Combined automotive safety and security pattern engineering approach

Automotive systems will exhibit increased levels of automation as well as ever tighter integration with other vehicles, traffic infrastructure, and cloud services. From safety perspective, this can be perceived as boon or bane - it greatly increases complexity and uncertainty, but at the same time opens up new opportunities for realizing innovative safety functions. Moreover, cybersecurity becomes important as additional concern because attacks are now much more likely and severe. However, there is a lack of experience with security concerns in context of safety engineering in general and in automotive safety departments in particular. To address this problem, we propose a systematic pattern-based approach that interlinks safety and security patterns and provides guidance with respect to selection and combination of both types of patterns in context of system engineering. A combined safety and security pattern engineering workflow is proposed to provide systematic guidance to support non-expert engineers based on best practices. The application of the approach is shown and demonstrated by an automotive case study and different use case scenarios.EC/H2020/692474/EU/Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems/AMASSEC/H2020/737422/EU/Secure COnnected Trustable Things/SCOTTEC/H2020/732242/EU/Dependability Engineering Innovation for CPS - DEIS/DEISBMBF, 01IS16043, Collaborative Embedded Systems (CrESt

Model Based Mission Assurance: NASA's Assurance Future

Model Based Systems Engineering (MBSE) is seeing increased application in planning and design of NASAs missions. This suggests the question: what will be the corresponding practice of Model Based Mission Assurance (MBMA)? Contemporaneously, NASAs Office of Safety and Mission Assurance (OSMA) is evaluating a new objectives based approach to standards to ensure that the Safety and Mission Assurance disciplines and programs are addressing the challenges of NASAs changing missions, acquisition and engineering practices, and technology. MBSE is a prominent example of a changing engineering practice. We use NASAs objectives-based strategy for Reliability and Maintainability as a means to examine how MBSE will affect assurance. We surveyed MBSE literature to look specifically for these affects, and find a variety of them discussed (some are anticipated, some are reported from applications to date). Predominantly these apply to the early stages of design, although there are also extrapolations of how MBSE practices will have benefits for testing phases. As the effort to develop MBMA continues, it will need to clearly and unambiguously establish the roles of uncertainty and risk in the system model. This will enable a variety of uncertainty-based analyses to be performed much more rapidly than ever before and has the promise to increase the integration of CRM (Continuous Risk Management) and PRA (Probabilistic Risk Analyses) even more fully into the project development life cycle. Various views and viewpoints will be required for assurance disciplines, and an over-arching viewpoint will then be able to more completely characterize the state of the project/program as well as (possibly) enabling the safety case approach for overall risk awareness and communication

Threat modelling with UML for cybersecurity risk management in OT-IT integrated infrastructures

A strong cybersecurity threat management can provide a good security situation against malicious attacks designed to access, modify, delete, destroy or capture user or organization systems and sensitive data. In this work, first the issue of cybersecurity is described, then the common attacks of OT-IT integrated systems as target systems are examined. The concentration area of this thesis is about the security of OT-IT systems. The purpose of this thesis is to provide a Cybersecurity risk management solution fundamentally focused on detecting common cybersecurity intrusions which are widely being used by the malicious attacks to forcefully abuse or take advantage of preciously a computer network. The main idea of this project is to providing a solution which can help the cybersecurity experts of OT-IT companies to catch the abnormalities of the network practically by the time a pre-defined intrusion is being executed by an attacker, in order to give more defensive power against the possible threats. In chapter 3 There will be proposed model is designed with UML and SysML in Eclipse Papyrus software which is a great tool to model a system. Here, I presented a threat modeling detection system which is practically an IDS. Finally, the model will be implemented using the PCA methods and the SVM, which are part of machine learning techniques. The Intrusion Detection System is implemented and the results show the high efficiency of the proposed method

Safe and Secure Support for Public Safety Networks

International audienceAs explained by Tanzi et al. in the first volume of this book, communicating and autonomous devices will surely have a role to play in the future Public Safety Networks. The “communicating” feature comes from the fact that the information should be delivered in a fast way to rescuers. The “autonomous” characteristic comes from the fact that rescuers should not have to concern themselves about these objects: they should perform their mission autonomously so as not to delay the intervention of the rescuers, but rather to assist them efficiently and reliably.</p

Supporting ISO 26262 with SysML, Benefits and Limits

International audienceThis article deals with the issue of deploying efficiently the ISO 26262: the new standard in automotive systems development. The directives enclosed in this norm demands the establishment of a product lifecycle fully integrating the safety assessment activities. To tackle this subject, this paper explores the way of setting up Model-Based Design methodology to express and organize the concepts manipulated during the ISO 26262 process. This attempt is founded on the use of SysML and on the creation of a profile dedicated to ISO 26262 development context. We provide an introduction to Model-Based Design paradigm and its appli-cation in a safety relevant context. An overview of ISO 26262 is given, followed by the description of an on-going project on the subject. Modeling propositions are formulated and the use of diverse SysML diagrams are mapped on the automotive safety lifecycle process

Applying model-based systems engineering to architecture optimization and selection during system acquisition

