International Conference on Computer Safety, Reliability, and Security, Nov 1, 2006
... Stuart Anderson, UK Ramesh Bharadwaj, USA Andrzej Białas, Poland Robin Bloomfield, UK Sandro B... more ... Stuart Anderson, UK Ramesh Bharadwaj, USA Andrzej Białas, Poland Robin Bloomfield, UK Sandro Bologna, Italy Andrea Bondavalli, Italy Bettina ... Norway Simone Pozzi, Italy Gerd Rabe, Germany Felix Redmill, UK Krzysztof Sacha, Poland Francesca Saglietti, Germany Erwin ...
The paper presents a case study related to application of WSN to supporting a patient with overwe... more The paper presents a case study related to application of WSN to supporting a patient with overweight in his/her home environment. It was assumed that the network implements a method of distributed trust management and is was demonstrated that this method provides for detection and isolation of sensors violating the network policies. Quantitative estimates of time necessary to detect such malicious nodes were obtained with the help of a dedicated network simulator. In conclusion we identified problems which will be further investigated, targeting at improvement and assessment of the proposed trust management method.
This article presents a method of supporting client-provider cooperation in software acquisition ... more This article presents a method of supporting client-provider cooperation in software acquisition projects. The method, called WIKLIDO, focuses on modelling of client-provider interactions and provides its users with the means of structuring their cooperation. WIKLIDO has been already successfully applied in a number of real life case studies. The article introduces the method and explains how it is to be evaluated in a systematic way with the help of metrics designed using the common GQM (Goal Question Metrics) approach. Streszczenie. Artykuł przedstawia metodę Wspomagania Interakcji KLienta i Dostawcy Oprogramowania (WIKLIDO). Metoda ta została z powodzeniem zastosowana w dwóch studiach przypadków w komercyjnych projektach pozyskiwania oprogramowania. Artykuł wyjaśnia w jaki sposób metoda wykorzystuje środki modelowania do usystematyzowania interakcji pomiędzy klientem i dostawcą oprogramowania. Przedstawia również w jaki sposób wykorzystano podejście GQM (ang. Goal Question Metrics) do systematycznego wywiedzenia metryk służących do eksperymentalnej oceny metody WIKLIDO. (Metoda wspomagania współpracy klienta i dostawcy w procesach pozyskiwania oprogramowania i kryteria jej eksperymentalnej oceny)
Invited paper.- Safety-Status and Perspectives.- Session 1: Formal Methods and Models.- Data Flow... more Invited paper.- Safety-Status and Perspectives.- Session 1: Formal Methods and Models.- Data Flow Control Systems: an Example of Safety Validation.- Validating Safety Models with Fault Trees.- Composition and Refinement of Probabilistic Real-Time Systems.- The Application of Formal Methods for the Redevelopment of a Laboratory Information Managment System.- Session 2: Applications.- PLC-Implementation of Emergency Shut-Down Systems.- The Fast Cost Effective Design and Concurrent Certification of the Safe Computer for a Real Time Train Control Application.- Design and Analysis of a Failsafe Algorithm for Solving Boolean Equations.- Session 3: Safety Assessment.- Programmable Electronic System Analysis Technique in Safety Critical Applications.- Safety Assessment-The Critical System Suppliers View.- Hazard Analysis Using HAZOP: A Case Study.- Session 4: Safety Analysis.- Safety Analysis of Clinical Laboratory Systems.- The Benefits of SUSI: Safety Analysis of User System Interaction.- Panel Session: Technology Transfer Between Academia and Industry.- Issues Affecting Technology Transfer and Experience with a Community Club.- Subsidiaries and Start-up Spin-off Companies of Inria.- Human Medium in Technology Transfer.- Technology Transfer-from Purpose to Practice.- Invited Paper.- Dependability: from Concepts to Limits.- Session 5: Verification and Validation.- The Rigorous Retrospective Static Analysis of the Sizewell 'B' Primary Protection System Software.- A Safety Critical Computer System in a Railway Application.- Session 6: Testing.- Confidently Assessing a Zero Probability of Software Failure.- A Knowledge-Based Approach to Program Testing and Analysis.- Session 7: Dependable Software.- Robust Requirements Specifications for Safety-Critical Systems.- Software Failure Data Analysis of two Successive Generations of a Switching System.- Software validation with CASE-TOOLS.- Session 8: Reliability Issues.- Dependability of Scaleable, Distributed Systems: Communication Strategies for Redundant Processes.- Real-Time Detection of Failures of Reactive Systems.- Reliability and Safety Analysis of Hierarchical Voting Schemes.- Session 9: Languages.- Designing a High-level Language for Safety Systems.- Oreste: a Reliable Reactive Real-Time Language.- Invited Paper.- How Far Can You Trust a Computer?.- Session 10: Security.- Security Audit Trail Analysis Using Genetic Algorithms.- MRSA-a New Public Key Encription Method.- A Virus-Resistant Network Interface.- Session 11: Reactive Systems.- CIP - Communicating Interacting Processes: A Formal Method for the Development of Reactive Systems.- Exception Handling and Predictability in Hard Real-Time Systems.- Development of a Fail-Safe Data Transmission System for Use in Life-Critical Applications.- Author Index.
