Options
2023
Paper (Preprint, Research Paper, Review Paper, White Paper, etc.)
Title
Joint Specification and Testing of Safety and Security Requirements
Abstract
Violation of safety or security in modern highly networked and automated devices and functions, such as those used for the Internet of Things, Industry 4.0, and autonomous driving, can lead to catastrophic consequences for people and the environment. Therefore, the development process of embedded systems and software is associated with demanding requirements regarding safety and security. While the discipline of safety engineering is well established and supported by international standards like IEC 61508, ISO 26262, and EN 5012x, security engineering and its interaction with the safety process in the field of embedded systems is still in early phases of its development. In this paper we present a methodology for the joint specification of safety and security requirements of embedded systems, and the derivation of test cases. Currently, safety and security are treated in two separate engineering processes. The advantage of a process for specification both safety and security at the same time is that possible redundancies and inconsistencies between safety and security requirements can be identified at an early stage. The core of the methodology presented here is a domain-specific language (DSL) called LESS (Language for Embedded Safety and Security), which is based on natural language templates often used in requirements engineering. With the aid of a few simple rules and a small set of keywords users can define safety and security requirements in a formalized way without any need for a difficult-to-understand mathematical or a complex graphical notation.
We also present a set of methods that form the basis for implementing semi-automatic procedures for analyzing and refining requirements as well as deriving test cases from them. These methods are based on an analysis of the syntactical structure of the safety and security requirements expressed in LESS, and on the design of controlled conversations with the user. The results of the conversations are used to achieve further semantic information needed for the analysis, refinement and derivation activities mentioned above. Some of the developed methods have been implemented as prototypes and applied to case studies from automotive and medical technology. Due to the easy-to-learn and well-understandable domain-specific language LESS, as well as the controlled wizard-like conversations with the user, the methodology presented here possesses a high potential to be used in all industrial sectors where safety- and security-related applications are developed.
We also present a set of methods that form the basis for implementing semi-automatic procedures for analyzing and refining requirements as well as deriving test cases from them. These methods are based on an analysis of the syntactical structure of the safety and security requirements expressed in LESS, and on the design of controlled conversations with the user. The results of the conversations are used to achieve further semantic information needed for the analysis, refinement and derivation activities mentioned above. Some of the developed methods have been implemented as prototypes and applied to case studies from automotive and medical technology. Due to the easy-to-learn and well-understandable domain-specific language LESS, as well as the controlled wizard-like conversations with the user, the methodology presented here possesses a high potential to be used in all industrial sectors where safety- and security-related applications are developed.
Conference