Computer Safety, Reliability, and Security
SAFECOMP 2015 Workshops, ASSURE, DECSoS. ISSE, ReSA4CI, and SASSUR, Delft, The Netherlands, September 22, 2015, Proceedings
Published on 9. September 2015
XXXVI, 422 pages
978-3-319-24249-1 (ISBN)
Description
This book constitutes the refereed proceedings of 5 workshops co-located with SAFECOMP 2015, the 34th International Conference on Computer Safety, Reliability, and Security, held in Delft, The Netherlands, in September 2015.
The 36 revised full papers presented were carefully reviewed and selected from numerous submissions. This year's workshop are: ASSURE 2015 - Assurance Cases for Software-intensive Systems; DECSoS'15 - EWICS/ERCIM/ARTEMIS Dependable Cyber-physical Systems and Systems-of-Systems Workshop; ISSE'15 - International workshop on the Integration of Safety and Security Engineering; ReSA4CI 2015 - International Workshop on Reliability and Security Aspects for Critical Infrastructure Protection; SASSUR 2015 - International Workshop on Next Generation of System Assurance Approaches for Safety-Critical Systems.
More details
Series
Edition
1st ed. 2015
Language
English
Place of publication
Cham
Switzerland
Publishing group
Springer International Publishing
Product notice
Reflowable
Illustrations
XXXVI, 422 p. 170 illus. in color.
ISBN-13
978-3-319-24249-1 (9783319242491)
DOI
10.1007/978-3-319-24249-1
Schweitzer Classification
Other editions
Additional editions
Floor Koornneef | Coen van Gulijk
Computer Safety, Reliability, and Security
SAFECOMP 2015 Workshops, ASSURE, DECSoS. ISSE, ReSA4CI, and SASSUR, Delft, The Netherlands, September 22, 2015, Proceedings
Book
09/2015
Springer
€53.49
Shipment within 10-15 days
Content
- Intro
- Preface
- Organizing Committee
- ASSURE 2015
- The 3rd International Workshop on AssuranceCases for Software-Intensive Systems
- DECSoS 2015
- Introduction ERCIM/EWICS/ARTEMISWorkshop on Dependable Embeddedand Cyber-Physical Systemsand Systems-of-Systems at SAFECOMP 2015
- ISSE 2015
- 2nd International Workshop on the Integrationof Safety and Security Engineering
- ReSA4CI 2015
- Introduction to the Safecomp 2015 Workshop:Reliability and Security Aspectsfor Critical Infrastructure Protection
- SASSUR 2015
- 4th InternationalWorkshop on NextGenerationof System Assurance Approachesfor Safety-Critical Systems
- Sponsors
- Conference Partners
- Contents
- Assurance Cases for Software-Intensive Systems (ASSURE 2015)
- Informing Assurance Case Review Through a Formal Interpretation of GSN Core Logic
- 1 Introduction
- 2 Formalization in Assurance Argumentation
- 3 Fundamental GSN Elements and Notions
- 4 Semantics
- 5 Argument Consistency
- 6 Conclusions
- References
- Representing Confidence in Assurance Case Evidence
- 1 Introduction
- 2 Background and Related Work
- 3 Application to Assurance Cases
- 3.1 Node Example
- 3.2 Assurance Example
- 4 Conclusions
- References
- Safe & Sec Case Patterns
- 1 Introduction
- 2 Safe & Sec Process Patterns
- 2.1 Subordinate Process Pattern
- 2.2 Uni-Directional Reference Process Pattern
- 2.3 Interrelated (Independent) Process Pattern
- 2.4 Interrelated (SafSec) Process Pattern
- 3 Safe & Sec Case Patterns
- 3.1 Independent Case Pattern
- 3.2 Subordinate Case Pattern
- 3.3 Uni-Directional Reference Case Pattern
- 3.4 Interrelated (Independent) Case Pattern
- 3.5 Interrelated (SafSec) Case Pattern
- 4 Related Work
- 5 Conclusion
- References
