Change search
Link to record
Permanent link

Direct link
BETA
Publications (5 of 5) Show all publications
Shan, L., Sangchoolie, B., Folkesson, P., Vinter, J., Schoitsch, E. & Loiseuax, C. (2019). A Survey on the Applicability of Safety, Security and Privacy Standards in Developing Dependable Systems. In: Alexander Romanovsky, Elena Troubitsyna, Ilir Gashi, Erwin Schoitsch, Friedemann Bitsch (Eds.) (Ed.), Computer Safety,Reliability, and Security: . Paper presented at DECSoS 2019.
Open this publication in new window or tab >>A Survey on the Applicability of Safety, Security and Privacy Standards in Developing Dependable Systems
Show others...
2019 (English)In: Computer Safety,Reliability, and Security / [ed] Alexander Romanovsky, Elena Troubitsyna, Ilir Gashi, Erwin Schoitsch, Friedemann Bitsch (Eds.), 2019Conference paper, Published paper (Refereed)
Abstract [en]

Safety-critical systems are required to comply with safety standards. These systems are increasingly digitized and networked to an extent where they need to also comply with security and privacy standards. This paper aims to pro-vide insights into how practitioners apply the standards on safety, security or pri-vacy (Sa/Se/Pr), as well as how they employ Sa/Se/Pr analysis methodologies and software tools to meet such criteria. To this end, we conducted a question-naire-based survey within the participants of an EU project SECREDAS and ob-tained 21 responses. The results of our survey indicate that safety standards are widely applied by product and service providers, driven by the requirements from clients or regulators/authorities. When it comes to security standards, practition-ers face a wider range of standards while few target specific industrial sectors. Some standards linking safety and security engineering are not widely used at the moment, or practitioners are not aware of this feature. For privacy engineering, the availability and usage of standards, analysis methodologies and software tools are relatively weaker than safety and security, reflecting the fact that privacy en-gineering is an emerging concern for practitioners.

Series
Springer LNCS vol. 11699, ISSN 1611-3349
Keywords
Safety, Security, Privacy, Standards, Dependable Systems
National Category
Computer Systems
Identifiers
urn:nbn:se:ri:diva-39961 (URN)978-3-030-26250-1 (ISBN)
Conference
DECSoS 2019
Funder
EU, Horizon 2020, 783119
Available from: 2019-09-25 Created: 2019-09-25 Last updated: 2019-09-27Bibliographically approved
Lijun, S., Sangchoolie, B., Folkesson, P., Vinter, J., Schoitsch, E. & Loiseaux, C. (2019). A Survey on the Application of Safety, Security,and Privacy Standards for Dependable Systems. In: Proceedings of the 15th European Dependable Computing Conference: . Paper presented at European Dependable Computing Conference (EDCC).
Open this publication in new window or tab >>A Survey on the Application of Safety, Security,and Privacy Standards for Dependable Systems
Show others...
2019 (English)In: Proceedings of the 15th European Dependable Computing Conference, 2019Conference paper, Published paper (Refereed)
Abstract [en]

Safety-critical systems are required to comply withsafety standards as well as security and privacy standards.In order to provide insights into how practitioners apply thestandards on safety, security or privacy (Sa/Se/Pr), as well ashow they employ Sa/Se/Pr analysis methodologies and softwaretools to meet such criteria, we conducted a questionnaire-basedsurvey. This paper summarizes our major analysis results of thereceived responses.

Keywords
safety, security, privacy, standards, dependable systems
National Category
Computer Systems
Identifiers
urn:nbn:se:ri:diva-40189 (URN)
Conference
European Dependable Computing Conference (EDCC)
Projects
SECREDAS
Available from: 2019-10-03 Created: 2019-10-03 Last updated: 2019-10-09Bibliographically approved
Sangchoolie, B., Folkesson, P. & Vinter, J. (2018). A Study of the Interplay Between Safety and Security Using Model-Implemented Fault Injection. In: : . Paper presented at 14th European Dependable Computing Conference, EDCC 2018; Iasi; Romania; 10 September 2018 through 14 September 2018 (pp. 41-48).
Open this publication in new window or tab >>A Study of the Interplay Between Safety and Security Using Model-Implemented Fault Injection
2018 (English)Conference paper, Published paper (Refereed)
Abstract [en]

The combination of high mobility and wireless communication in many safety-critical systems have increased their exposure to malicious security threats. Consequently, many works in the past have proposed solutions to ensure safety and security of these systems. However, not much attention has been given to the interplay between these two groups of nonfunctional requirements. This is a concern as safety solutions may negatively impact system security and vice versa. This paper addresses the interplay between safety and security by proposing an attack injection framework, based on model-implemented fault injection, suitable for model-based design. The framework enables us to study and evaluate the impact of cybersecurity attacks on system safety early in the development process. To this end, we have implemented six attack injection models and conducted experiments on Simulink models of a CAN bus and a brake-by-wire controller. The results show that the security attacks modeled could successfully impact the system safety by violating our defined safety requirements.

