WoSoCER Program

Workshop on Software Certification (WoSoCER)

Monday, October 23, 2017

Session 1. Challenges in Safety and Security Certification

            • Keynote Talk: Co-engineering for Safety and Security-- Peter Popov
            • Challenges in Certification of Autonomous Driving Systems -- Fabio Falcini, Giuseppe Lami

Session 2. Special Theme: Certification of autonomous and ML/AI (Machine Learning and Artificial Intelligence) Systems

            • Observation Based Creation of Minimal Test-Suites for Autonomous Vehicles -- Christian Wolschke, Dieter Rombach, Peter Liggesmeyer, Thomas Kuhn
            • Establishing Verification and Validation Objectives for Safety-Critical Bayesian Networks -- Mark Douthwaite, Tim Kelly
            • Non-determinism and Failure Modes in Machine Learning -- José M. Faria

Session 3. Standard Compliance and Safety&Security Cases

            • Towards Efficiently Checking Compliance Against Automotive Security and Safety Standards -- Julieth Patricia Castellanos Ardila, Barbara Gallina
            • Pioneering the Creation of ISO 26262-compliant OSLC-based Safety Cases -- Barbara Gallina, Mattias Nyberg
            • A Layered Argument Strategy For Software Security Case Development -- Biao Xu, Minyan Lu, Dajian Zhang


Keynote Abstract

In the last decade, co-engineering for safety and security of industrial software-based systems has attracted a serious effort by industry and from academia. Many international safety standards, e.g. ISO 61508, ISO 26262, etc. have evolved to take account of cyber-risks. A sustained effort has been allocated to defining software life-cycle models, which combine well-established models used for safety and security. A monolithic combined life-cycle model, in which safety and security are considered together at all stages, is an obvious option. This approach, however, has serious problems: it requires the organisational “silos” (i.e. the safety and security teams) to interact very closely (possibly to be merged), which in turn is difficult given the “cultural differences” between safety and security silos and may even requires a major organisational change. Less disruptive approaches to co-engineering emerged, too. An example is SAE J3061, “Surface Vehicle Recommended Practice”, in which the safety and security lifecycles are operated by their respective “silos”, but the processes are synchronised at predefined “integrated communication points”, undertaken by a small third-party team.
The talk will provide some details about the current practices and about the research effort the author is aware of on developing a cost-effective co-engineering process for safety and security. The talk will also refer to own work in an on-going research and innovation project dealing with co-engineering for safety and security.