mdh.sePublications
Change search
Link to record
Permanent link

Direct link
BETA
Publications (10 of 29) Show all publications
Lisova, E., Causevic, A., Hänninen, K., Thane, H. & Hansson, H. (2018). A Systematic Way to Incorporate Security in Safety Analysis. In: Proceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops, DSN-W 2018: . Paper presented at 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops, DSN-W 2018; Parc Alvisse, Hotel Luxembourg City; Luxembourg; 25 June 2018 through 28 June 2018 (pp. 166-171). Luxembourg, Luxemburg
Open this publication in new window or tab >>A Systematic Way to Incorporate Security in Safety Analysis
Show others...
2018 (English)In: Proceedings - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops, DSN-W 2018, Luxembourg, Luxemburg, 2018, p. 166-171Conference paper, Published paper (Refereed)
Abstract [en]

Today's systems are being built to connect to public or semi-public networks, are able to communicate with other systems, e.g., in the context of Internet-of-Things (IoT), involve multiple stakeholders, have dynamic system reconfigurations, and operate in increasingly unpredictable environments. In such complex systems, assuring safety and security in a continuous and joint effort is a major challenge, not the least due to the increasing number of attack surfaces arising from the increased connectivity. In this paper we present an approach that aims to bridge the gap between safety and security engineering. The potential of the approach is illustrated on the example of E-gas system, discussing the cases when unintentional faults as well as malicious attacks are taken into consideration when assuring safety of the described system. 

Place, publisher, year, edition, pages
Luxembourg, Luxemburg: , 2018
National Category
Computer Systems
Identifiers
urn:nbn:se:mdh:diva-39268 (URN)10.1109/DSN-W.2018.00058 (DOI)2-s2.0-85051231991 (Scopus ID)9781538655955 (ISBN)
Conference
48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops, DSN-W 2018; Parc Alvisse, Hotel Luxembourg City; Luxembourg; 25 June 2018 through 28 June 2018
Projects
Closing the safety-security gap in software intensive systemsSAFSEC-CPS -- Securing the safety of autonomous cyber-physical systemsSerendipity - Secure and dependable platforms for autonomy
Available from: 2018-05-22 Created: 2018-05-22 Last updated: 2018-08-23Bibliographically approved
Zhou, J., Hänninen, K. & Lundqvist, K. (2017). A Hazard Modeling Language for Safety-Critical Systems Based on the Hazard Ontology. In: 43rd Euromicro Conference on Software Engineering and Advanced Applications SEAA'17: . Paper presented at 43rd Euromicro Conference on Software Engineering and Advanced Applications SEAA'17, 30 Aug 2017, Vienna, Austria (pp. 301-304).
Open this publication in new window or tab >>A Hazard Modeling Language for Safety-Critical Systems Based on the Hazard Ontology
2017 (English)In: 43rd Euromicro Conference on Software Engineering and Advanced Applications SEAA'17, 2017, p. 301-304Conference paper, Published paper (Refereed)
Abstract [en]

Preliminary hazard analysis (PHA) is a key safety-concerned activity, applied during the early stages of safety-critical systems development process, aiming to provide stakeholders with a general understanding of potential hazards. The identified hazards will be described and serve as a basis to further identify mitigation mechanisms in the subsequent development process. However, since various stakeholders will be involved in the identification process, a common understanding of the nature of hazards among stakeholders, such as what a hazard consists of and how to describe it without ambiguities, is of crucial importance to achieve the goal of PHA. In this work, we propose a hazard modeling language (HML) based on a hazard domain ontology, i.e., the Hazard Ontology, in order to facilitate the specification of identified hazards. In addition, we present an approach to the transformation from natural language hazard descriptions into the HML specification. Finally, an industrial PHA example is used to illustrate the usefulness of our work.

Keywords
hazard ontologyhazard modeling languagesafety-critical systempreliminary hazard analysis
National Category
Computer Systems
Identifiers
urn:nbn:se:mdh:diva-35513 (URN)10.1109/SEAA.2017.48 (DOI)000426074600044 ()9781538621400 (ISBN)
Conference
43rd Euromicro Conference on Software Engineering and Advanced Applications SEAA'17, 30 Aug 2017, Vienna, Austria
Projects
DPAC - Dependable Platforms for Autonomous systems and Control
Available from: 2017-06-01 Created: 2017-06-01 Last updated: 2018-03-15Bibliographically approved
Provenzano, L., Hänninen, K., Zhou, J. & Lundqvist, K. (2017). An Ontological Approach to Elicit Safety Requirements. In: 24th Asia-Pacific Software Engineering Conference APSEC 2017: . Paper presented at 24th Asia-Pacific Software Engineering Conference APSEC 2017, 04 Dec 2017, Nanjing, China (pp. 713-718).
Open this publication in new window or tab >>An Ontological Approach to Elicit Safety Requirements
2017 (English)In: 24th Asia-Pacific Software Engineering Conference APSEC 2017, 2017, p. 713-718Conference paper, Published paper (Refereed)
Abstract [en]