- A Comprehensive Safety Lifecycle
- Abstract
- 1 Introduction
- 2 CLASS Principles
- 3 The CLASS Meta Process
- 3.1 Development Component
- 3.2 Update Component
- 4 The CLASS Instance Process
- 4.1 InstanceCLASS Information Flow
- 4.2 Safety Information Repository
- 5 The CLASS Resource Repository
- 6 The CLASS Analysis Framework
- 7 The CLASS Approval Process
- 8 Conclusion
- Acknowledgments
- References
- An Approach to Assure Dependability Through ArchiMate
- Abstract
- 1 Introduction
- 2 Related Work
- 2.1 Assurance Case
- 2.2 Open Dependability Through Assuredness
- 2.3 Assured ADM
- 2.4 ArchiMate
- 3 Assurance Case Patterns for Architecture
- 3.1 Dependability Argument and ArchiMate
- 3.2 Assurance Case Derivation from ArchiMate Model
- 4 Example Study
- 4.1 Driving Diagnosis Service
- 4.2 BA in ArchiMate
- 5 Discussion
- 5.1 Effectiveness
- 5.2 Applicability
- 5.3 Generality
- 5.4 Limitations
- 6 Conclusion
- Acknowledgment
- References
- Tool Support for Assurance Case Building Blocks
- Abstract
- 1 Introduction
- 2 CAE Building Blocks and the "Helping Hand"
- 2.1 Building Blocks Concept
- 2.2 "Helping Hand" for CAE Building Blocks
- 3 Tool Description
- 3.1 Tool Support for CAE Building Blocks
- 3.2 Integration with ASCE
- 4 Conclusions and Future Directions
- 1 A Appendix Basic Building Blocks for Assurance Casesf
- References
- Safety.Lab: Model-Based Domain Specific Tooling for Safety Argumentation
- 1 Introduction
- 2 Long-Term Vision for Safety Argumentation Tooling
- 2.1 Use of Rich and Domain Specific Models
- 2.2 Integration of System Design and Safety Analysis
- 2.3 Support the Construction of Assurance Cases
- 2.4 Support the Evolution of Assurance Cases
- 3 Safety.Lab
- 4 Related Work
- 5 Conclusion and Future Work
- References
- A Safety Condition Monitoring System
- Abstract
- 1 Introduction
- 2 Monitoring System Design
- 2.1 Event Bus
- 2.2 Monitoring Data Repository
- 2.3 State Predicates
- 2.4 State Recognizers
- 3 Sensors
- 3.1 Sensor Characteristics
- 3.2 Sensors and Unmodifiable Software Systems
- 3.3 An Example of Sensing in a Simulink® Model
- 4 Conclusion
- References
- Error Type Refinement for Assurance of Families of Platform-Based Systems
- 1 Introduction
- 2 Background
- 2.1 AAMI / UL 2800
- 2.2 The Integrated Clinical Environment Architecture
- 2.3 PCA Safety Interlock Scenario
- 2.4 AADL's Error Model's Error Types
- 3 Error Refinement
- 3.1 Supporting 2800 Goals
- 3.2 Refinement by Component Category
- 3.3 Refinement by Component Implementation
- 3.4 Using Error Types in Hazard Analysis and Testing
- 3.5 Allocation of Related Concepts to 2800 Standard Documents
- 4 Conclusion
- References
- EWICS/ERCIM/ARTEMIS Dependable Cyber-physical Systems and Systems-of-Systems Workshop (DECSoS 2015)
- Qualitative and Quantitative Analysis of CFTs Taking Security Causes into Account
- 1 Introduction
- 2 Related Work
- 3 Analysis
- 3.1 Ratings
- 3.2 Calculation Rules for Likelihood and Probability Values in SECFTs
- 3.3 Qualitative Analysis
- 3.4 Quantitative Analysis
- 4 Conclusion
- References
- Sequential Logic for State/Event Fault Trees: A Methodology to Support the Failure Modeling of Cyber Physical Systems
- 1 Introduction
- 2 Related Work
- 3 State/Event Fault Trees
- 4 Sequence Logic of SEFTs
- 5 Evaluation
- 6 Conclusion
- References
- Towards a Framework for Alignment Between Automotive Safety and Security Standards
