37th International Conference on Computer Safety, Reliability, & SecurityConference and WS Proceedings
Since it was established in 1979 by the European Workshop on Industrial Computer Systems, Technical Committee 7 on Reliability, Safety and Security (EWICS TC7), SAFECOMP has contributed to the progress of the state-of-the-art in dependable application of computers in safety-related and safety-critical systems.
SAFECOMP is an annual event covering the state-of-the-art, experience and new trends in the areas of safety, security and reliability of critical computer applications.
SAFECOMP provides ample opportunity to exchange insights and experience on emerging methods, approaches and practical solutions. It is a single track conference without parallel sessions, allowing easy networking.
Robyn Lutz is a professor of computer science at Iowa State University. She was also on the technical staff of Jet Propulsion Laboratory, California Institute of Technology, from 1983 to 2012, most recently in the Software System Engineering group. Her research interests include safety-critical software systems, product lines, and the specification and verification of molecular programmed nanosystems. She is an ACM Distinguished Scientist. She was program chair of the International Requirements Engineering Conference in 2014, general chair in 2006, and currently serves on its steering committee. She has served two terms as an associate editor of IEEE Transactions on Software Engineering and on the editorial boards of the Journal of Software Testing, Verification and Reliability, the Journal on Software and System Modeling, and the Requirements Engineering Journal.
Abstract. Molecular programming uses the computational power of DNA and other biomolecules to create nanoscale systems. Many of these envisioned nano-systems are safety-critical, such as diagnostic biosensors that detect contaminants, drug capsules that dispense medicine when they encounter diseased cells, and configurable nano-robots. Challenges to the safety engineering of the nano-systems include their probabilistic behavior, their very small size, the very large number of them that execute at once, and the dynamic environment in which they operate. Designs need to assure safe outcomes from highly fault-prone devices, hampered by the difficulty of defining the limits of their safe operation.
I organize the talk around our interdisciplinary team’s development of an essential safety building block for programmed molecular systems– an embeddable, reusable, molecular Runtime Fault Detector. I describe how we harnessed goal-oriented requirements and risk analyses, reaction network modeling, and probabilistic model checking to specify, analyze, and verify the safety requirements and design for this new nano-system. Finally, I suggest that a similar approach also may be helpful in the safety engineering of non-molecular systems composed of highly distributed, autonomous, fault-prone components operating in dynamic environments.
Uma Ferrell is excited for the opportunity to share her experiences in engineering systems using cross domain and intra domain knowledge. Her perspectives have benefited from continuous learning through authoring standards, teaching, and researching as well as working with different cultures, and in different domains. Uma is a software and airborne electronic hardware Designated Engineering Representative (DER) for the US Federal Aviation Administration. She is a certification subject matter expert at the MITRE Corporation working on the US Federal Aviation Administration’s certification transformation, and Global Positioning System (GPS) navigation for aviation. In addition, she is working on innovative methods of certification for the artificial intelligence in Urban Air Mobility systems, and codification of small Unmanned Aircraft Systems Type Certification. She is also devising a proof-of-concept for an integrated safety and cybersecurity analysis in complex software systems. Uma started her career building mission critical systems for space. After working in technical leadership positions for different companies, Uma co-founded Ferrell and Associates Consulting, Inc. a certification and aviation safety consultancy where she worked as a Chief Executive Officer and a principal for 17 years. Uma holds a Master’s degree in Electrical Engineering from Johns Hopkins University, a Master’s degree in Solid State Physics, BSc (Hons) in Physics, BSc (Physics, Chemistry and Mathematics) from Bangalore University. Uma is one of the technical editors for the third edition of the Digital Avionics Handbook, published in 2014 by CRC Press. Uma is also on the editorial board of American Society for Quality (ASQ) Software Quality Professional Journal. She also reviews technical books for ASQ. When she is not preoccupied with thoughts on safety culture, new technology, certification, and standards, Uma loves to play Indian classical music.
Abstract. Both industry and certification authorities have reason to be excited about the benefits and opportunities of reusing and building products for more than one domain such as aviation and automobiles. Cross-domain reuse in an increasingly complex world can inject novel technologies to conventional domains to increase safety. Such opportunities come with social and ethical responsibilities for the safe use of a product in the target environment, not just whether the product and evidence are acceptable to certification authorities. The evidence may be wrongly presented based only on the equivalency in the use of expected language in pertinent standards. The evidence should be based on the actual accomplishments met and whether those accomplishments are applicable towards design assurance and safety in the target domain and environment.
Cross-domain reuse has many considerations. This talk is focused only on safety and security. Obviously, consideration of reuse must include functionality, use of standards in that domain, and certification concerns. All these considerations have undercurrents of safety as well as security. Let us focus further on three topics:
Opportunities of cross-domain reuse indeed come with responsibilities to understand, analyze, and engineer the product. Appropriate reuse considered in the system context can be a powerful tool to introduce newer technologies to solve complex problems.
Richard Hendeberg works as a specialist in functional safety at Epiroc Rock Drills AB. He holds a master of science in electronics from the University of Örebro. Richard has worked with design and development of both machinery and systems, including radio- and tele-remote control system and autonomous Load Haul Dump machines. In his current role, Richard supports all divisions within Epiroc Rock Drills AB with matters regarding product legislation, international and regional standards and safety of machinery. He develops strategies and processes for safety management as well as methodologies and tools for risk assessment, design and evaluation of safety functions. Richard holds certifications as machinery safety expert from both the Swedish standards institute and TÜV Nord. He participates as expert in relevant ISO and CEN technical committees for autonomous machinery and safety of control systems.
Abstract. Epiroc Rock Drills AB is a global manufacturer of mining and construction machinery. These highly automated machines operates in an incredibly harsh environment where reliability and availability is paramount. In this presentation, Richard Hendeberg – Specialist functional safety, talks about Epiroc’s control systems platform and work with safety of machinery. How a modular design, componentization of software and standardization on hardware modules has led to an efficient reuse of engineering efforts and an automation platform which is used throughout Epiroc’s entire range of machinery. In his presentation, Richard also describes Epiroc’s journey with safety of control systems, leading up to the integration of safety functions into the existing control system platform. The challenges of designing safety functions for a harsh environment and why availability of the machine might be as important for the safety of the operator as the reliability of the safety function.