An Assurance Framework for Independent Co-assurance of Safety and Security

Integrated safety and security assurance for complex systems is difficult for many technical and socio-technical reasons such as mismatched processes, inadequate information, differing use of language and philosophies, etc.. Many co-assurance techniques rely on disregarding some of these challenges in order to present a unified methodology. Even with this simplification, no methodology has been widely adopted primarily because this approach is unrealistic when met with the complexity of real-world system development. This paper presents an alternate approach by providing a Safety-Security Assurance Framework (SSAF) based on a core set of assurance principles. This is done so that safety and security can be co-assured independently, as opposed to unified co-assurance which has been shown to have significant drawbacks. This also allows for separate processes and expertise from practitioners in each domain. With this structure, the focus is shifted from simplified unification to integration through exchanging the correct information at the right time using synchronisation activities

Combining behavioural types with security analysis

Today's software systems are highly distributed and interconnected, and they increasingly rely on communication to achieve their goals; due to their societal importance, security and trustworthiness are crucial aspects for the correctness of these systems. Behavioural types, which extend data types by describing also the structured behaviour of programs, are a widely studied approach to the enforcement of correctness properties in communicating systems. This paper offers a unified overview of proposals based on behavioural types which are aimed at the analysis of security properties

Future prospects for personal security in travel by public transport

This work was supported by the Engineering and Physical Sciences Research Council [grant number EP/I037032/1]. No other funding support from any other bodies was provided.Peer reviewedPublisher PD

Designing the venue logistics management operations for a World Exposition

World Expositions, due to their size and peculiar features, pose a number of logistics challenges. This paper aims at developing a design framework for the venue logistics management (VLM) operations to replenish food products to the event site, through a combination of qualitative and quantitative research approaches. First, an in-depth interview methodology, combined with the outcomes of a literature review, is adopted for defining the key variables for the tactical and operational set-up of the VLM system. Second, a quantitative approach is developed to define the necessary logistics resources. The framework is then applied to the case of Milan 2015 World Exposition. It is the first time that such a design framework for a World Exposition is presented: the originality of this research lies in the proposal of a systematic approach that adds to the experiential practices constituting the current body of knowledge on event logistics

An Analysis of issues against the adoption of Dynamic Carpooling

Using a private car is a transportation system very common in industrialized countries. However, it causes different problems such as overuse of oil, traffic jams causing earth pollution, health problems and an inefficient use of personal time. One possible solution to these problems is carpooling, i.e. sharing a trip on a private car of a driver with one or more passengers. Carpooling would reduce the number of cars on streets hence providing worldwide environmental, economical and social benefits. The matching of drivers and passengers can be facilitated by information and communication technologies. Typically, a driver inserts on a web-site the availability of empty seats on his/her car for a planned trip and potential passengers can search for trips and contact the drivers. This process is slow and can be appropriate for long trips planned days in advance. We call this static carpooling and we note it is not used frequently by people even if there are already many web-sites offering this service and in fact the only real open challenge is widespread adoption. Dynamic carpooling, on the other hand, takes advantage of the recent and increasing adoption of Internet-connected geo-aware mobile devices for enabling impromptu trip opportunities. Passengers request trips directly on the street and can find a suitable ride in just few minutes. Currently there are no dynamic carpooling systems widely used. Every attempt to create and organize such systems failed. This paper reviews the state of the art of dynamic carpooling. It identifies the most important issues against the adoption of dynamic carpooling systems and the proposed solutions for such issues. It proposes a first input on solving the problem of mass-adopting dynamic carpooling systems.Comment: 10 pages, whitepaper, extracted from B.Sc. thesis "Dycapo: On the creation of an open-source Server and a Protocol for Dynamic Carpooling" (Daniel Graziotin, 2010

COST Action IC 1402 ArVI: Runtime Verification Beyond Monitoring -- Activity Report of Working Group 1

This report presents the activities of the first working group of the COST Action ArVI, Runtime Verification beyond Monitoring. The report aims to provide an overview of some of the major core aspects involved in Runtime Verification. Runtime Verification is the field of research dedicated to the analysis of system executions. It is often seen as a discipline that studies how a system run satisfies or violates correctness properties. The report exposes a taxonomy of Runtime Verification (RV) presenting the terminology involved with the main concepts of the field. The report also develops the concept of instrumentation, the various ways to instrument systems, and the fundamental role of instrumentation in designing an RV framework. We also discuss how RV interplays with other verification techniques such as model-checking, deductive verification, model learning, testing, and runtime assertion checking. Finally, we propose challenges in monitoring quantitative and statistical data beyond detecting property violation

SmartUnit: Empirical Evaluations for Automated Unit Testing of Embedded Software in Industry

In this paper, we aim at the automated unit coverage-based testing for embedded software. To achieve the goal, by analyzing the industrial requirements and our previous work on automated unit testing tool CAUT, we rebuild a new tool, SmartUnit, to solve the engineering requirements that take place in our partner companies. SmartUnit is a dynamic symbolic execution implementation, which supports statement, branch, boundary value and MC/DC coverage. SmartUnit has been used to test more than one million lines of code in real projects. For confidentiality motives, we select three in-house real projects for the empirical evaluations. We also carry out our evaluations on two open source database projects, SQLite and PostgreSQL, to test the scalability of our tool since the scale of the embedded software project is mostly not large, 5K-50K lines of code on average. From our experimental results, in general, more than 90% of functions in commercial embedded software achieve 100% statement, branch, MC/DC coverage, more than 80% of functions in SQLite achieve 100% MC/DC coverage, and more than 60% of functions in PostgreSQL achieve 100% MC/DC coverage. Moreover, SmartUnit is able to find the runtime exceptions at the unit testing level. We also have reported exceptions like array index out of bounds and divided-by-zero in SQLite. Furthermore, we analyze the reasons of low coverage in automated unit testing in our setting and give a survey on the situation of manual unit testing with respect to automated unit testing in industry.Comment: In Proceedings of 40th International Conference on Software Engineering: Software Engineering in Practice Track, Gothenburg, Sweden, May 27-June 3, 2018 (ICSE-SEIP '18), 10 page

Advocacy Coalition Framework Lens on Pressing Healthcare Issues

In deciding how to interpret and understand public policy, many experts use theories and frameworks to justify their reasoning. One of the most common avenue of viewing policy involves the advocacy coalition framework based on its broad applicability. This popular framework consists of banding like-minded individuals together into a coalition to advance the narrative by creating acceptable policies for their group. These coalitions normally include a wide range of professional backgrounds from interest groups, elected officials, researchers in academia. These groups utilize special events to influence subfields consisting of actors who decide the solutions for policy problems. Subfields normally are made up of key players employed in government institutions and private industrial groups who willingly agree to work toward a compromise with the goal to create policy acceptable for both sides (Cairney 2014) These coalitions influence the subfield in different ways through capitalizing on their influential power or by ignoring the alliances and mergers of the groups. This paper shall explore how advocacy coalition framework works for three pressing issues facing the healthcare industry. These three policies focus on drug pricing, heath data privacy and opioid liability. This paper will explore the policy in depth, provide historical context and the major players while outlining how the specific proposals fit in the framework as well as identifying the framework’s limitations with the policy