The paper introduces the problem of application of agile practices in critical software developme... more The paper introduces the problem of application of agile practices in critical software development projects. It summarizes the present state of research and identifies the need for having a ready-to-use model of being agile while still meeting the required assurance levels which could be particularly useful for small and medium sized safety-critical software companies. Then the objective and scope of a research aiming at delivering such a model is presented together with a case study description which is a step of this research project. The case study will investigate how software engineers perceive risks associated with introduction of agile practices and collect their ideas on how these risks could be mitigated.
In this paper we present AgileSafe - a method which supports introduction of agile practices into... more In this paper we present AgileSafe - a method which supports introduction of agile practices into safety-critical software development processes. To represent safety assurance constraints resulting from the regulatory context, AgileSafe uses assurance case patterns. The knowledge base of AgileSafe helps the user to select the agile practices relevant for the considered software development project. The corresponding assurance case patterns define the scope of the evidence to be collected to demonstrate that the project meets its safety constraints. The overview of the method is presented with reference to a case study - a project for continuous glucose monitoring-enabled insulin pump system.
The paper introduces the AgileSafe method of selecting agile practices for software development p... more The paper introduces the AgileSafe method of selecting agile practices for software development projects that are constrained by assurance requirements resulting from safety and/or security related standards. Such requirements are represented by argumentation templates which explain how the evidence collected during agile practices implementation will support the conformity with the requirements. Application of the method is demonstrated by referring to a case study of development of a medical domain related application that is supposed to meet the requirements imposed by the IEC 62443-4.1 standard.
Cyberspace security is a critical subject of our times. On one hand the development of Internet, ... more Cyberspace security is a critical subject of our times. On one hand the development of Internet, mobile communications, distributed computing, computer software and databases storing essential enterprise information has helped to conduct business and personal communication between individual people. On the other hand it has created many opportunities for abuse, fraud and expensive damage. This book is a selection of the best papers presented at the NATO Advanced Research Workshop dealing with the Subject of Cyberspace Security and Defense. The level of the individual contributions in the volume is advanced and suitable for senior and graduate students, researchers and technologists who wish to get some feeling of the state of the art in several sub-disciplines of Cyberspace security. Several papers provide a broad-brush description of national security issues and brief summaries of technology states. These papers can be read and appreciated by technically enlightened managers and executives who want to understand security issues and approaches to technical solutions. An important question of our times is not "Should we do something for enhancing our digital assets security", the question is "How to do it".
The paper presents research results related to the development of extensions of the conventional ... more The paper presents research results related to the development of extensions of the conventional safety analysis techniques like FTA and FMEA to provide for their applicability to software intensive systems. An object oriented model of the system is analyzed with the help of formalized FTA and FMEA techniques, which complements the hazard reachability analysis, performed within the abstract state space of the system. In addition to this, the object model is used to synthesize a safety monitor-the device that supervises the system at run time to provide for early detection of approaching hazards. The paper refers to the case studies that have been carried out to test the applicability of the proposed techniques. Those include a gas burner system, an extra high voltage substation and a railway signaling system.
... Stuart Anderson, UK Ramesh Bharadwaj, USA Andrzej Białas, Poland Robin Bloomfield, UK Sandro B... more ... Stuart Anderson, UK Ramesh Bharadwaj, USA Andrzej Białas, Poland Robin Bloomfield, UK Sandro Bologna, Italy Andrea Bondavalli, Italy Bettina ... Norway Simone Pozzi, Italy Gerd Rabe, Germany Felix Redmill, UK Krzysztof Sacha, Poland Francesca Saglietti, Germany Erwin ...
