators Forum. It covers pre- and post- market considerations, as well as information sharing and coordinated vuln disclosure. It’s important…

Read More Medical Device Security Standards