Assurance-Level Driven Method for Integrating Security into SDLC ProcessSeungjoo Kim
Sooyoung Kang, Seungyeon Jeong, and Seungjoo Kim, "Assurance-Level Driven Method for Integrating Security into SDLC Process”, Proc. of The 18th CCUF Workshop 2020, The 18th Common Criteria Users Forum Workshop, Virtual (online) Conference, November 12, 2020.
The security phoenix - from the ashes of DEV-OPS Appsec California 2020NSC42 Ltd
Title:
The Security Phoenix
Subtitle:
From the ashes of DEVOPS
Synopsis:
The talk will take the audience on a path to integrate security in development covering aspect like SDLC, People and Technology, Metrix, and maturity matrix. The Talk will focus on several aspect like:
• Visibility of vulnerabilities in production
• Traceability of software built and source of the component
• Visualization of vulnerabilities and target (Divide in quarter, Build vs Fix)
• Maturity matrix and path to evolution with KCI
• Advanced concepts like breaking the build, license to operate
If time is available, the talk will explore some additional lesson learned
rough length: Compressed 25+5 min long version 30 min
Audience Take Away:
● How to build a cybersecurity programme with people and technology at the heart
● How and why to trace component and how they are built
● Why visibility in production and traceability is important
● How to set targets for product teams and what to measure in various phases
● How to involve risk assessment and where to apply governance
● Use cases to visualize vulnerabilities
This presentation will address all the relevant information about default security postures achieved by using the -aaS model. This session will be a unique opportunity to hear from Murray Goldschmidt, renowned DevSecOps expert, explaining the key items to achieve a secure deployment from build through ongoing continuous deployment, particularly for CI/CD DevOps environments
Key Points To Be Discussed:
-Learn the no-cost or low-cost measures to put in place immediately to secure their -aaS deployments.
-Understand where commercial products provide capability, particularly for container security.
-Understand the weaknesses of public cloud PaaS defaults—examples provided for AWS and Azure. Pre-Requisites:AWS and Azure PaaS offerings.
Nsc42 security knights slayer of dragons 0-5_very_short_15m_shareNSC42 Ltd
Security Architecture in DEVOPS
Title:
Security Architect, slayer of dragons defenders of the realms and protectors of the cybersecurity automation
Synopsis:
The talk will take the audience on a journey from the origin of the security architecture, the challenge of cloud security and the role of an architect in the dev-sec-ops world.
The talk explains the difference between traditional command and control governance and the solution to avoid starving automation and innovation with traditional security governance
We will explore:
Security Gates and why they do not always work in dev-ops
Automation how-tos:
How to deploy cybersecurity at scale
Why is important to know how to deal with people
Automation in the pipeline is the king
If time is available the talk will explore some additional lesson learned
rough length: compressed version 30 min normally 50 min or workshop format
Audience Take Away:
How to build a cybersecurity programme with architecture at the heart
how to do traditional security governance
how to mix governance and agile development as well as dev sec ops
how to extract patterns from existing design
the value of design principle patterns and why they are key to go fast.
how and when to use tools (SAST/DAST) and when to engineer
Assurance-Level Driven Method for Integrating Security into SDLC ProcessSeungjoo Kim
Sooyoung Kang, Seungyeon Jeong, and Seungjoo Kim, "Assurance-Level Driven Method for Integrating Security into SDLC Process”, Proc. of The 18th CCUF Workshop 2020, The 18th Common Criteria Users Forum Workshop, Virtual (online) Conference, November 12, 2020.
The security phoenix - from the ashes of DEV-OPS Appsec California 2020NSC42 Ltd
Title:
The Security Phoenix
Subtitle:
From the ashes of DEVOPS
Synopsis:
The talk will take the audience on a path to integrate security in development covering aspect like SDLC, People and Technology, Metrix, and maturity matrix. The Talk will focus on several aspect like:
• Visibility of vulnerabilities in production
• Traceability of software built and source of the component
• Visualization of vulnerabilities and target (Divide in quarter, Build vs Fix)
• Maturity matrix and path to evolution with KCI
• Advanced concepts like breaking the build, license to operate
If time is available, the talk will explore some additional lesson learned
rough length: Compressed 25+5 min long version 30 min
Audience Take Away:
● How to build a cybersecurity programme with people and technology at the heart
● How and why to trace component and how they are built
● Why visibility in production and traceability is important
● How to set targets for product teams and what to measure in various phases
● How to involve risk assessment and where to apply governance
● Use cases to visualize vulnerabilities
This presentation will address all the relevant information about default security postures achieved by using the -aaS model. This session will be a unique opportunity to hear from Murray Goldschmidt, renowned DevSecOps expert, explaining the key items to achieve a secure deployment from build through ongoing continuous deployment, particularly for CI/CD DevOps environments
Key Points To Be Discussed:
-Learn the no-cost or low-cost measures to put in place immediately to secure their -aaS deployments.
-Understand where commercial products provide capability, particularly for container security.
-Understand the weaknesses of public cloud PaaS defaults—examples provided for AWS and Azure. Pre-Requisites:AWS and Azure PaaS offerings.
Nsc42 security knights slayer of dragons 0-5_very_short_15m_shareNSC42 Ltd
Security Architecture in DEVOPS
Title:
Security Architect, slayer of dragons defenders of the realms and protectors of the cybersecurity automation
Synopsis:
The talk will take the audience on a journey from the origin of the security architecture, the challenge of cloud security and the role of an architect in the dev-sec-ops world.
The talk explains the difference between traditional command and control governance and the solution to avoid starving automation and innovation with traditional security governance
We will explore:
Security Gates and why they do not always work in dev-ops
Automation how-tos:
How to deploy cybersecurity at scale
Why is important to know how to deal with people
Automation in the pipeline is the king
If time is available the talk will explore some additional lesson learned
rough length: compressed version 30 min normally 50 min or workshop format
Audience Take Away:
How to build a cybersecurity programme with architecture at the heart
how to do traditional security governance
how to mix governance and agile development as well as dev sec ops
how to extract patterns from existing design
the value of design principle patterns and why they are key to go fast.
how and when to use tools (SAST/DAST) and when to engineer
The Role of National Quality Infrastructure in Promoting Risk-Based Solutions...Dr. Monideep Dey
This presentation was made by Dr. Monideep Dey, Deytec, Inc., to the Association Senegalaise de Normalisation (ASN) in Dakar, Senegal on June 29, 2018 for 45 Senegalese professionals from government and the private sector. The presentation describes the role of the national quality infrastructure for risk-based solutions to consumer protection.