- 1 Introduction
- 2 Related Work
- 3 ISO 26262
- 4 ISO 15048, Common Criteria
- 5 Comparison and Points for Interaction
- 5.1 Work Products
- 5.2 Assurance Levels
- 5.3 Automotive Domain Specific Concepts
- 6 Conclusion
- References
- Reconfiguration Testing for Cooperating Autonomous Agents
- Abstract
- 1 Introduction
- 2 Processing Stages
- 2.1 Individual Behaviour
- 2.2 Cooperative Behaviour
- 3 On-Line Fault and Anomaly Handling
- 3.1 Fault Detection and Fault Tolerance
- 3.2 Anomaly Detection and Reconfiguration
- 4 Modelling Reconfiguration by Coloured Petri Nets
- 4.1 Multiplicity of Runtime Behaviour
- 4.2 CPN Modelling of Behaviour Allowing for Reconfiguration
- 5 Example
- 5.1 Requirements Concerning Regular Behaviour
- 5.2 Requirements Concerning Reconfiguration
- 5.3 CPN Models for Increasing Levels of Reconfiguration
- 6 Incremental Reconfiguration Testing
- 7 Conclusion
- References
- A Motion Certification Concept to Evaluate Operational Safety and Optimizing Operating Parameters at ...
- Abstract
- 1 Introduction
- 2 Safety Evaluation Requirements for Autonomous Motions
- 3 State of the Art for Safety Evaluation
- 4 A Safety Certified Motion Sequence
- 5 Conclusion
- References
- Approach for Demonstrating Safety for a Collision Avoidance System
- Abstract
- 1 Introduction
- 2 State of the Art
- 2.1 Collision Warning and Avoidance Systems
- 2.2 Safety Validation Strategies for Collision Warning and Avoidance Systems
- 3 Stereo-Vision-Based Collision Warning/Avoidance System
- 4 Approach for Safety Demonstration
- 4.1 Applicable Functional Safety and Security Standards
- 4.2 Under Which Conditions Is the System Safety-Critical?
- 4.3 Tramcar Brake Systems and Their Influence on Passenger Safety
- 4.4 Operation on a COTS Hardware with Safety Requirements
- 4.5 Safety Argumentation for a Software with Inherent False Positives
- 4.6 Safety Validation
- 5 Conclusions and Further Work
- References
- Contract Modeling and Verification with FormalSpecs Verifier Tool-Suite - Application to Ansaldo STS Rapid Transit Metro System Use Case
- Abstract
- 1 Introduction
- 2 Related Work
- 3 Rapid Transit Metro System Use Case
- 4 Formal Specs Verifier (FSV)
- 5 Requirements, Formalization and Analysis
- 5.1 Formalization of the ASTS Requirements
- 5.2 Reduction Rules Analysis
- 6 Conclusion and Future Work
- Acknowledgements
- References
- Towards Verification of Multicore Motor-Drive Controllers in Aerospace
- 1 Introduction
- 2 Problem Definition and Challenges
- 3 Model Based Design for Aerospace Verification
- 4 Verification of Motor-Drive Power Control Applications
- 4.1 Motor-Drive Power Control
- 4.2 Verification Approach
- 5 Conclusions and Look Ahead
- References
- FlexRay Robustness Testing Contributing to Automated Safety Certification
- Abstract
- 1 Motivation
- 1.1 Why Research in Safety Certification Is Indispensable
- 1.2 Outline of the Paper
- 2 The Safety Certification Process
- 3 The BOLDI Demonstrator
- 4 The Tool Framework
- 4.1 BusScope
- 4.2 TCBP
- 4.3 WEFACT
- 5 Test Case Examples
- 5.1 Test Case Definition
- 5.2 Test Case Results
- 6 Conclusions and Future Work
- References
- Towards Perfectly Scalable Real-Time Systems
- Abstract
- 1 Introduction
- 2 Challenges for Next Generation Automotive Test Systems
- 3 Reconfigurable Real-Time Systems
- 4 Architectural Considerations
- 4.1 General
- 4.2 Identify Dependencies to Achieve Scalability
