- IoTArch: Improving the Design and Realization of Situational Aware Internet of Things Systems for Emergency Situations Handling
- Managing Model Inconsistencies
- Model-based development and continuous integration
- Closing the Safety-Security gap in software intensive systems
- Evolution support for architectural artefacts
- Managing Architectural Technical Debt
- Managing Interoperability Concerns in Large Systems
- End-to-end Variability Management
- Ensuring Quality of Service through Modeling of Resource Requirements and Service-level Agreements in Industrial IoT
- Managing Interoperability Concerns in Large Systems
- Managing Practices for Development Speed
- Scaling Agile development in mechatronics organizations
Security is an increasingly important issue in safety assurance, as the open interconnected nature and increased reliance on software-based solutions in emerging systems makes them susceptible to security threats at a much higher degree than existing more confined products. Despite the academic efforts to identify interdependencies and to propose combined approaches for safety and security, there is still a lack of integration between safety and security practices in the industrial context. One of the main reasons for this is the fact that the disciplines have separate standards, different techniques and processes to assure risk reductions, moreover, security concerns are generally not covered in any detail in safety standards potentially resulting in successfully safety-certified systems that still are open for security threats.
In our current research on safety- and security assurance of software intensive systems we have presented initial ideas on how to extend safety work to include aspects of security during the context establishment and initial risk assessment procedures.
The ambition of the CloSS project is to develop methods that extends safety assurance with means to address cyber security for embedded systems. The vision is to provide a complete life-cycle process that complies with the typical requirements for safety assurance and that provide support to identify and mitigate security risks in the scope of the life-cycle. To achieve this, the project will focus on a number of development activities, starting from the concept phase, and systematically identify the following: 1) if and why a safety related activity should be extended to address security, 2) how the activity should be extended and with what. By doing this, the project will propose adequate methods that complement current safety assurance with a focus on risk reduction of cyber security issues.
Participating companies
- Saab Aeronautics
- Volvo Construction Equipment
- Tetra Pak
Participating researchers
- Kaj Hänninen, Mälardalen University
- Elena Lisova, Mälardalen University
- Aida Causevic, Mälardalen University
- Henrik Thane, Mälardalen University
- Hans Hansson, Mälardalen University