The AQUAS ECSEL Project Aggregated Quality Assurance for Systems: Co-Engineering Inside and Across the Product Life Cycle

There is an ever-increasing complexity of the systems we engineer in modern society, which includes facing the convergence of the embedded world and the open world. This complexity creates increasing difficulty with providing assurance for factors including safety, security and performance. In such a context, the AQUAS project investigates the challenges arising from e.g., the inter-dependence of safety, security and performance of systems and aims at efficient solutions for the entire product life-cycle. The project builds on knowledge of partners gained in current or former EU projects and will demonstrate the newly developed methods and techniques for co-engineering across use cases spanning Aerospace, Medicine, Transport and Industrial Control.A special thanks to all the AQUAS consortium people that have worked on the AQUAS proposal on which this paper is based, especially to Charles Robinson (TRT), the proposal coordinator. The AQUAS project is funded from the ECSEL Joint Undertaking under grant agreement n 737475, and from National funding

SELENE: Self-Monitored Dependable Platform for High-Performance Safety-Critical Systems.

© 2020 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.[Otros] xisting HW/SW platforms for safety-critical systems suffer from limited performance and/or from lack of flexibility due to building on specific proprietary components. This jeopardizes their wide deployment across domains. While some research has been done to overcome these limitations, they have had limited success owing to missing flexibility and extensibility. Flexibility and extensibility are the cornerstones of industry adoption: industries dealing in capital goods need technologies on which they can rely on during decades (e.g. avionics, space, automotive). SELENE aims at covering this gap by proposing a new family of safety-critical computing platforms, which builds upon open source components such as the RISC-V instruction set architecture, GNU/Linux, and the Jailhouse hypervisor. SELENE will develop an advanced computing platform that is able to: (1) adapt the system to the specific requirements of different application domains, to changing environmental conditions, and to internal conditions of the system itself; (2) allow the integration of applications of different criticalities and performance demands in the same platform, guaranteeing functional and temporal isolation properties; (3) achieve flexible diverse redundancy by exploiting the inherent redundant capabilities of the multicore; and (4) efficiently execute compute-intensive applications by means of specific accelerators.This work has received funding from the European Unions Horizon 2020 research and innovation programme under grant agreement no. 871467.Hernández Luz, C.; Flich Cardo, J.; Paredes Palacios, R.; Lefebvre, C.; Allende, I.; Abella, J.; Trilla, D.... (2020). SELENE: Self-Monitored Dependable Platform for High-Performance Safety-Critical Systems. IEEE. 370-377. https://doi.org/10.1109/DSD51259.2020.00066S37037

Preliminary Safety and Security Co-engineering Process in the Industrial Automation Sector

International audienceThe Industrial Automation Sector has a long tradition of showing compliance on functional safety. Ultimately, security was taken into account only at production phase and with a reactive approach. However, this domain is experimenting an increasing need to incorporate cyber-security mechanisms and to provide evidences on security-related standards and applying security by design principles. Both domains have their own regulations defining specific life-cycles. In this work we analyzed IEC 61508 (safety-related) and ISA 62443 (security-related) standards to 1) identify commonalities and create a mapping model, and 2) propose a combined process in the context of safety and security co-engineering. Our approach is qualitatively evaluated by experts on the standards and by practitioners of this domain

A Proposal for the Classification of Methods for Verification and Validation of Safety, Cybersecurity, and Privacy of Automated Systems

none15noneJose Luis de la Vara, Thomas Bauer, Bernhard Fischer, Mustafa Karaca, Henrique Madeira, Martin Matschnig, Silvia Mazzini, Giann Spilere Nandi, Fabio Patrone, David Pereira, Jose' Proenca, Rupert Schlick, Stefano Tonetta, Ugur Yayan, Behrooz SangchoolieLuis de la Vara, Jose; Bauer, Thomas; Fischer, Bernhard; Karaca, Mustafa; Madeira, Henrique; Matschnig, Martin; Mazzini, Silvia; Spilere Nandi, Giann; Patrone, Fabio; Pereira, David; Proenca, Jose'; Schlick, Rupert; Tonetta, Stefano; Yayan, Ugur; Sangchoolie, Behroo

A Proposal for the Classification of Methods for Verification and Validation of Safety, Cybersecurity, and Privacy of Automated Systems

As our dependence on automated systems grows, so does the need for guaranteeing their safety, cybersecurity, and privacy (SCP). Dedicated methods for verification and validation (V&V) must be used to this end and it is necessary that the methods and their characteristics can be clearly differentiated. This can be achieved via method classifications. However, we have experienced that existing classifications are not suitable to categorise V&V methods for SCP of automated systems. They do not pay enough attention to the distinguishing characteristics of this system type and of these quality concerns. As a solution, we present a new classification developed in the scope of a large-scale industry-academia project. The classification considers both the method type, e.g., testing, and the concern addressed, e.g., safety. Over 70 people have successfully used the classification on 53 methods. We argue that the classification is a more suitable means to categorise V&V methods for SCP of automated systems and that it can help other researchers and practitioners