- 5 Modifying Systems in Runtime
- 6 Mapping of Software to Hardware
- 7 Inter-process Communication and Run-Time Dependencies
- 8 Component Development Considerations
- 9 Robustness Considerations
- 10 Parallelized, Mixed Criticality Aware Networking
- 11 Example: Four-Wheel Test Application
- 12 Outlook
- 13 Summary and Conclusion
- References
- Dependable Cyber-Physical Systems with Redundant Consumer Single-Board Linux Computers
- Abstract
- 1 Introduction
- 2 Dependable CSBLCs
- 2.1 Hardware
- 2.2 Software and Development
- 2.3 Concerns Regarding Dependability
- 2.4 Practical Experience with CSBLCs
- 2.5 Dependability of Selected CSBLCs
- 2.6 Security
- 3 Real-Time Performance
- 3.1 Real-Time Addition to Linux
- 3.2 Slave Microcontroller
- 4 Increased Reliability with Redundancy
- 4.1 Computer Redundancy
- 4.2 Resource Redundancy
- 4.3 Common-Cause Failures
- 5 Conclusion
- References
- International workshop on the Integration of Safety and Security Engineering (ISSE 2015)
- A Combined Safety-Hazards and Security-Threat Analysis Method for Automotive Systems
- 1 Introduction
- 2 Related Work
- 3 SAHARA Approach
- 4 Application of the Approach
- 5 Conclusion
- References
- Safety and Security Assessment of Behavioral Properties Using Alloy
- 1 Introduction
- 2 Alloy in a Nutshell
- 3 The Coy Modeling Framework
- 3.1 Composite Structure
- 3.2 Behavior
- 4 Fire Detection Example
- 4.1 Presentation of the System
- 4.2 Coy Model
- 4.3 Properties Verification
- 5 Conclusion and Future Work
- References
- Combining MILS with Contract-Based Design for Safety and Security Requirements
- 1 Introduction
- 2 Overview of D-MILS
- 3 Architecture-Driven Integration of the MILS Approach and Contract-Based Design
- 3.1 Tool Support for Contract-Based Reasoning
- 4 Starlight Example
- 4.1 Architecture
- 4.2 System Contract
- 4.3 Component Contracts
- 4.4 Analysis Results
- 5 Related Work
- 6 Conclusions
- References
- Security Analysis of Urban Railway Systems: The Need for a Cyber-Physical Perspective
- 1 Introduction
- 2 Railway Security Risks and Implications
- 2.1 Scenario 1: Risks in CBTC Systems
- 2.2 Scenario 2: Risks in Mobile Transit Information Apps
- 3 Applying Existing Security Analysis Approaches
- 3.1 Analysis of Scenario 1 with FMVEA Method
- 3.2 Analysis of Scenario 2 with Attack Tree Method
- 4 Moving Forward
- 5 Conclusion
- References
- Sequential and Parallel Attack Tree Modelling
- 1 Introduction
- 2 Attack Trees
- 3 Case Studies
- 4 Conclusion
- References
- International Workshop on Reliability and Security Aspects for Critical Infrastructure Protection (ReSA4CI 2015)
- Analysis of Companies Gaps in the Application of Standards for Safety-Critical Software
- Abstract
- 1 Introduction
- 2 Framework for Gap Analysis
- 3 Dataset Structure and Population
- 4 Metrics for Gap Analysis
- 4.1 Qualitative Analysis
- 4.2 Quantitative Analysis
- 4.3 Driving Conclusions
- 5 Case Study: Gap Analysis for DO-178B
- 6 Concluding Remarks
- References
- Simulative Evaluation of Security Attacks in Networked Critical Infrastructures
- 1 Introduction
- 2 Related Work
- 3 SEA++: Simulative Evalution of Attacks
- 3.1 The Attack Specification Language
- 3.2 The Attack Simulator
- 3.3 Prototype Implementation for INET
- 4 Case Study: A Traffic Light System
- 4.1 Attack Impact and Ranking
- 5 Conclusions
- References
- Optimization of Reconfiguration Mechanisms in Critical Infrastructures
