Public Safety Impact
Public Safety Impact v2.0.1
A coarse-grained representation of impact to public safety.
| Value | Definition |
|---|---|
| Minimal | Safety Impact:Negligible |
| Significant | Safety Impact:(Marginal OR Critical OR Catastrophic) |
Public Safety Impact v2.0.1 JSON Example
{
"name": "Public Safety Impact",
"description": "A coarse-grained representation of impact to public safety.",
"namespace": "ssvc",
"version": "2.0.1",
"schemaVersion": "1-0-1",
"key": "PSI",
"values": [
{
"key": "M",
"name": "Minimal",
"description": "Safety Impact:Negligible"
},
{
"key": "S",
"name": "Significant",
"description": "Safety Impact:(Marginal OR Critical OR Catastrophic)"
}
]
}
CVSS:Safety vs SSVC:Public Safety Impact vs SSVC:Safety Impact
The CVSS Safety vector element is semantically interchangeable with the SSVC Public Safety Impact decision point. The main difference is that the CVSS Safety vector element accomodates an explicit Not Defined value, whereas the SSVC Public Safety Impact does not.
The SSVC Safety Impact decision point provides a higher-resolution view of the safety impact. The SSVC Public Safety Impact and CVSS Safety decision points are lower-resolution views of the safety impact.
This is a compound decision point, therefore it is a notational convenience.
Suppliers necessarily have a rather coarse-grained perspective on the broadly defined Safety Impact Decision Point. Therefore we simplify the above into a binary categorization:
- Significant is when any impact meets the criteria for an impact of Marginal, Critical, or Catastrophic in the Safety Impact table.
- Minimal is when none do.
Prior Versions
Public Well-Being Impact v1.0.0
A coarse-grained representation of impact to public well-being.
| Value | Definition |
|---|---|
| Minimal | The effect is below the threshold for all aspects described in material. |
| Material | Any one or more of these conditions hold. Physical harm: Does one or more of the following: (a) Causes physical distress or injury to system users. (b) Introduces occupational safety hazards. (c) Reduces and/or results in failure of cyber-physical system safety margins. Environment: Major externalities (property damage, environmental damage, etc.) are imposed on other parties. Financial: Financial losses likely lead to bankruptcy of multiple persons. Psychological: Widespread emotional or psychological harm, sufficient to necessitate counseling or therapy, impact populations of people. |
| Irreversible | Any one or more of these conditions hold. Physical harm: One or both of the following are true: (a) Multiple fatalities are likely.(b) The cyber-physical system, of which the vulnerable componen is a part, is likely lost or destroyed. Environment: Extreme or serious externalities (immediate public health threat, environmental damage leading to small ecosystem collapse, etc.) are imposed on other parties. Financial: Social systems (elections, financial grid, etc.) supported by the software are destabilized and potentially collapse. Psychological: N/A |
Public Well-Being Impact v1.0.0 JSON Example
{
"name": "Public Well-Being Impact",
"description": "A coarse-grained representation of impact to public well-being.",
"namespace": "ssvc",
"version": "1.0.0",
"schemaVersion": "1-0-1",
"key": "PWI",
"values": [
{
"key": "M",
"name": "Minimal",
"description": "The effect is below the threshold for all aspects described in material. "
},
{
"key": "M",
"name": "Material",
"description": "Any one or more of these conditions hold. Physical harm: Does one or more of the following: (a) Causes physical distress or injury to system users. (b) Introduces occupational safety hazards. (c) Reduces and/or results in failure of cyber-physical system safety margins. Environment: Major externalities (property damage, environmental damage, etc.) are imposed on other parties. Financial: Financial losses likely lead to bankruptcy of multiple persons. Psychological: Widespread emotional or psychological harm, sufficient to necessitate counseling or therapy, impact populations of people. "
},
{
"key": "I",
"name": "Irreversible",
"description": "Any one or more of these conditions hold. Physical harm: One or both of the following are true: (a) Multiple fatalities are likely.(b) The cyber-physical system, of which the vulnerable componen is a part, is likely lost or destroyed. Environment: Extreme or serious externalities (immediate public health threat, environmental damage leading to small ecosystem collapse, etc.) are imposed on other parties. Financial: Social systems (elections, financial grid, etc.) supported by the software are destabilized and potentially collapse. Psychological: N/A "
}
]
}
Public Safety Impact v2.0.0
A coarse-grained representation of impact to public safety.
| Value | Definition |
|---|---|
| Minimal | Safety Impact:(None OR Minor) |
| Significant | Safety Impact:(Major OR Hazardous OR Catastrophic) |
Public Safety Impact v2.0.0 JSON Example
{
"name": "Public Safety Impact",
"description": "A coarse-grained representation of impact to public safety.",
"namespace": "ssvc",
"version": "2.0.0",
"schemaVersion": "1-0-1",
"key": "PSI",
"values": [
{
"key": "M",
"name": "Minimal",
"description": "Safety Impact:(None OR Minor)"
},
{
"key": "S",
"name": "Significant",
"description": "Safety Impact:(Major OR Hazardous OR Catastrophic)"
}
]
}