Investigation into a Layered Approach to Architecting Security-Informed Safety Cases

The paper describes a layered approach to analysing safety and security in a structured way and creating a security-informed safety case. The approach is applied to a case study – a Security Gateway controlling data flow between two different security domains implemented with a separation kernel based operating system in an avionics environment. We discuss some findings from the case study, show how the approach identifies and ameliorates important interactions between safety and security and supports the development of complex assurance case structures

Security-Informed Safety Case Approach to Analysing MILS Systems

Safety cases are the development foundation for safety-critical systems and are often quite complex to understand depending on the size of the system and operational conditions. The recent advent of security aspects complicates the issues further. This paper describes an approach to analysing safety and security in a structured way and creating security-informed safety cases that provide justification of safety taking into particular consideration the impact of security. The paper includes an overview of the structured assurance case concept, a security-informed safety methodology and a layered approach to constructing cases. The approach is applied to a Security Gateway that is used to control data flow between security domains in a separation kernel based operating system in avionics environment. We show that a clear and structured way of presenting a safety case combining safety and security alleviates understanding important interactions taking into account the impact and, hence, increases safety

Aircraft Communication Systems - Topologies, Protocols, and Vulnerabilities

Aviation systems are facing fierce competition driven by private investments promoting the development of new avionics suites (AS). With these new AS comes the need for a faster and larger bandwidth requirement for next generation communication systems. The legacy military (MIL) standard 1553 communication system (e.g., 1Mbps) can no longer keep up with the surge in bandwidth demand requirements. The new communication systems need to be designed with a system architecture background that can enable simplistic integration with Information Technology (IT) controlled groundnetworks, military, and commercial payloads. To facilitate a seamless integration with communication architecture, the current system is highly dependent on the Ethernet based IEEE 802.3 standard. Using a standard protocol cuts down on cost and shortens time for accessibility. However, it introduces several other new problems that developers are actively working through. These problems include a loss of redundancy, lower reliability, and cyber-security vulnerabilities. The cyber-security vulnerabilities that are introduced by IEEE 802.3 Ethernet are one of the larger concerns to military defense programs, and other aviation companies. Impacts of these new communication protocols are quantified and presented as cost, redundancy, topology, and vulnerability. This review paper introduces four communication protocols that can replace heritage systems. These protocols are presented and compared against each other in redundancy, reliability, topology and security vulnerabilities in their application on aircraft, space launch vehicles and satellites

Safety-Critical Systems and Agile Development: A Mapping Study

In the last decades, agile methods had a huge impact on how software is developed. In many cases, this has led to significant benefits, such as quality and speed of software deliveries to customers. However, safety-critical systems have widely been dismissed from benefiting from agile methods. Products that include safety critical aspects are therefore faced with a situation in which the development of safety-critical parts can significantly limit the potential speed-up through agile methods, for the full product, but also in the non-safety critical parts. For such products, the ability to develop safety-critical software in an agile way will generate a competitive advantage. In order to enable future research in this important area, we present in this paper a mapping of the current state of practice based on {a mixed method approach}. Starting from a workshop with experts from six large Swedish product development companies we develop a lens for our analysis. We then present a systematic mapping study on safety-critical systems and agile development through this lens in order to map potential benefits, challenges, and solution candidates for guiding future research.Comment: Accepted at Euromicro Conf. on Software Engineering and Advanced Applications 2018, Prague, Czech Republi

Standardization Roadmap for Unmanned Aircraft Systems, Version 1.0

This Standardization Roadmap for Unmanned Aircraft Systems, Version 1.0 (“roadmap”) represents the culmination of the UASSC’s work to identify existing standards and standards in development, assess gaps, and make recommendations for priority areas where there is a perceived need for additional standardization and/or pre-standardization R&D. The roadmap has examined 64 issue areas, identified a total of 60 gaps and corresponding recommendations across the topical areas of airworthiness; flight operations (both general concerns and application-specific ones including critical infrastructure inspections, commercial services, and public safety operations); and personnel training, qualifications, and certification. Of that total, 40 gaps/recommendations have been identified as high priority, 17 as medium priority, and 3 as low priority. A “gap” means no published standard or specification exists that covers the particular issue in question. In 36 cases, additional R&D is needed. The hope is that the roadmap will be broadly adopted by the standards community and that it will facilitate a more coherent and coordinated approach to the future development of standards for UAS. To that end, it is envisioned that the roadmap will be widely promoted and discussed over the course of the coming year, to assess progress on its implementation and to identify emerging issues that require further elaboration

System configuration and executive requirements specifications for reusable shuttle and space station/base

System configuration and executive requirements specifications for reusable shuttle and space station/bas