Safe and Secure into the Future –

The EmbeddedSafeSec Research Project

Motivation

 

Embedded systems have been of growing importance for years and are taking over more and more core functions in electronic devices. New technological developments across industries such as the integration of electronic devices to form the Internet of Things (IoT), Industry 4.0 and automated driving are an expression of this trend.

These new developments also involve changing requirements for system safety and security. In addition to the importance of functional safety, cybersecurity vulnerability could lead to catastrophic consequences for people, property and the environment.

Safety and security are well researched and methodologically established as separate disciplines in their respective industrial environments. However, their interaction and their joint assurance in the context of highly interconnected devices is an almost unresearched field.

The processes, methods and tools for ensuring safety in isolated embedded systems and for ensuring security in corporate information systems alone do not meet the requirements of the new, highly automated and interconnected systems. Therefore, the EmbeddedSafeSec project focusses on methods for safety & security co-engineering.

 

Scope and Objectives

 

The objective of the EmbeddedSafeSec project is to develop a process model and an integrated methodology to ensure safety and security when developing critical embedded systems. The resulting systematization, automatization and operationalization enables significant cost savings and increased quality for safety and security engineering.

The integrated methodology should enable a largely automated creation and analysis of safety and security requirements as well as the generation of safety and security test cases for the development of embedded systems.

A key approach is the formalization of safety goals using a dedicated domain specific language (DSL). However, to facilitate usability and comprehensibility, mathematically based semantics should be waived with for this language.

 

Methodological Approach

 

The developed methodology is embedded in a process model (life cycle model) that is partly based on established models from industry and supplements them with new standards and activities. The process model covers safety and security co-engineering during the concept phase as well as the hardware, software and system development phases.

The innovative focus of the new life cycle model for safety and security co-engineering is a methodically combination different aspects of these two areas to avoid redundant activities and the resulting additional costs.

 

Expected Benefits

 

The process model to be developed provides a framework to utilize existing methodological research results, especially methods for combined hazard and threat analysis. Due to its independence from specific system and software engineering paradigms, the life cycle model can be used flexibly.

The expected results can be summarized into one overarching goal: To efficiently develop secure and reliable next-generation products of high quality that make our lives easier and better.

 

Sponsors and Funding

 

This project is funded as part of the Investitionsbank Berlin (IBB) program for the promotion of research, innovation and technology – ProFIT – and by the European Regional Development Fund (ERDF).

Duration: 01.03.2021 – 31.12.2022