The Role of National Quality Infrastructure in Promoting Risk-Based Solutions...Dr. Monideep Dey
This presentation was made by Dr. Monideep Dey, Deytec, Inc., to CODINORM (Standards Body of Cote d’Ivoire) in Abidjan, Cote d’Ivoire on June 27, 2018 for 55 Ivorian professionals from government and the private sector. The presentation describes the role of the national quality infrastructure for risk-based solutions to consumer protection.
This event covers what regulations and standards need to be in place to ensure the safety of new aircraft in built environments and near airports. Covering how a new and novel integrated aviation system should be regulated to ensure safety looking at regulations and standards, fuels and charging and how modelling mirrors reality.
The aim of the this event is to:
Convene interested parties to enable new collaborations to form
Raise awareness of the successful applicants from Phase I
Attract non-traditional aviation companies to Future Flight
Inform on the capabilities and expertise on offer to support your Future Flight project
Future Flight is a £125m Industrial Strategy Challenge Programme seeking to demonstrate novel aviation systems to completely transform the way we move people and goods. The programme seeks to demonstration a fully integrated system in 2024 delivered by large consortia of mixed expertise.
Find out more: https://ktn-uk.co.uk/news/future-flight-workshops
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...Perforce
In part one of our three-part webinar series, we examine common software development challenges, review the safety and security standards adopted by different industries, and examine the best practices that can be applied to any software development team.
Be there at the ISO26262 Conference on the 25-28 March 2019 at the Holiday Inn, Munich City Center, Germany. Confirmed speakers from Delphi Technologies, Toyota Research Institute, Texas Instruments. Read the details here: http://bit.ly/2Esno5h
Want to learn about the latest developments and methodologies for validation efficiency of Advanced driver-assistance systems (ADAS) and Self-Driving? Speakers from Volkswagen, Audi, Toyota and a lot more already confirmed their attendance. Download the full agenda here for detailed information on topic areas and speaker:
http://bit.ly/Agenda_Testing_ADAS_Self_Driving_Cars
Cross standard and scheme composition - A needed cornerstone for the European...Javier Tallón
The proliferation of new cybersecurity standards/schemes shows the interest of all the stakeholders to require cybersecurity for ICT products. On the other hand, a need for harmonization/recognition between standards/schemes is needed. Otherwise, there could be too many standards that become non-cost-effective for developers certifying their products.
For instance, almost every IoT vertical has its own set of cybersecurity standards. But IoT devices and it’s supply chain is not limited within a single vertical. In fact the contrary holds, that building blocks of an IoT device find appliance in a couple of other verticals. Assuming that these building blocks demonstrated cybersecurity compliance of some form, say for a particular vertical, it will be key for the economy to not repeat those proofs of compliance but instead accept across standards and schemes where applicable.
This talk will highlight the importance of the acceptance of certification and standard compliance results across different schemes or security standards. We will show examples (e.g., smart metering in France with de-facto acceptance of underlying CC results, SESIP to IEC62443-4-2) where this has been applied successfully, but will also look at existing standards or schemes where this would be possible (e.g. EUCC, FITCEM, etc‚) or proposals on how to apply this for Industrial IoT (IACS ERNCIP recommendations to the EU commission).
The talk will be given from the developer perspective (Georg Stütz from NXP) and lab perspective (Jose Ruiz from jtsec)
10 The Automotive Safety Confusion, Fredrik Törner.pdfMilin patel
For the safe application of SW and Electronics
technology, there are regulations as well as industry
best practices in place. • Continuously developed and adapted, e.g. for
ADS. • Industry standards provides terminology and
toolboxes to achieve safety and meet regulation. • How to argue achievement of safe ADS is an open
question that is being addressed through
research, industry collaboration, and
standardization.
The Role of National Quality Infrastructure in Promoting Risk-Based Solutions...Dr. Monideep Dey
This presentation was made by Dr. Monideep Dey, Deytec, Inc., to the Ghana Standards Authority (GSA) in Accra, Ghana on June 25, 2018 for 40 Ghanian professionals from government and the private sector. The presentation describes the role of the national quality infrastructure for risk-based solutions to consumer protection.
Would you like to know how SOTIF addresses possible hazards caused by intended behavior? Discuss the first draft of the SOTIF standard with international working group members and functional safety experts during the SOTIF Conference. Find out more here: http://bit.ly/SOTIF_Agenda_2019
An Industrial Experience Report about Challenges from Continuous Monitoring, ...SEAA 2022
Ali Nouri
Volvo Cars Gothenburg, Sweden
Christian Berger
University of Gothenburg, Sweden Department of Computer Science and Engineering
Fredrik Törner
Volvo Cars Gothenburg, Sweden
Unlike other industries, detailed discussions about functional safety in the automotive industry only began a few years ago. One of the reasons was that there was a prevailing view that the risks posed as a result of mechanical failures are still within the control of the driver.
You can also find interesting articles here: http://bit.ly/steering-articles
Verification of IVI Over-The-Air using UML/OCLSeungjoo Kim
Verification of IVI Over-The-Air using UML/OCL @ ICCC 2019 (International Common Criteria Conference), which is a major conference for the community of experts involved in security evaluation
At the Government Technology & Service Coalition's Transportation Security meeting, Mara Winn, Acting Director of TSA's Innovation Task Force describes the ITF, its mission and process.
Be fine or get fined - Keep up with Regulatory AgenciesHarshad Shah
Talking about maintenance management has become more than just asset life cycles and work orders. According to Safety and Health Magazine, Lockout/Tagout was in the top 5 of most “serious” OSHA Violations for the 2018 fiscal year.
How do you keep up with regulatory agencies, making sure your facility complies so you don't receive citations and fines?
A preventative maintenance system needs to be in place to make it easier for you to identify what may be safety or maintenance violations.
1 MINISTRY OF EDUCATION UNIVERSITY OF HAIL .docxrobert345678
1
MINISTRY OF EDUCATION
UNIVERSITY OF HAIL
COLLEGE OF ENGINEERING
كلية الهندسة
College of Engineering
Research Proposal Template
Please structure your Research Proposal based on the headings provided below, use a clear and legible font
and observe the page/word limit.