The paper presents a case study of application of the VDM formal method to specification and veri... more The paper presents a case study of application of the VDM formal method to specification and verification of a simple real-time kernel. Specifications of selected external services of the kernel are presented. Then the verification methodology is introduced by demonstrating its basic steps in relation to verification of a selected function-a process waiting for a signal on a condition variable.
This paper presents a method of collaborative risk management in software procurement and develop... more This paper presents a method of collaborative risk management in software procurement and development projects. First it overviews the success criteria and typical risks from the point of view of different stakeholders. Then a concept of the continuous process of risk identification and analysis is presented together with the structures supporting the management of the process and the representation of risks. We also propose a security policy to be applied in order to reflect possibly conflicting interests of project participants. Finally, a practical solution-the software tool supporting risk assessment, together with the results of three validation experiments are briefly presented.
In order to apply safety analysis techniques in an integrated fashion, the Common Safety Descript... more In order to apply safety analysis techniques in an integrated fashion, the Common Safety Description Model (CSDM) is developed to provide a formal semantics to such techniques. The motivation and objectives of CSDM are discussed; a theory of events that incorporates causality and timing is presented with its applications to safety analysis techniques.
The presentation introduces to the problem of evidencebased arguments and their applications. The... more The presentation introduces to the problem of evidencebased arguments and their applications. Then, based on the experiences collected during development and commercial deployment of a concrete solution to this problem (system NOR-STA) we overview selected challenges and the ways of addressing them.
Computer Science and Information Systems (FedCSIS), 2019 Federated Conference on, Oct 2, 2016
This article introduces AgileSafe, a new method of incorporating agile practices into critical so... more This article introduces AgileSafe, a new method of incorporating agile practices into critical software development while still maintaining compliance with the software assurance requirements imposed by the application domain. We present the description of the method covering the process of its application and the input and output artefacts.
The paper addresses the problem of designing reliable systems out of unreliable components. The s... more The paper addresses the problem of designing reliable systems out of unreliable components. The system and its components are specified as modules, using state function temporal logic specifications. Faulty (but tolerable) behaviours are specified by means of spontaneous inputs and nondeterministic post-conditions. G lobal restrictions on possible behaviours are expressed using temporal logic. Individual specifications of modules can be in~orporated by the stucture specification to form the abstract desig n of a hig her level (systeml) module.
International Conference on Computer Safety, Reliability, and Security, Nov 1, 2006
... Stuart Anderson, UK Ramesh Bharadwaj, USA Andrzej Białas, Poland Robin Bloomfield, UK Sandro B... more ... Stuart Anderson, UK Ramesh Bharadwaj, USA Andrzej Białas, Poland Robin Bloomfield, UK Sandro Bologna, Italy Andrea Bondavalli, Italy Bettina ... Norway Simone Pozzi, Italy Gerd Rabe, Germany Felix Redmill, UK Krzysztof Sacha, Poland Francesca Saglietti, Germany Erwin ...
The paper presents a case study related to application of WSN to supporting a patient with overwe... more The paper presents a case study related to application of WSN to supporting a patient with overweight in his/her home environment. It was assumed that the network implements a method of distributed trust management and is was demonstrated that this method provides for detection and isolation of sensors violating the network policies. Quantitative estimates of time necessary to detect such malicious nodes were obtained with the help of a dedicated network simulator. In conclusion we identified problems which will be further investigated, targeting at improvement and assessment of the proposed trust management method.