Safety requirements describe risk mitigations against failures that may cause catastrophic consequences on human life, environment and facilities. To be able to implement the correct risk mitigations, it is fundamental that safety requirements are de- fined based on the results issued from the safety analysis. In this paper, we introduce a heuristic approach to elicit safety requirements based on the knowledge about hazard’s causes, hazard’s sources and hazard’s consequences (i.e. hazard’s components) acquired during the safety analysis. The proposed approach is based on a Hazard Ontology that is used to structure the knowledge about the hazards identified during the safety analysis in order to make it available and accessible for requirements elicitation. We describe how this information can be used to elicit safety requirements, and provide a guidance to derive the safety requirements which are appropriate to deal with the hazards they mitigate.

Keywords
Safety requirements, safety requirements elicitation, ontologies, hazards, hazard's components
National Category
Computer Systems
Identifiers
urn:nbn:se:mdh:diva-37099 (URN)10.1109/APSEC.2017.91 (DOI)000428733800084 ()2-s2.0-85045921379 (Scopus ID)978-1-5386-3681-7 (ISBN)
Conference
24th Asia-Pacific Software Engineering Conference APSEC 2017, 04 Dec 2017, Nanjing, China
Projects
DPAC - Dependable Platforms for Autonomous systems and Control
Available from: 2017-10-26 Created: 2017-10-26 Last updated: 2018-05-11Bibliographically approved
Zhou, J., Hänninen, K., Lundqvist, K. & Provenzano, L. (2017). An Ontological Approach to Hazard Identification for Safety-Critical Systems. In: 2017 2nd International Conference on Reliability Systems Engineering, ICRSE 2017: . Paper presented at 2nd International Conference on Reliability Systems Engineering, ICRSE 2017; Beijing Yanqi Lake International Convention and Exhibition Center (BYCC)Huairou, Beijing; China; 10 July 2017 through 12. Beijing, China, Article ID 8030746.
Open this publication in new window or tab >>An Ontological Approach to Hazard Identification for Safety-Critical Systems
2017 (English)In: 2017 2nd International Conference on Reliability Systems Engineering, ICRSE 2017, Beijing, China, 2017, article id 8030746Conference paper, Published paper (Refereed)
Abstract [en]

Hazard identification is an essential but very de- manding task for the development of safety-critical systems (SCSs). Current practices suffer from one or several drawbacks listed below: 1) a common hazard conceptualization is missing and thereby ambiguities may arise and, 2) there is still a need to formalize the experience of analysts and lessons learned from previous system development in a structured way to facilitate future reuse. and, 3) some hazard identification techniques require well-known system behaviors represented by models, such as automata and sequence diagrams, to identify hazards, and however such models are typically susceptible to changes or even not available in early stages. In this paper, we propose an ontological approach to support hazard identification in the early stages of the development of SCSs. The approach aims to improve hazard identification results in terms of completeness and unambiguity. A robotic strolling assistant system is used to evaluate the proposed approach.

Place, publisher, year, edition, pages
Beijing, China: , 2017
Keywords
hazard ontologyhazard identificationpreliminary hazard analysissafety-critical systems
National Category
Engineering and Technology Computer and Information Sciences
Identifiers
urn:nbn:se:mdh:diva-35514 (URN)10.1109/ICRSE.2017.8030746 (DOI)000425930200036 ()2-s2.0-85032291985 (Scopus ID)9781538609187 (ISBN)
Conference
2nd International Conference on Reliability Systems Engineering, ICRSE 2017; Beijing Yanqi Lake International Convention and Exhibition Center (BYCC)Huairou, Beijing; China; 10 July 2017 through 12
Projects
DPAC - Dependable Platforms for Autonomous systems and Control
Available from: 2017-06-05 Created: 2017-06-05 Last updated: 2018-03-15Bibliographically approved
Zhou, J., Hänninen, K., Lundqvist, K. & Provenzano, L. (2017). An Ontological Approach to Identify the Causes of Hazards for Safety-Critical Systems. In: 2017 2nd International Conference on System Reliability and Safety ICSRS'17: . Paper presented at 2017 2nd International Conference on System Reliability and Safety ICSRS'17, 20 Dec 2017, Milan, Italy (pp. 405-413).
Open this publication in new window or tab >>An Ontological Approach to Identify the Causes of Hazards for Safety-Critical Systems
2017 (English)In: 2017 2nd International Conference on System Reliability and Safety ICSRS'17, 2017, p. 405-413Conference paper, Published paper (Refereed)
Abstract [en]