Research Project Title:
Motor Vehicle Safety Defects and Recall System: An Empirical Study in Saudi Arabia
Student Details:
Student Name
Student ID
Email Address
Date of Submission
Research Project
Serial No.
Supervisor Name Supervisor Signature Start Date
Only for College Officials Use
College Approval
Master of Quality Engineering and Management
Research Proposal
2
Master of Quality Engineering and Management 2020-2021
كلية الهندسة
College of Engineering
1- Research Title
Provide a short descriptive title of your proposed research (max. 20 words)
Motor Vehicle Safety Defects and Recall System: An Empirical Study in Saudi Arabia
2- Research Summary
Summarize the aims, significance and expected outcomes of your proposed research (max. 250 words).
It is to set the mechanism for recalling vehicles with manufacturing defects that affect in
one way or another the safety of vehicles and their users, and this is done by linking a
unified system in which the defective vehicle data is added and called in the system to
the maintenance centers of the concerned vehicle agencies. Workmanship defects are
classified as: (1) Basic defects, which are considered to have a serious and direct impact
on the safety of the vehicle and its users, and the inspection process cannot be passed
until after the defect is fixed. (2) Warning defects, which are considered a defect in the
product, but the effect of the defect does not threaten the safety of the vehicle and its
users pass the examination process and the defect is added as a warning only.
This research proposal aims to find the most effective way to reach every defected
vehicle and the effective way to deal with the vehicle owner to do the necessary changes
especially if it's related to safety in a systematic way. The purpose of the project is to
develop a new business model that was never used everywhere in the world and Saudi
Arabia will take the lead to publish this model to the rest of the world. Ensuring that the
practice will be used is the most effective practise as enabling to force the defected car
owner to have their vehicles fixed and the defected was solved.
Master of Quality Engineering and Management
Research Proposal
3
Master of Quality Engineering and Management 2020-2021
كلية الهندسة
College of Engineering
3- Introduction
This section should provide a description of the basic facts and importance of the research area - What is the research
area, the motivation of research, and how important is it for the industry practice/knowledge advancement? (max. 200 .
AN ISO SCHEME FOR USE AS A REVIEW GUIDE OR FOR CERTIFICATION OF PERFORMANCE-B...Dr. Monideep Dey
This paper proposes development of an ISO scheme that could be used either as a review guide or for the certification of a performance-based fire safety design in accordance with ISO 23932 – Fire Safety Engineering: General Principles . Deytec, Inc., a company member of the American National Standards Institute (ANSI), plans to propose the development of this ISO scheme to the ANSI International Conformity Assessment Committee (ICAC) which is the U.S. interface to the ISO Council Committee on Conformity Assessment (ISO CASCO). ISO CASCO writes standards and guides for the effective operation of conformity assessment bodies and activities. The purpose of the proposed scheme is to address present issues faced by national authorities and applicants in the review and approval of performance-based fire safety designs.
Monideep Dey, PhD
President, Deytec, Inc.
Water scarcity is the lack of fresh water resources to meet the standard water demand. There are two type of water scarcity. One is physical. The other is economic water scarcity.
Student information management system project report ii.pdfKamal Acharya
Our project explains about the student management. This project mainly explains the various actions related to student details. This project shows some ease in adding, editing and deleting the student details. It also provides a less time consuming process for viewing, adding, editing and deleting the marks of the students.
More Related Content
Similar to Safety Assurance and Certification: Current Practices, Challenges, and Brainstorming on Ways Forward
The Role of National Quality Infrastructure in Promoting Risk-Based Solutions...Dr. Monideep Dey
This presentation was made by Dr. Monideep Dey, Deytec, Inc., to the Association Senegalaise de Normalisation (ASN) in Dakar, Senegal on June 29, 2018 for 45 Senegalese professionals from government and the private sector. The presentation describes the role of the national quality infrastructure for risk-based solutions to consumer protection.
The Role of National Quality Infrastructure in Promoting Risk-Based Solutions...Dr. Monideep Dey
This presentation was made by Dr. Monideep Dey, Deytec, Inc., to CODINORM (Standards Body of Cote d’Ivoire) in Abidjan, Cote d’Ivoire on June 27, 2018 for 55 Ivorian professionals from government and the private sector. The presentation describes the role of the national quality infrastructure for risk-based solutions to consumer protection.
This event covers what regulations and standards need to be in place to ensure the safety of new aircraft in built environments and near airports. Covering how a new and novel integrated aviation system should be regulated to ensure safety looking at regulations and standards, fuels and charging and how modelling mirrors reality.
The aim of the this event is to:
Convene interested parties to enable new collaborations to form
Raise awareness of the successful applicants from Phase I
Attract non-traditional aviation companies to Future Flight
Inform on the capabilities and expertise on offer to support your Future Flight project
Future Flight is a £125m Industrial Strategy Challenge Programme seeking to demonstrate novel aviation systems to completely transform the way we move people and goods. The programme seeks to demonstration a fully integrated system in 2024 delivered by large consortia of mixed expertise.
Find out more: https://ktn-uk.co.uk/news/future-flight-workshops
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...Perforce
In part one of our three-part webinar series, we examine common software development challenges, review the safety and security standards adopted by different industries, and examine the best practices that can be applied to any software development team.
Be there at the ISO26262 Conference on the 25-28 March 2019 at the Holiday Inn, Munich City Center, Germany. Confirmed speakers from Delphi Technologies, Toyota Research Institute, Texas Instruments. Read the details here: http://bit.ly/2Esno5h
Want to learn about the latest developments and methodologies for validation efficiency of Advanced driver-assistance systems (ADAS) and Self-Driving? Speakers from Volkswagen, Audi, Toyota and a lot more already confirmed their attendance. Download the full agenda here for detailed information on topic areas and speaker:
http://bit.ly/Agenda_Testing_ADAS_Self_Driving_Cars
Cross standard and scheme composition - A needed cornerstone for the European...Javier Tallón
The proliferation of new cybersecurity standards/schemes shows the interest of all the stakeholders to require cybersecurity for ICT products. On the other hand, a need for harmonization/recognition between standards/schemes is needed. Otherwise, there could be too many standards that become non-cost-effective for developers certifying their products.