This article presents a method of supporting client-provider cooperation in software acquisition ... more This article presents a method of supporting client-provider cooperation in software acquisition projects. The method, called WIKLIDO, focuses on modelling of client-provider interactions and provides its users with the means of structuring their cooperation. WIKLIDO has been already successfully applied in a number of real life case studies. The article introduces the method and explains how it is to be evaluated in a systematic way with the help of metrics designed using the common GQM (Goal Question Metrics) approach. Streszczenie. Artykuł przedstawia metodę Wspomagania Interakcji KLienta i Dostawcy Oprogramowania (WIKLIDO). Metoda ta została z powodzeniem zastosowana w dwóch studiach przypadków w komercyjnych projektach pozyskiwania oprogramowania. Artykuł wyjaśnia w jaki sposób metoda wykorzystuje środki modelowania do usystematyzowania interakcji pomiędzy klientem i dostawcą oprogramowania. Przedstawia również w jaki sposób wykorzystano podejście GQM (ang. Goal Question Metrics) do systematycznego wywiedzenia metryk służących do eksperymentalnej oceny metody WIKLIDO. (Metoda wspomagania współpracy klienta i dostawcy w procesach pozyskiwania oprogramowania i kryteria jej eksperymentalnej oceny)
Invited paper.- Safety-Status and Perspectives.- Session 1: Formal Methods and Models.- Data Flow... more Invited paper.- Safety-Status and Perspectives.- Session 1: Formal Methods and Models.- Data Flow Control Systems: an Example of Safety Validation.- Validating Safety Models with Fault Trees.- Composition and Refinement of Probabilistic Real-Time Systems.- The Application of Formal Methods for the Redevelopment of a Laboratory Information Managment System.- Session 2: Applications.- PLC-Implementation of Emergency Shut-Down Systems.- The Fast Cost Effective Design and Concurrent Certification of the Safe Computer for a Real Time Train Control Application.- Design and Analysis of a Failsafe Algorithm for Solving Boolean Equations.- Session 3: Safety Assessment.- Programmable Electronic System Analysis Technique in Safety Critical Applications.- Safety Assessment-The Critical System Suppliers View.- Hazard Analysis Using HAZOP: A Case Study.- Session 4: Safety Analysis.- Safety Analysis of Clinical Laboratory Systems.- The Benefits of SUSI: Safety Analysis of User System Interaction.- Panel Session: Technology Transfer Between Academia and Industry.- Issues Affecting Technology Transfer and Experience with a Community Club.- Subsidiaries and Start-up Spin-off Companies of Inria.- Human Medium in Technology Transfer.- Technology Transfer-from Purpose to Practice.- Invited Paper.- Dependability: from Concepts to Limits.- Session 5: Verification and Validation.- The Rigorous Retrospective Static Analysis of the Sizewell 'B' Primary Protection System Software.- A Safety Critical Computer System in a Railway Application.- Session 6: Testing.- Confidently Assessing a Zero Probability of Software Failure.- A Knowledge-Based Approach to Program Testing and Analysis.- Session 7: Dependable Software.- Robust Requirements Specifications for Safety-Critical Systems.- Software Failure Data Analysis of two Successive Generations of a Switching System.- Software validation with CASE-TOOLS.- Session 8: Reliability Issues.- Dependability of Scaleable, Distributed Systems: Communication Strategies for Redundant Processes.- Real-Time Detection of Failures of Reactive Systems.- Reliability and Safety Analysis of Hierarchical Voting Schemes.- Session 9: Languages.- Designing a High-level Language for Safety Systems.- Oreste: a Reliable Reactive Real-Time Language.- Invited Paper.- How Far Can You Trust a Computer?.- Session 10: Security.- Security Audit Trail Analysis Using Genetic Algorithms.- MRSA-a New Public Key Encription Method.- A Virus-Resistant Network Interface.- Session 11: Reactive Systems.- CIP - Communicating Interacting Processes: A Formal Method for the Development of Reactive Systems.- Exception Handling and Predictability in Hard Real-Time Systems.- Development of a Fail-Safe Data Transmission System for Use in Life-Critical Applications.- Author Index.
The paper introduces the problem of application of agile practices in critical software developme... more The paper introduces the problem of application of agile practices in critical software development projects. It summarizes the present state of research and identifies the need for having a ready-to-use model of being agile while still meeting the required assurance levels which could be particularly useful for small and medium sized safety-critical software companies. Then the objective and scope of a research aiming at delivering such a model is presented together with a case study description which is a step of this research project. The case study will investigate how software engineers perceive risks associated with introduction of agile practices and collect their ideas on how these risks could be mitigated.
In this paper we present AgileSafe - a method which supports introduction of agile practices into... more In this paper we present AgileSafe - a method which supports introduction of agile practices into safety-critical software development processes. To represent safety assurance constraints resulting from the regulatory context, AgileSafe uses assurance case patterns. The knowledge base of AgileSafe helps the user to select the agile practices relevant for the considered software development project. The corresponding assurance case patterns define the scope of the evidence to be collected to demonstrate that the project meets its safety constraints. The overview of the method is presented with reference to a case study - a project for continuous glucose monitoring-enabled insulin pump system.
The paper introduces the AgileSafe method of selecting agile practices for software development p... more The paper introduces the AgileSafe method of selecting agile practices for software development projects that are constrained by assurance requirements resulting from safety and/or security related standards. Such requirements are represented by argumentation templates which explain how the evidence collected during agile practices implementation will support the conformity with the requirements. Application of the method is demonstrated by referring to a case study of development of a medical domain related application that is supposed to meet the requirements imposed by the IEC 62443-4.1 standard.