Preliminary hazard analysis (PHA) is a key safety-concerned technique, applied in early stages of safety critical systems development, aiming to provide stakeholders with a general understanding of potential hazards together with their causes. Various studies have asserted that most significant flaws in hazard analysis techniques are related to the omission of causes associated with the identified hazards. In addition, identified causes are sometimes described in too generic terms to provide useful guidance for subsequent activities. In this paper, we propose an approach to explore and identify the causes associated with the hazards from a PHA, aiming to improve the results of hazard causes identification in terms of completeness and usefulness. To achieve the goal, the proposed approach utilizes the hazard-related concepts and relations defined in a hazard domain ontology presented in our previous work. Furthermore, an application scenario of a train control system is used to evaluate our approach.

National Category
Computer Systems
Identifiers
urn:nbn:se:mdh:diva-37069 (URN)10.1109/ICSRS.2017.8272856 (DOI)000426453100069 ()2-s2.0-85046626823 (Scopus ID)978-1-5386-3322-9 (ISBN)
Conference
2017 2nd International Conference on System Reliability and Safety ICSRS'17, 20 Dec 2017, Milan, Italy
Projects
DPAC - Dependable Platforms for Autonomous systems and Control
Available from: 2017-10-31 Created: 2017-10-31 Last updated: 2019-06-25Bibliographically approved
Zhou, J., Hänninen, K., Lundqvist, K. & Provenzano, L. (2017). An Ontological Interpretation of the Hazard Concept for Safety-Critical Systems. In: PROCEEDINGS OF THE 27TH EUROPEAN SAFETY AND RELIABILITY CONFERENCE (ESREL 2017), PORTOROZ , SLOVENIA, 18–22 JUNE 2017: . Paper presented at The 27th European Safety and Reliability Conference ESREL'17, 18-22 Jun 2017, Portoroz, Slovenia (pp. 183-185).
Open this publication in new window or tab >>An Ontological Interpretation of the Hazard Concept for Safety-Critical Systems
2017 (English)In: PROCEEDINGS OF THE 27TH EUROPEAN SAFETY AND RELIABILITY CONFERENCE (ESREL 2017), PORTOROZ , SLOVENIA, 18–22 JUNE 2017, 2017, p. 183-185Conference paper, Published paper (Refereed)
Abstract [en]

The hazard concept has been extensively used in the literature and defined in an informal way, which serves as a guidance on identifying the potential hazards during the development of safety-critical systems. Intuitively, the definitions seem to be consistent and easy to understand. However, when we take a closer look at these definitions, ambiguities may arise, and real-world semantics need to be defined. In this work, we propose a hazard domain ontology, i.e., the Hazard Ontology (HO), to provide an ontological interpretation of hazard. To tackle the aforementioned issues, the HO is grounded in the Unified Foundational Ontology (UFO) to utilize the benefits provided by taking foundational concepts into account. Finally, we show some useful findings when we use the proposed ontology to analyze the hazard descriptions from an industrial passenger train project.

Keywords
UFO Ontology, Hazard analysis, Safety-critical systems
National Category
Computer Systems
Identifiers
urn:nbn:se:mdh:diva-36999 (URN)2-s2.0-85059259798 (Scopus ID)978-1-315-21046-9 (ISBN)
Conference
The 27th European Safety and Reliability Conference ESREL'17, 18-22 Jun 2017, Portoroz, Slovenia
Projects
DPAC - Dependable Platforms for Autonomous systems and Control
Available from: 2017-11-27 Created: 2017-11-27 Last updated: 2019-04-11Bibliographically approved
Johnsen, A., Lundqvist, K., Hänninen, K. & Pettersson, P. (2017). AQAT: The Architecture Quality Assurance Tool for Critical Embedded Systems. In: Proceedings - International Symposium on Software Reliability Engineering, ISSRE, Volume 2017: . Paper presented at 28th IEEE International Symposium on Software Reliability Engineering, ISSRE 2017; Toulouse; France; 23 October 2017 through 26 October 2017 (pp. 260-270). , Article ID 8109092.
Open this publication in new window or tab >>AQAT: The Architecture Quality Assurance Tool for Critical Embedded Systems
2017 (English)In: Proceedings - International Symposium on Software Reliability Engineering, ISSRE, Volume 2017, 2017, p. 260-270, article id 8109092Conference paper, Published paper (Refereed)
Abstract [en]