For instance, almost every IoT vertical has its own set of cybersecurity standards. But IoT devices and it’s supply chain is not limited within a single vertical. In fact the contrary holds, that building blocks of an IoT device find appliance in a couple of other verticals. Assuming that these building blocks demonstrated cybersecurity compliance of some form, say for a particular vertical, it will be key for the economy to not repeat those proofs of compliance but instead accept across standards and schemes where applicable.
This talk will highlight the importance of the acceptance of certification and standard compliance results across different schemes or security standards. We will show examples (e.g., smart metering in France with de-facto acceptance of underlying CC results, SESIP to IEC62443-4-2) where this has been applied successfully, but will also look at existing standards or schemes where this would be possible (e.g. EUCC, FITCEM, etc‚) or proposals on how to apply this for Industrial IoT (IACS ERNCIP recommendations to the EU commission).
The talk will be given from the developer perspective (Georg Stütz from NXP) and lab perspective (Jose Ruiz from jtsec)
10 The Automotive Safety Confusion, Fredrik Törner.pdfMilin patel
For the safe application of SW and Electronics
technology, there are regulations as well as industry
best practices in place. • Continuously developed and adapted, e.g. for
ADS. • Industry standards provides terminology and
toolboxes to achieve safety and meet regulation. • How to argue achievement of safe ADS is an open
question that is being addressed through
research, industry collaboration, and
standardization.
The Role of National Quality Infrastructure in Promoting Risk-Based Solutions...Dr. Monideep Dey
This presentation was made by Dr. Monideep Dey, Deytec, Inc., to the Ghana Standards Authority (GSA) in Accra, Ghana on June 25, 2018 for 40 Ghanian professionals from government and the private sector. The presentation describes the role of the national quality infrastructure for risk-based solutions to consumer protection.
Would you like to know how SOTIF addresses possible hazards caused by intended behavior? Discuss the first draft of the SOTIF standard with international working group members and functional safety experts during the SOTIF Conference. Find out more here: http://bit.ly/SOTIF_Agenda_2019
An Industrial Experience Report about Challenges from Continuous Monitoring, ...SEAA 2022
Ali Nouri
Volvo Cars Gothenburg, Sweden
Christian Berger
University of Gothenburg, Sweden Department of Computer Science and Engineering
Fredrik Törner
Volvo Cars Gothenburg, Sweden
Unlike other industries, detailed discussions about functional safety in the automotive industry only began a few years ago. One of the reasons was that there was a prevailing view that the risks posed as a result of mechanical failures are still within the control of the driver.
You can also find interesting articles here: http://bit.ly/steering-articles
Verification of IVI Over-The-Air using UML/OCLSeungjoo Kim
Verification of IVI Over-The-Air using UML/OCL @ ICCC 2019 (International Common Criteria Conference), which is a major conference for the community of experts involved in security evaluation
At the Government Technology & Service Coalition's Transportation Security meeting, Mara Winn, Acting Director of TSA's Innovation Task Force describes the ITF, its mission and process.
Be fine or get fined - Keep up with Regulatory AgenciesHarshad Shah
Talking about maintenance management has become more than just asset life cycles and work orders. According to Safety and Health Magazine, Lockout/Tagout was in the top 5 of most “serious” OSHA Violations for the 2018 fiscal year.
How do you keep up with regulatory agencies, making sure your facility complies so you don't receive citations and fines?
A preventative maintenance system needs to be in place to make it easier for you to identify what may be safety or maintenance violations.
1 MINISTRY OF EDUCATION UNIVERSITY OF HAIL .docxrobert345678
1
MINISTRY OF EDUCATION
UNIVERSITY OF HAIL
COLLEGE OF ENGINEERING
كلية الهندسة
College of Engineering
Research Proposal Template
Please structure your Research Proposal based on the headings provided below, use a clear and legible font
and observe the page/word limit.
Research Project Title:
Motor Vehicle Safety Defects and Recall System: An Empirical Study in Saudi Arabia
Student Details:
Student Name
Student ID
Email Address
Date of Submission
Research Project
Serial No.
Supervisor Name Supervisor Signature Start Date
Only for College Officials Use
College Approval
Master of Quality Engineering and Management
Research Proposal
2
Master of Quality Engineering and Management 2020-2021
كلية الهندسة
College of Engineering
1- Research Title
Provide a short descriptive title of your proposed research (max. 20 words)
Motor Vehicle Safety Defects and Recall System: An Empirical Study in Saudi Arabia
2- Research Summary
Summarize the aims, significance and expected outcomes of your proposed research (max. 250 words).
It is to set the mechanism for recalling vehicles with manufacturing defects that affect in
one way or another the safety of vehicles and their users, and this is done by linking a
unified system in which the defective vehicle data is added and called in the system to
the maintenance centers of the concerned vehicle agencies. Workmanship defects are
classified as: (1) Basic defects, which are considered to have a serious and direct impact
on the safety of the vehicle and its users, and the inspection process cannot be passed
until after the defect is fixed. (2) Warning defects, which are considered a defect in the
product, but the effect of the defect does not threaten the safety of the vehicle and its
users pass the examination process and the defect is added as a warning only.
This research proposal aims to find the most effective way to reach every defected
vehicle and the effective way to deal with the vehicle owner to do the necessary changes
especially if it's related to safety in a systematic way. The purpose of the project is to
develop a new business model that was never used everywhere in the world and Saudi
Arabia will take the lead to publish this model to the rest of the world. Ensuring that the
practice will be used is the most effective practise as enabling to force the defected car
owner to have their vehicles fixed and the defected was solved.
Master of Quality Engineering and Management
Research Proposal
3
Master of Quality Engineering and Management 2020-2021
كلية الهندسة
College of Engineering
3- Introduction
This section should provide a description of the basic facts and importance of the research area - What is the research
area, the motivation of research, and how important is it for the industry practice/knowledge advancement? (max. 200 .
AN ISO SCHEME FOR USE AS A REVIEW GUIDE OR FOR CERTIFICATION OF PERFORMANCE-B...Dr. Monideep Dey
This paper proposes development of an ISO scheme that could be used either as a review guide or for the certification of a performance-based fire safety design in accordance with ISO 23932 – Fire Safety Engineering: General Principles . Deytec, Inc., a company member of the American National Standards Institute (ANSI), plans to propose the development of this ISO scheme to the ANSI International Conformity Assessment Committee (ICAC) which is the U.S. interface to the ISO Council Committee on Conformity Assessment (ISO CASCO). ISO CASCO writes standards and guides for the effective operation of conformity assessment bodies and activities. The purpose of the proposed scheme is to address present issues faced by national authorities and applicants in the review and approval of performance-based fire safety designs.