- Abstract
- 1 Introduction
- 2 Proposed Solution
- 2.1 Structure and Workflow of the Integrated Analysis Tool
- 2.2 The Model Definition Language
- 3 Case Study
- 3.1 The SCADA System Model and the Control Process
- 3.2 The Infrastructure and the Process Model
- 3.3 The Alloy Model
- 3.4 The PNS Model
- 3.5 Results
- 4 Conclusion and Further Work
- References
- How to Use Mobile Communication in Critical Infrastructures: A Dependability Analysis
- 1 Introduction
- 2 System Description
- 2.1 Challenges
- 3 Usage Alternatives
- 4 Unavailability
- 4.1 Quantification of Asingle and ADMR
- 4.2 Quantification of Astandby
- 4.3 Discussion
- 5 Improving Availability with Batteries
- 5.1 Discussion
- 6 Conclusion
- References
- Using Structured Assurance Case Approach to Analyse Security and Reliability of Critical Infrastructures
- Abstract
- 1 Introduction
- 2 Overview of the Approaches
- 2.1 Structured Assurance Cases
- 2.2 Preliminary Interdependency Analysis Method and Tool
- 3 Case Study
- 4 Analysis of the Case Study
- 4.1 Establishing the Environment
- 4.2 Substitution of a Model for the Real System
- 4.3 Analysis of Critical Properties
- 5 Findings and Discussions
- 6 Conclusions and Next Steps
- References
- International Workshop on Next Generation of System Assurance Approaches for Safety-Critical Systems (SASSUR-2015)
- Multidirectional Modular Conditional Safety Certificates
- Abstract
- 1 Introduction
- 2 Related Research
- 3 Use Case Description
- 4 Vertical and Horizontal Dependencies
- 4.1 Vertical Safety Dependencies
- 4.2 Horizontal Safety Dependencies
- 5 Multidirectional Modular Conditional Certificates
- 6 Applying the M2C2 Framework to the Use Case
- 7 Conclusions
- References
- Approaches for Software Verification of An Emergency Recovery System for Micro Air Vehicles
- 1 Introduction
- 2 Related Work
- 3 Challenges
- 4 Proposed Emergency Recovery System for MAVs
- 4.1 Internal Structure
- 5 System Level Failure Analysis
- 6 Software Verification
- 6.1 Verification Workflow
- 6.2 Missing Architectural Information
- 6.3 Preprocessing Against State-Space Explosion
- 6.4 Keeping Assumptions Sound
- 6.5 Verification Results
- 7 Conclusion
- References
- The Role of CM in Agile Development of Safety-Critical Software
- Abstract
- 1 Introduction
- 2 Related Works
- 3 Agile Development and SafeScrum
- 4 CM in Two Standards
- 4.1 CM in IEC 61508
- 4.2 CM in EN 50128
- 4.3 Prescriptive vs. Goal Based Standards
- 5 The SafeScrum Approach to CM
- 5.1 Some General Considerations
- 5.2 Regression Testing
- 5.3 SafeScrum CM in IEC 61508 and EN 50128
- 5.4 Threats to Validity
- 6 Summary and Conclusions
- References
- Is Current Incremental Safety Assurance Sound?
- 1 Introduction
- 2 Incremental Safety Assurance
- 3 The Pitfalls of Incremental Safety Assurance
- 3.1 Compositionality of Safety Artifacts
- 3.2 Localization of Safety Assurance Efforts
- 4 Substantiating Our Claims
- 4.1 Automotive Domain: The Ignition Switch Case
- 4.2 Medical Domain: The All-Metal Hip Implant Case
- 5 Discussion
- 6 Related Work
- 7 Some Final Remarks
- 8 Conclusions and Next Steps
- References
- Dependability Arguments Supported by Fuzz-Testing
- Abstract
- 1 Introduction
- 2 Testing Systems of Systems
- 3 Fuzz-Testing
- 4 System Testing and Optimization
- 5 Dependability Arguments
- 6 Evaluation
- 7 Conclusion
- References
- Author Index