Architectural engineering of embedded systems comprehensively affects both the development processes and the abilities of the systems. Verification of architectural engineering is consequently essential in the development of safety- and mission-critical embedded system to avoid costly and hazardous faults. In this paper, we present the Architecture Quality Assurance Tool (AQAT), an application program developed to provide a holistic, formal, and automatic verification process for architectural engineering of critical embedded systems. AQAT includes architectural model checking, model-based testing, and selective regression verification features to effectively and efficiently detect design faults, implementation faults, and faults created by maintenance modifications. Furthermore, the tool includes a feature that analyzes architectural dependencies, which in addition to providing essential information for impact analyzes of architectural design changes may be used for hazard analysis, such as the identification of potential error propagations, common cause failures, and single point failures. Overviews of both the graphical user interface and the back-end processes of AQAT are presented with a sensor-to-actuator system example.

National Category
Computer Systems
Identifiers
urn:nbn:se:mdh:diva-37453 (URN)10.1109/ISSRE.2017.32 (DOI)000426939700025 ()2-s2.0-85040780004 (Scopus ID)9781538609415 (ISBN)
Conference
28th IEEE International Symposium on Software Reliability Engineering, ISSRE 2017; Toulouse; France; 23 October 2017 through 26 October 2017
Available from: 2017-12-14 Created: 2017-12-14 Last updated: 2018-03-29Bibliographically approved
Johnsen, A., Lundqvist, K., Pettersson, P., Hänninen, K. & Torelm, M. (2017). Experience Report: Evaluating Fault Detection Effectiveness and Resource Efficiency of the Architecture Quality Assurance Framework and Tool. In: Proceedings - International Symposium on Software Reliability Engineering, ISSRE. Volume 2017: . Paper presented at 28th International Symposium on Software Reliability Engineering (ISSRE), Toulouse, France, 2017 (pp. 271-281). , Article ID 8109093.
Open this publication in new window or tab >>Experience Report: Evaluating Fault Detection Effectiveness and Resource Efficiency of the Architecture Quality Assurance Framework and Tool
Show others...
2017 (English)In: Proceedings - International Symposium on Software Reliability Engineering, ISSRE. Volume 2017, 2017, p. 271-281, article id 8109093Conference paper, Published paper (Refereed)
Abstract [en]

The Architecture Quality Assurance Framework (AQAF) is a theory developed to provide a holistic and formal verification process for architectural engineering of critical embedded systems. AQAF encompasses integrated architectural model checking, model-based testing, and selective regression verification techniques to achieve this goal. The Architecture Quality Assurance Tool (AQAT) implements the theory of AQAF and enables automated application of the framework. In this paper, we present an evaluation of AQAT and the underlying AQAF theory by means of an industrial case study, where resource efficiency and fault detection effectiveness are the targeted properties of evaluation. The method of fault injection is utilized to guarantee coverage of fault types and to generate a data sample size adequate for statistical analysis. We discovered important areas of improvement in this study, which required further development of the framework before satisfactory results could be achieved. The final results present a 100% fault detection rate at the design level, a 98.5% fault detection rate at the implementation level, and an average increased efficiency of 6.4% with the aid of the selective regression verification technique.

National Category
Computer Systems
Identifiers
urn:nbn:se:mdh:diva-37457 (URN)10.1109/ISSRE.2017.31 (DOI)000426939700026 ()2-s2.0-85040780151 (Scopus ID)9781538609415 (ISBN)
Conference
28th International Symposium on Software Reliability Engineering (ISSRE), Toulouse, France, 2017
Available from: 2017-12-14 Created: 2017-12-14 Last updated: 2018-07-25Bibliographically approved
Johnsen, A., Dodig-Crnkovic, G., Lundqvist, K., Hänninen, K. & Pettersson, P. (2017). Risk-based decision-making fallacies: Why present functional safety standards are not enough. In: Proceedings - 2017 IEEE International Conference on Software Architecture Workshops, ICSAW 2017: Side Track Proceedings. Paper presented at 2017 IEEE International Conference on Software Architecture Workshops, ICSAW 2017, 3 April 2017 through 7 April 2017 (pp. 153-160). Institute of Electrical and Electronics Engineers Inc.
Open this publication in new window or tab >>Risk-based decision-making fallacies: Why present functional safety standards are not enough
Show others...
2017 (English)In: Proceedings - 2017 IEEE International Conference on Software Architecture Workshops, ICSAW 2017: Side Track Proceedings, Institute of Electrical and Electronics Engineers Inc. , 2017, p. 153-160Conference paper, Published paper (Refereed)
Abstract [en]