Monideep Dey, PhD
President, Deytec, Inc.
Water scarcity is the lack of fresh water resources to meet the standard water demand. There are two type of water scarcity. One is physical. The other is economic water scarcity.
Student information management system project report ii.pdfKamal Acharya
Our project explains about the student management. This project mainly explains the various actions related to student details. This project shows some ease in adding, editing and deleting the student details. It also provides a less time consuming process for viewing, adding, editing and deleting the marks of the students.
Welcome to WIPAC Monthly the magazine brought to you by the LinkedIn Group Water Industry Process Automation & Control.
In this month's edition, along with this month's industry news to celebrate the 13 years since the group was created we have articles including
A case study of the used of Advanced Process Control at the Wastewater Treatment works at Lleida in Spain
A look back on an article on smart wastewater networks in order to see how the industry has measured up in the interim around the adoption of Digital Transformation in the Water Industry.
Courier management system project report.pdfKamal Acharya
It is now-a-days very important for the people to send or receive articles like imported furniture, electronic items, gifts, business goods and the like. People depend vastly on different transport systems which mostly use the manual way of receiving and delivering the articles. There is no way to track the articles till they are received and there is no way to let the customer know what happened in transit, once he booked some articles. In such a situation, we need a system which completely computerizes the cargo activities including time to time tracking of the articles sent. This need is fulfilled by Courier Management System software which is online software for the cargo management people that enables them to receive the goods from a source and send them to a required destination and track their status from time to time.
Immunizing Image Classifiers Against Localized Adversary Attacksgerogepatton
This paper addresses the vulnerability of deep learning models, particularly convolutional neural networks
(CNN)s, to adversarial attacks and presents a proactive training technique designed to counter them. We
introduce a novel volumization algorithm, which transforms 2D images into 3D volumetric representations.
When combined with 3D convolution and deep curriculum learning optimization (CLO), itsignificantly improves
the immunity of models against localized universal attacks by up to 40%. We evaluate our proposed approach
using contemporary CNN architectures and the modified Canadian Institute for Advanced Research (CIFAR-10
and CIFAR-100) and ImageNet Large Scale Visual Recognition Challenge (ILSVRC12) datasets, showcasing
accuracy improvements over previous techniques. The results indicate that the combination of the volumetric
input and curriculum learning holds significant promise for mitigating adversarial attacks without necessitating
adversary training.
Explore the innovative world of trenchless pipe repair with our comprehensive guide, "The Benefits and Techniques of Trenchless Pipe Repair." This document delves into the modern methods of repairing underground pipes without the need for extensive excavation, highlighting the numerous advantages and the latest techniques used in the industry.
Learn about the cost savings, reduced environmental impact, and minimal disruption associated with trenchless technology. Discover detailed explanations of popular techniques such as pipe bursting, cured-in-place pipe (CIPP) lining, and directional drilling. Understand how these methods can be applied to various types of infrastructure, from residential plumbing to large-scale municipal systems.
Ideal for homeowners, contractors, engineers, and anyone interested in modern plumbing solutions, this guide provides valuable insights into why trenchless pipe repair is becoming the preferred choice for pipe rehabilitation. Stay informed about the latest advancements and best practices in the field.
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Dr.Costas Sachpazis
Terzaghi's soil bearing capacity theory, developed by Karl Terzaghi, is a fundamental principle in geotechnical engineering used to determine the bearing capacity of shallow foundations. This theory provides a method to calculate the ultimate bearing capacity of soil, which is the maximum load per unit area that the soil can support without undergoing shear failure. The Calculation HTML Code included.
Event Management System Vb Net Project Report.pdfKamal Acharya
In present era, the scopes of information technology growing with a very fast .We do not see any are untouched from this industry. The scope of information technology has become wider includes: Business and industry. Household Business, Communication, Education, Entertainment, Science, Medicine, Engineering, Distance Learning, Weather Forecasting. Carrier Searching and so on.
My project named “Event Management System” is software that store and maintained all events coordinated in college. It also helpful to print related reports. My project will help to record the events coordinated by faculties with their Name, Event subject, date & details in an efficient & effective ways.
In my system we have to make a system by which a user can record all events coordinated by a particular faculty. In our proposed system some more featured are added which differs it from the existing system such as security.
Forklift Classes Overview by Intella PartsIntella Parts
Discover the different forklift classes and their specific applications. Learn how to choose the right forklift for your needs to ensure safety, efficiency, and compliance in your operations.
For more technical information, visit our website https://intellaparts.com
About
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Technical Specifications
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
Key Features
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface
• Compatible with MAFI CCR system
• Copatiable with IDM8000 CCR
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
Application
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Safety Assurance and Certification: Current Practices, Challenges, and Brainstorming on Ways Forward
1. Barbara Gallina
barbara.gallina@mdh.se
Certifiable Evidences & Justification Engineering
Mälardalen University, Västerås, Sweden
29th October 2019, 9th IEEE International Workshop on Software Certification (WoSoCER)
Safety Assurance and Certification: Current Practices,
Challenges, and Brainstorming on Ways Forward
2. Talk outline:
• Safety
– Safety standards in automotive for road vehicles
– Safety standards introduction process
• Safety assurance and certification
• Challenges
• Ways forwards
• Brainstorming
B. Gallina, WoSoCER, 29th October 2019
3. Safety
Which risk related to which system?
Due to what? Which hazards? How safe is safe?
Safety- According to Avizienis et al. 2004
absence of catastrophic consequences
on the user(s) and the environment.
Safety – according to EN 61508-4:2010
freedom from unacceptable risk
Safety – according to EN 50126-1:2017
freedom from unacceptable risk
Safety- according to ISO 26262-1:2018
absence of unreasonable risk
What does “catastrophic” mean?
What does “unacceptable” mean?
What does “unreasonable” mean?
Carrot diagram:
acceptable, tolerable, unacceptable
Via a magic stick, we set the lines
B. Gallina, WoSoCER, 29th October 2019
4. Safety of road vehicles (cars, trucks, etc)
ISO 26262:2018 Functional safety, revised version of ISO 26262:2011, 2006-2018
absence of unreasonable risk due to hazards
caused by malfunctioning behaviour of E/E systems
Electric power steering, taken from [1]
Adaptive cruise control, taken from [2]
12 years
B. Gallina, WoSoCER, 29th October 2019
5. Safety of road vehicles (cars, trucks, etc)
Do you need help to categorize your hazards? Severity? Exposure? Controllability?