Keywords
fault injection, attack injection, security, safety, cybersecurity attack, model-based design
National Category
Computer and Information Sciences
Identifiers
urn:nbn:se:ri:diva-36477 (URN)10.1109/EDCC.2018.00018 (DOI)2-s2.0-85053862860 (Scopus ID)9781538680605 (ISBN)
Conference
14th European Dependable Computing Conference, EDCC 2018; Iasi; Romania; 10 September 2018 through 14 September 2018
Funder
Vinnova
Available from: 2018-11-22 Created: 2018-11-22 Last updated: 2019-06-27Bibliographically approved
Söderberg, A., Hedberg, J., Folkesson, P. & Jacobson, J. (2018). Safety-related Machine Control Systems using standard EN ISO 13849-1.
Open this publication in new window or tab >>Safety-related Machine Control Systems using standard EN ISO 13849-1
2018 (English)Report (Other academic)
Abstract [en]

Machine control systems shall be designed according to the European Machinery Directive and appropriate European standards. This report gives guidance when applying EN ISO 13849-1:2015 in projects, both for companies developing subsystems and for companies that are developing complete machines.

Publisher
p. 98
Series
RISE Rapport ; 2018:01
Keywords
safety of machinery, machine control, safety function, PL, SIL, EN ISO 13849-1
National Category
Embedded Systems
Identifiers
urn:nbn:se:ri:diva-33194 (URN)978-91-88695-33-8 (ISBN)
Available from: 2018-01-26 Created: 2018-01-26 Last updated: 2019-06-27Bibliographically approved
Folkesson, P., Ayatolahi, F., Sangchoolie, B., Vinter, J., Islam, M. & Karlsson, J. (2015). Back-to-Back Fault Injection Testing in Model-Based Development. In: Floor Koornneef, Coen van Gulijk (Ed.), Computer Safety, Reliability, and Security: . Paper presented at 34th International Conference on Computer Safety, Reliability, and Security (SAFECOMP 2015), September 23-25, 2015, Delft, Netherlands (pp. 135-148). , 9337
Open this publication in new window or tab >>Back-to-Back Fault Injection Testing in Model-Based Development
Show others...
2015 (English)In: Computer Safety, Reliability, and Security / [ed] Floor Koornneef, Coen van Gulijk, 2015, Vol. 9337, p. 135-148Conference paper, Published paper (Refereed)
Abstract [en]

Today, embedded systems across industrial domains (e.g., avionics,automotive) are representatives of software-intensive systems with increasingreliance on software and growing complexity. It has become critically importantto verify software in a time, resource and cost effective manner. Furthermore,industrial domains are striving to comply with the requirements of relevantsafety standards. This paper proposes a novel workflow along with tool supportto evaluate robustness of software in model-based development environment,assuming different abstraction levels of representing software. We then showthe effectiveness of our technique, on a brake-by-wire application, byperforming back-to-back fault injection testing between two differentabstraction levels using MODIFI for the Simulink model and GOOFI-2 for thegenerated code running on the target microcontroller. Our proposed method andtool support facilitates not only verifying software during early phases of thedevelopment lifecycle but also fulfilling back-to-back testing requirements of ISO 26262 [1] when using model-based development.

Series
Lecture Notes in Computer Science (LNCS), ISSN 0302-9743 ; 9337
Keywords
fault-injection, back-to-back testing, model-based development, embedded systems, functional safety, soft errors
National Category
Computer Systems
Identifiers
urn:nbn:se:ri:diva-36480 (URN)10.1007/978-3-319-24255-2_11 (DOI)2-s2.0-84969856748 (Scopus ID)978-3-319-24254-5 (ISBN)978-3-319-24255-2 (ISBN)
Conference
34th International Conference on Computer Safety, Reliability, and Security (SAFECOMP 2015), September 23-25, 2015, Delft, Netherlands
Funder
EU, FP7, Seventh Framework Programme, 295311
Available from: 2018-11-22 Created: 2018-11-22 Last updated: 2020-01-31Bibliographically approved
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0001-5224-9412

Search in DiVA

Show all publications
v. 2.35.10