Functional safety of a system is the part of its overall safety that depends on the system operating correctly in response to its inputs. Safety is defined as the absence of unacceptable/unreasonable risk by functional safety standards, which enforce safety requirements in each phase of the development process of safety-critical software and hardware systems. Acceptability of risks is judged within a framework of analysis with contextual and cultural aspects by individuals who may introduce subjectivity and misconceptions in the assessment. While functional safety standards elaborate much on the avoidance of unreasonable risk in the development of safety-critical software and hardware systems, little is addressed on the issue of avoiding unreasonable judgments of risk. Through the studies of common fallacies in risk perception and ethics, we present a moral-psychological analysis of functional safety standards and propose plausible improvements of the involved risk-related decision making processes, with a focus on the notion of an acceptable residual risk. As a functional safety reference model, we use the functional safety standard ISO 26262, which addresses potential hazards caused by malfunctions of software and hardware systems within road vehicles and defines safety measures that are required to achieve an acceptable level of safety. The analysis points out the critical importance of a robust safety culture with developed countermeasures to the common fallacies in risk perception, which are not addressed by contemporary functional safety standards. We argue that functional safety standards should be complemented with the analysis of potential hazards caused by fallacies in risk perception, their countermeasures, and the requirement that residual risks must be explicated, motivated, and accompanied by a plan for their continuous reduction. This approach becomes especially important in contemporary developed autonomous vehicles with increasing computational control by increasingly intelligent software applications.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers Inc., 2017
National Category
Computer Systems
Identifiers
urn:nbn:se:mdh:diva-36194 (URN)10.1109/ICSAW.2017.50 (DOI)000413089000029 ()2-s2.0-85025634021 (Scopus ID)9781509047932 (ISBN)
Conference
2017 IEEE International Conference on Software Architecture Workshops, ICSAW 2017, 3 April 2017 through 7 April 2017
Available from: 2017-08-10 Created: 2017-08-10 Last updated: 2017-11-02Bibliographically approved
Provenzano, L. & Hänninen, K. (2017). Specifying Software Requirements for Safety-Critical Railway Systems: an Experience Report. In: International Working Conference on Requirements Engineering: Foundation for Software Quality REFSQ: . Paper presented at International Working Conference on Requirements Engineering: Foundation for Software Quality REFSQ, 27 Feb 2017, Essen, Germany (pp. 363-369). Essen, Germany
Open this publication in new window or tab >>Specifying Software Requirements for Safety-Critical Railway Systems: an Experience Report
2017 (English)In: International Working Conference on Requirements Engineering: Foundation for Software Quality REFSQ, Essen, Germany, 2017, p. 363-369Conference paper, Published paper (Refereed)
Abstract [en]

Software safety requirements are fundamental in the definition of risk reduction measures for safety critical systems, since they are developed to satisfy the system safety constraints as identified by mandated safety analyses. It is therefore imperative that the requirements are defined clearly and precisely. We describe our experiences in introducing a safety compliant method of writing safety software requirements for railway projects in a distributed organization. Our goal was twofold, to develop requirements specifications that comply with the EN 50128 standard and that are understandable by the persons involved in the software development. We introduced methods to transform natural language requirements to functional requirements described as scenarios, sequence, use-case and state-machine diagrams. Our experience shows that new ways of expressing requirements, even if proper to solve technical issues such as compliance with standards, bring other challenges to the organization like people’s reluctance to changes in working routines and process updates.

Place, publisher, year, edition, pages
Essen, Germany: , 2017
National Category
Computer Systems
Identifiers
urn:nbn:se:mdh:diva-36994 (URN)10.1007/978-3-319-54045-0_25 (DOI)000418400900025 ()2-s2.0-85013905575 (Scopus ID)978-3-319-54044-3 (ISBN)
Conference
International Working Conference on Requirements Engineering: Foundation for Software Quality REFSQ, 27 Feb 2017, Essen, Germany
Projects
DPAC - Dependable Platforms for Autonomous systems and Control
Available from: 2017-11-27 Created: 2017-11-27 Last updated: 2018-01-29Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0003-0757-822X

Search in DiVA

Show all publications