Do you need help with ASIL determination?
J2980
J2980:2018-04 –Considerations for ISO 26262 ASIL Hazard Classification
SAE recommended focusing on Moving control systems
B. Gallina, WoSoCER, 29th October 2019
6. Safety of road vehicles
ISO 26262
ISO 21448
ISO 21448:2019 SOTIF
Safety of the intended functionality (PAS)
” to be applied to intended functionality,
where proper situational awareness is critical to safety,
and where that situational awareness is derived
from complex sensors and processing algorithms;
especially emergency intervention systems
(e.g. emergency braking systems) and
Advanced Driver Assistance Systems (ADAS)
with levels 1 and 2 on the OICA/SAE standard
J3016 automation scales. ”
Source: https://www.iso.org/standard/70939.html
J2980
Source: https://www.nhtsa.gov/technology-innovation/automated-vehicles-safety
B. Gallina, WoSoCER, 29th October 2019
7. Safety of road vehicles
ISO 26262
ISO 21448 UL 4600
No driver
Controllability?
UL 4600
The First Comprehensive Safety Standard for Autonomous Products
Prompts-based standard
J2980
Source: https://edge-case-research.com/wp-content/uploads/2019/10/UL-4600-Prelim-Review-Proposal_20191002.pdf
B. Gallina, WoSoCER, 29th October 2019
8. Safety of connected road vehicles
Vehicle to Vehicle (V2V) and Vehicle to other systems (V2X) communication capabilities
J3061-available handbook
Need for:
Security-informed safety
Safe communication
J2980
B. Gallina, WoSoCER, 29th October 2019
9. Safety of connected road vehicles
-> New business models
Fleet-centric (systems of systems ) vs Vehicle-centric –>platooning
(->substantial reduction of the inter-vehicle distance to minimize drag)
Safety at system of systems level due to emergent behaviour
Extension of ISO 26262:2018?
CACC-Cooperative automatic Cruise Control
”Vehicle-level ASIL determination is influenced by vehicle-to-vehicle communication faults” [13]
B. Gallina, WoSoCER, 29th October 2019
10. Safety-related standards for vehicles
-big bang-
Safety
Domain-independent safety
Domain-specific safety
Safety of air vehicles
Safety of rail vehicles
Safety of road vehicles
Growing complexity of the standardization frameworks
B. Gallina, WoSoCER, 29th October 2019
11. What about safety of other vehicles
Air vehicles?
Rail vehicles?
Road&Air vehicles?
Hyperloop?
…
Ongoing: 125 system requirements,
proposed by one of the companies
involved in making the hyperloop technology concrete
Source: https://www.smartcitiesarabia.com/government/42560-hyperloop-tt-presents-hyperloop-safety-guidelines-to-the-ec
IEC 62267:2009
ISO 17253:2014
B. Gallina, WoSoCER, 29th October 2019
12. Standards introduction process
is not available to either developers or conformance experts. In fact, the rational
essentially discarded once development of the standard was complete and the
mittee disbanded.
2.2 Using Standards
Fig. 1. Standards development and use as currently practiced.
The Indispensable Role of Rationale in Safety Standards
Adapted from [Knight et al 16]
B. Gallina, WoSoCER, 29th October 2019
13. Standards introduction according to ISO
From 18 to 48 months
Every 5 years, it should be revised
It takes time to introduce a standard!
It takes time to maintain a standard!
Who participates to the introduction of a standard?
OEMs (original equipment manufacturers),
Governance,
Research Institutions
Suppliers
…
Baseline
Source: https://www.iso.org/files/live/sites/isoorg/files/developing_standards/docs/en/Target_date_planner_4_ISO_standards_development_tracks_2017.pdf
B. Gallina, WoSoCER, 29th October 2019
14. What do standards contain?
• Goals? Yes
• Means to achieve goals? Yes, e.g, the reference process models, the
techniques/guidelines recommended
• Expected evidence? Yes
• Example of a goal:
• eighty-five percent of the children must be unable to open the package within
five minutes –child resistant packaging
B. Gallina, WoSoCER, 29th October 2019
16. Assurance and Certification
Why Safety Certification?
“Safety certification assures society at large that deployment of a given system
does not pose an unacceptable risk of harm.”
[Rushby, 2011]
B. Gallina, WoSoCER, 29th October 2019
17. Assurance and Certification -Phases
plans
Planned
DO-178C, recognized by FAA via AC20-115C on July 19, 2013.
Confirmed recognition via AC20-115D on July 21, 2017.
Adapted from [Knight et al 16] [Taken from Knight et al 16]
B. Gallina, WoSoCER, 29th October 2019
18. Current practice: process centered
Compliance
Management
/Safety
demonstration
Risk-driven processes
B. Gallina, WoSoCER, 29th October 2019
19. Current practice: product centered
Formalization
Normative SpaceProduct Space
Product Model(s)
Norm(s)
Compliance
Management
/Safety
demonstration
B. Gallina, WoSoCER, 29th October 2019
20. Assurance and Certification -Safety Cases
There are several ways of organizing
and conducting certification, but all are conceptually based on scrutiny of an argument
that certain claims about safety are justified by evidence about the system.”
[Rushby, 2011]
Automotive domain? YES, An argument is a requirement
Rail domain? YES, An argument is a requirement
Aviation domain? NO, An argument is not a requirement.
However some researchers point out its implicit presence
Debate: Is a safety case beneficial?
Would it be sufficient to during the assessment?
ISO/IEC 15026-2:2011
B. Gallina, WoSoCER, 29th October 2019
21. Assurance and Certification -Safety Cases
Confirmation bias!
Is it the only one?
B. Gallina, WoSoCER, 29th October 2019
22. Assurance and Certification -Safety Cases
Fertilizing the safety community with Toulmin’ model for argumentation
https://en.wikipedia.org/wiki/Stephen_Toulmin
https://slideplayer.com/slide/12972736/
B. Gallina, WoSoCER, 29th October 2019
23. Assurance and Certification -Safety Cases
Fertilizing the safety community with Toulmin’ model for argumentation
Is a GSN-documented safety case the panacea?