2018 Fall.Includes bibliographical references.The architecture selection process early in a major system acquisition is a critical step in determining the overall affordability and technical performance success of a program. There are recognized deficiencies that frequently occur in this step such as poor transparency into the final selection decision and excessive focus on lowest cost, which is not necessarily the best value for all of the stakeholders. This research investigates improvements to the architecture selection process by integrating Model-Based Systems Engineering (MBSE) techniques, enforcing rigorous, quantitative evaluation metrics with a corresponding understanding of uncertainties, and stakeholder feedback in order to generate an architecture that is more optimized and trusted to provide better value for the stakeholders. Three case studies were analyzed to demonstrate this proposed process. The first focused on a satellite communications System of Systems (SoS) acquisition to demonstrate the overall feasibility and applicability of the process. The second investigated an electro-optical remote sensing satellite system to compare this proposed process to a current architecture selection process typified by the United States Department of Defense (U.S. DoD) Analysis of Alternatives (AoA). The third case study analyzed the evaluation of a service-oriented architecture (SOA) providing satellite command and control with cyber security protections in order to demonstrate rigorous accounting of uncertainty through the architecture evaluation and selection. These case studies serve to define and demonstrate a new, more transparent and trusted architecture selection process that consistently provides better value for the stakeholders of a major system acquisition. While the examples in this research focused on U.S. DoD and other major acquisitions, the methodology developed is broadly applicable to other domains where this is a need for optimization of enterprise architectures as the basis for effective system acquisition. The results from the three case studies showed the new process outperformed the current methodology for conducting architecture evaluations in nearly all criteria considered and in particular selects architectures of better value, provides greater visibility into the actual decision making, and improves trust in the decision through a robust understanding of uncertainty. The primary contribution of this research then is improved information support to an architecture selection in the early phases of a system acquisition program. The proposed methodology presents a decision authority with an integrated assessment of each alternative, traceable to the concerns of the system's stakeholders, and thus enables a more informed and objective selection of the preferred alternative. It is recommended that the methodology proposed in this work is considered for future architecture evaluations

Applying model-based systems engineering in search of quality by design

2022 Spring.Includes bibliographical references.Model-Based System Engineering (MBSE) and Model-Based Engineering (MBE) techniques have been successfully introduced into the design process of many different types of systems. The application of these techniques can be reflected in the modeling of requirements, functions, behavior, and many other aspects. The modeled design provides a digital representation of a system and the supporting development data architecture and functional requirements associated with that architecture through modeling system aspects. Various levels of the system and the corresponding data architecture fidelity can be represented within MBSE environment tools. Typically, the level of fidelity is driven by crucial systems engineering constraints such as cost, schedule, performance, and quality. Systems engineering uses many methods to develop system and data architecture to provide a representative system that meets costs within schedule with sufficient quality while maintaining the customer performance needs. The most complex and elusive constraints on systems engineering are defining system requirements focusing on quality, given a certain set of system level requirements, which is the likelihood that those requirements will be correctly and accurately found in the final system design. The focus of this research will investigate specifically the Department of Defense Architecture Framework (DoDAF) in use today to establish and then assess the relationship between the system, data architecture, and requirements in terms of Quality By Design (QbD). QbD was first coined in 1992, Quality by Design: The New Steps for Planning Quality into Goods and Services [1]. This research investigates and proposes a means to: contextualize high-level quality terms within the MBSE functional area, provide an outline for a conceptual but functional quality framework as it pertains to the MBSE DoDAF, provides tailored quality metrics with improved definitions, and then tests this improved quality framework by assessing two corresponding case studies analysis evaluations within the MBSE functional area to interrogate model architectures and assess quality of system design. Developed in the early 2000s, the Department of Defense Architecture Framework (DoDAF) is still in use today, and its system description methodologies continue to impact subsequent system description approaches [2]. Two case studies were analyzed to show proposed QbD evaluation to analyze DoDAF CONOP architecture quality. The first case study addresses the analysis of DoDAF CONOP of the National Aeronautics and Space Administration (NASA) Joint Polar Satellite System (JPSS) ground system for National Oceanic and Atmospheric Administration (NOAA) satellite system with particular focus on the Stored Mission Data (SMD) mission thread. The second case study addresses the analysis of DoDAF CONOP of the Search and Rescue (SAR) navel rescue operation network System of Systems (SoS) with particular focus on the Command and Control signaling mission thread. The case studies help to demonstrate a new DoDAF Quality Conceptual Framework (DQCF) as a means to investigate quality of DoDAF architecture in depth to include the application of DoDAF standard, the UML/SysML standards, requirement architecture instantiation, as well as modularity to understand architecture reusability and complexity. By providing a renewed focus on a quality-based systems engineering process when applying the DoDAF, improved trust in the system and data architecture of the completed models can be achieved. The results of the case study analyses reveal how a quality-focused systems engineering process can be used during development to provide a product design that better meets the customer's intent and ultimately provides the potential for the best quality product

DEFINE BILLET DESCRIPTIONS AND SKILL SETS THAT ARE NEEDED TO PERFORM LEAD SYSTEM INTEGRATION (LSI) FUNCTIONS

In 2008, Congress passed Public Law 110-181, which directed the Secretary of Defense to properly size and train the Department of Defense workforce to do more inherently governmental functions. There was no training path established to support this law. Therefore, the Naval Postgraduate School (NPS) established such training for the functional area of Lead System Integrator (LSI). The LSI area of study has been conducted at NPS for years through research and cohort classwork. This thesis is a continuation of the Lead System Integrator Cohort 4 Final Report, which did not address the LSI-based billets needed for the System of Systems Mission Assurance phase (more commonly known as the “fielding of the system”) for the warfighter. The goal of this research is to discover whether a reference exists for project/program managers to properly staff their LSI teams through expanded roles and responsibilities with proper Knowledge, Skills, and Abilities (KSAs). Through comparison and analysis of organizational charts, traditional NAVAIR job titles, and known LSI functional areas, this thesis tries to define position descriptions and KSAs that are needed to perform an LSI function. The study used four different program offices that state they operate projects as LSI inside their program offices.Civilian, Department of the NavyApproved for public release. Distribution is unlimited