Cyberspace security is a critical subject of our times. On one hand the development of Internet, ... more Cyberspace security is a critical subject of our times. On one hand the development of Internet, mobile communications, distributed computing, computer software and databases storing essential enterprise information has helped to conduct business and personal communication between individual people. On the other hand it has created many opportunities for abuse, fraud and expensive damage. This book is a selection of the best papers presented at the NATO Advanced Research Workshop dealing with the Subject of Cyberspace Security and Defense. The level of the individual contributions in the volume is advanced and suitable for senior and graduate students, researchers and technologists who wish to get some feeling of the state of the art in several sub-disciplines of Cyberspace security. Several papers provide a broad-brush description of national security issues and brief summaries of technology states. These papers can be read and appreciated by technically enlightened managers and executives who want to understand security issues and approaches to technical solutions. An important question of our times is not "Should we do something for enhancing our digital assets security", the question is "How to do it".
The paper presents research results related to the development of extensions of the conventional ... more The paper presents research results related to the development of extensions of the conventional safety analysis techniques like FTA and FMEA to provide for their applicability to software intensive systems. An object oriented model of the system is analyzed with the help of formalized FTA and FMEA techniques, which complements the hazard reachability analysis, performed within the abstract state space of the system. In addition to this, the object model is used to synthesize a safety monitor-the device that supervises the system at run time to provide for early detection of approaching hazards. The paper refers to the case studies that have been carried out to test the applicability of the proposed techniques. Those include a gas burner system, an extra high voltage substation and a railway signaling system.
... Stuart Anderson, UK Ramesh Bharadwaj, USA Andrzej Białas, Poland Robin Bloomfield, UK Sandro B... more ... Stuart Anderson, UK Ramesh Bharadwaj, USA Andrzej Białas, Poland Robin Bloomfield, UK Sandro Bologna, Italy Andrea Bondavalli, Italy Bettina ... Norway Simone Pozzi, Italy Gerd Rabe, Germany Felix Redmill, UK Krzysztof Sacha, Poland Francesca Saglietti, Germany Erwin ...
The paper presents a case study of application of the VDM formal method to specification and veri... more The paper presents a case study of application of the VDM formal method to specification and verification of a simple real-time kernel. Specifications of selected external services of the kernel are presented. Then the verification methodology is introduced by demonstrating its basic steps in relation to verification of a selected function-a process waiting for a signal on a condition variable.
This paper presents a method of collaborative risk management in software procurement and develop... more This paper presents a method of collaborative risk management in software procurement and development projects. First it overviews the success criteria and typical risks from the point of view of different stakeholders. Then a concept of the continuous process of risk identification and analysis is presented together with the structures supporting the management of the process and the representation of risks. We also propose a security policy to be applied in order to reflect possibly conflicting interests of project participants. Finally, a practical solution-the software tool supporting risk assessment, together with the results of three validation experiments are briefly presented.
In order to apply safety analysis techniques in an integrated fashion, the Common Safety Descript... more In order to apply safety analysis techniques in an integrated fashion, the Common Safety Description Model (CSDM) is developed to provide a formal semantics to such techniques. The motivation and objectives of CSDM are discussed; a theory of events that incorporates causality and timing is presented with its applications to safety analysis techniques.
The presentation introduces to the problem of evidencebased arguments and their applications. The... more The presentation introduces to the problem of evidencebased arguments and their applications. Then, based on the experiences collected during development and commercial deployment of a concrete solution to this problem (system NOR-STA) we overview selected challenges and the ways of addressing them.
Computer Science and Information Systems (FedCSIS), 2019 Federated Conference on, Oct 2, 2016
This article introduces AgileSafe, a new method of incorporating agile practices into critical so... more This article introduces AgileSafe, a new method of incorporating agile practices into critical software development while still maintaining compliance with the software assurance requirements imposed by the application domain. We present the description of the method covering the process of its application and the input and output artefacts.
The paper addresses the problem of designing reliable systems out of unreliable components. The s... more The paper addresses the problem of designing reliable systems out of unreliable components. The system and its components are specified as modules, using state function temporal logic specifications. Faulty (but tolerable) behaviours are specified by means of spontaneous inputs and nondeterministic post-conditions. G lobal restrictions on possible behaviours are expressed using temporal logic. Individual specifications of modules can be in~orporated by the stucture specification to form the abstract desig n of a hig her level (systeml) module.
Uploads
Papers by Janusz Gorski