No experimental evidence is available
SACM
(Structured Assurance
Case Metamodel)
20+Years of development..
to fix the syntax..
is it beneficial? YES!
to enable automatic generation. But,
does it help to document sound arguments?
Claim Argument Evidence (CAE)
Source: https://www.adelard.com/asce/choosing-asce/cae.html
Concrete syntax
Abstract syntax
B. Gallina, WoSoCER, 29th October 2019
Goal Structuring Notation (GSN)
Concrete syntax
24. Assurance and Certification -Safety Cases
Fertilizing the safety community with Toulmin’ model for argumentation
ISO/IEC
15026-2:2011
Argumentation pattern including
arguments for:
Rationale
Satisfaction
Means
Organizational environment
A non-goal based set of guidelines
B. Gallina, WoSoCER, 29th October 2019
26. Challenges: setting the bar, and its nature
Is not trivial…
• performance of performance-based regulation remains an open but vital
empirical question, one whose answer is long overdue, see [12]
B. Gallina, WoSoCER, 29th October 2019
27. ISO 26262:2018
EN 50126-1&2:2017
EN 50128:2011
EN 50129:2019
ARP4754A:2010
DO 178C: 2011
ARP4761:1996
Standards proliferation, cognitive complexity,
inefficiency
B. Gallina, WoSoCER, 29th October 2019
DO-326A
SAE J3061:2016
28. Way forward: Let’s go for a big crunch!
B. Gallina, WoSoCER, 29th October 2019
30. Going back to the overarching properties
is not available to either developers or conformance experts. In fact, the rationale was
essentially discarded once development of the standard was complete and the com-
mittee disbanded.
Fig. 1. Standards development and use as currently practiced.
The Indispensable Role of Rationale in Safety Standards 41
users
Meta-
objectives
FAA-work started in 2015
RESSAC project
OP-standard
B. Gallina, WoSoCER, 29th October 2019
31. Overarching properties
• Intent: The defined intended behavior is correct and complete with
respect to the desired behavior
• Correctness: The implementation is correct with respect to its
defined intended behavior, under foreseeable operating conditions
• Acceptability: Any part of the implementation that is not required by
the defined intended behavior has no unacceptable safety impact
Taken from Chelini et al. 2018 [4]; Holloway, 2019 [5] &OPWG
EU research project, Re-Engineering and Streamlining the. Standards for Avionics Certification (RESSAC)
Assumptions: the following the set of properties is sufficient
OP text is either unambiguous as to its meaning or, alternatively, that any ambiguities
that exist resolve to equally permissible interpretations, all of which preserve su ciency.
B. Gallina, WoSoCER, 29th October 2019
32. Overarching properties
-current status of development-
• How OPs should be assessed? Direct evidence? Indirect evidence? Via
an argument?
• Let’s assume the oracale Quinn exists..
…but Quinn does not exist on Earth…
B. Gallina, WoSoCER, 29th October 2019
33. Overarching properties
-current status of development-
• At the time being it is an intellectual exercise..and it likely it will remain
so for several years..and perhaps it will generate a ready-to-go
argument-based approach for the safety assessment, see [14]..
However, ”Writing an OP-possession argument might not be
cheaper than, e.g., writing a DO-178C software accomplish- ment
summary” [14]..
• No experimental evidence is accessible..
• No substantial experimental evidence has been produced..
• Possible issue: interoperability ..
– How OEMs and suppliers can co-work?
B. Gallina, WoSoCER, 29th October 2019
34. 4+1 Principles
by T. Kelly&C
1. Software safety requirements shall be defined to address the software contribution to
system hazards
2. The intent of the software safety requirements shall be maintained throughout
requirements decomposition
3. Software safety requirements shall be satisfied
4. Hazardous behaviour of the software has been identified and mitigated
4+1. The confidence established in addressing the software safety principles shall be
commensurate to the contribution of the software to system risk
B. Gallina, WoSoCER, 29th October 2019
35. Way forward: Let’s systematise what
we have achieved so far
B. Gallina, WoSoCER, 29th October 2019
36. Streamlining certification via the AMASS platform
No wild removal of standards but
Increased efficiency via a platform for certification enabling:
-systematisation of their commonalities/variabilities for facilitating tailoring
-seamless interoperability
-semi-automatic generation of artefacts and arguments
https://polarsys.org/opencert/downloads/
including
product and process-based argumentsAdapted from [15-16]
B. Gallina, WoSoCER, 29th October 2019
38. Brainstorming: Knowing the the 4 P
model to influence the safety agenda
Note power and perception may filter/alter the proximity and the potency
Power: to persuade, manipulate coerce, ..
Perception: turn issues into problems,
what issues shall be deemed important
“Quite often policy makers, opinion makers and other personalities of public life
selectively report and interprets events so as to activate (de-activate) empathy
or support for an item”
Potency: intensity or severity of consequences of a given issues.
Proximity: distance to the issue
Note that proximity plays a role
“all politics is local”
The skolstreik phenomenon –all of a sudden the perception has changed..
B. Gallina, WoSoCER, 29th October 2019
39. Politically-informed policy analysis
• FAA-Federal Aviation Agency was created in 1958. At that time it was
an independent unit
• In 1966 is was renamed Federal Aviation Administration and its
independece status was lost
• FAA has a dual mandate with conflicting objectives:
– safety concerns and regulation; àoversight of the airlines
– promotion of the airlines business àlaissez-faire approach in which
airlines would largely be responsible of regulating themselves
Superiority relation was introduced in 1996
• In the ninenities, FAA has been considered to be slow in responding to
changing safety neeeds
• The tombstone agency
B. Gallina, WoSoCER, 29th October 2019
40. Policy makers might be acting on social media
Social media/likes generate addiction
If you like “likes”, go for rationalized likes in order to contribute to build a discourse
Brainstorming: 4 P model – Perception in action
B. Gallina, WoSoCER, 29th October 2019
42. • ”Let us think of the philosopher's eye resting upon existence: he wants
to determine its value anew. For it has been the proper task of all great
thinkers to be lawgivers as to the measure, stamp and weight of things.”
• If the philosopher is an ideal educator, ”from the ideal image it is
possible to fasten upon ourselves a chain of fulfillable duties”.
• http://nietzsche.holtof.com/Nietzsche_untimely_meditations/schopenhauer_as_educator.htm
• https://books.google.com.gi/books?id=Yaw0AAAAQBAJ&printsec=copyright#v=onepage&q&f=false
Towards Regulatory Excellence
Analogy: Philosopher/Safety Policy Maker
Source: https://it.wikipedia.org/wiki/Friedrich_Nietzsche#/media/File:Nietzsche1882.jpg
B. Gallina, WoSoCER, 29th October 2019
46. What if Regulatory fails?
…chain of non-fulfillable duties
Taken from [10]
B. Gallina, WoSoCER, 29th October 2019
47. Regulatory excellence
Conduct of code … inheriting from Ippocrate
“I will use treatment to help the sick according to my ability and judgment,
but never with a view to injury and wrong-doing.
…
I will utterly reject harm and mischief”
https://en.wikipedia.org/wiki/Hippocratic_Oath
http://www.pbs.org/wgbh/nova/body/hippocratic-oath-today.html
A promise said out loud
B. Gallina, WoSoCER, 29th October 2019
48. Regulatory excellence
Conduct of code learning from the medical domain
“The Hippocratic Oath for Connected Medical Devices describes
commitments to capabilities that preserve patient safety, as well
as trust in the process of care delivery itself.”
Sources: https://www.iamthecavalry.org/domains/medical/oath/
https://www.iamthecavalry.org/wp-content/uploads/2016/01/I-Am-The-Cavalry-Hippocratic-Oath-for-Connected-Medical-Devices.pdf
B. Gallina, WoSoCER, 29th October 2019
49. • Synthesis of conflicting trends
– Process/Product
– Safety Case/Alternatives
– Expanding/Reducing
Quoting Ovid:
« medio tutissimus ibis »
safety lies in the middle course
Thinking while walking through the “stoa”
B. Gallina, WoSoCER, 29th October 2019
51. • Elaborating on a code of conduct
– Razionalized “likes”
• A Manifesto for Industrial/Academic Responsibility in
Guaranteeing Reporting and Data Open access for
Measuring the Benefits/Effectiveness of Emerging as well as
so-called Best Development Practices
– Open-access repository of proven in use evidence regarding
benefits/effectiveness of practices
Actions
B. Gallina, WoSoCER, 29th October 2019
52. References
1. Christopher Becker, Ahmad Nasser, Fouad Attioui, David Arthur, Andy Moy, and John Brewer. Functional Safety
Assessment Of a Generic Electric Power Steering System With Active Steering and Four-Wheel Steering Features. DOT HS
812 575 , August 2018.
https://www.nhtsa.gov/sites/nhtsa.dot.gov/files/documents/13501_812575_electricpowersteeringreport.pdf
2. 5th Meeting of the U.S. Software System Safety Working Group April 12th-14th 2005 @ Anaheim, California USA. Adaptive
Cruise Control System Overview.
http://sunnyday.mit.edu/safety-club/workshop5/Adaptive_Cruise_Control_Sys_Overview.pdf
3. ISO/IEC 15026-2:2011. Systems and software engineering — Systems and software assurance — Part 2: Assurance case
4. James Chelini, Jean Camus, Cyrille Comar, Duncan Brown, Anne-Perrine Porte, et al.. Avionics Certification: Back to
Fundamentals with Overarching Properties. ERTS 2018, Jan 2018, Toulouse, France. ⟨hal-02156109⟩
5. Holloway, C. Michael. 2019. Understanding the Overarching Properties. NASA/TM-2019-220292. (Earlier drafts of this
document were supported in substantial part through an annex, “Streamlining Assurance Processes”, to a Reimbursable
Interagency Agreement (Numbered IA-1407 by NASA and DTFAWA-14-C-00019 by the FAA)
6. SOFTWARE SAFETY STANDARD, NASA TECHNICAL STANDARD, National Aeronautics and Space Administration
Washington, DC 20546-0001, NASA-STD-8719.13C. Approved: 05-07-2013.
7. http://nietzsche.holtof.com/Nietzsche_untimely_meditations/schopenhauer_as_educator.htm
8. On Hyperloop:
https://www.era.europa.eu/sites/default/files/library/docs/hyperloop_innovation_for_global_transportation_en_1.pdf
9. The 4+1 Software Safety Principles and their relation to building safety cases .http://www.goalstructuringnotation.info/wp-
content/uploads/2013/02/The-4+1-Software-Safety-Principles-and-their-relation-to-building-safety-cases.pdf
B. Gallina, WoSoCER, 29th October 2019
53. References
10. REDUCING THE RISK OF POLICY FAILURE: CHALLENGES FOR REGULATORY COMPLIANCE, Organisation for
Economic Co-operation and Development, 2000.
11. [Knight et al 16] John C. Knight, Jonathan C. Rowanhill: The Indispensable Role of Rationale in Safety Standards.
SAFECOMP 2016: 39-50
12. The Limits of Performance-Based Regulation. Cary Coglianese, 2017
13. Y. Dajsuren and G. Loupias, "Safety Analysis Method for Cooperative Driving Systems," 2019 IEEE International Conference
on Software Architecture (ICSA), Hamburg, Germany, 2019, pp. 181-190.
doi: 10.1109/ICSA.2019.00027
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8703914&isnumber=8703896
14. M. Graydon, "Retrospectively Documenting SAFEGUARD's Possession of the Overarching Properties," 2019 49th Annual
IEEE/IFIP International Conference on Dependable Systems and Networks – Supplemental Volume (DSN-S), Portland, OR,
USA, 2019, pp. 27-28.
doi: 10.1109/DSN-S.2019.00019
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8805812&isnumber=8805745
15. B. Gallina. Towards Enabling Reuse in the Context of Safety-critical Product Lines. IEEE/ACM 5th International Workshop
on Product LinE Approaches in Software Engineering (PLEASE), joint event of ICSE, Florence, Italy, May 19th, 2015. IEEE,
pp. 15-18, DOI: 10.1109/PLEASE.2015.12. Electronic ISBN: 978-1-4673-7061-5.
16. B. Gallina. Quantitative Evaluation of Tailoring within SPICE-compliant Security-informed Safety-oriented Process Lines.
Journal of Software: Evolution and Process, EuroSPI Special Issue, August, 2019, DOI:10.1002/smr.2212.
B. Gallina, WoSoCER, 29th October 2019
54. Thank you for your
attention!
Discussion time…
B. Gallina, WoSoCER, 29th October 2019