Opening

Wednesday, 28 September 2005, 9:00-9:30

Conference Chair: Gustav Dahll

Talk

Wednesday, 28 September 2005, 9:30-10:30

Prof. Robert France, Colorado State University

Title: Model-Driven Development of Dependable Systems: Challenges and Pittfalls

Taming the complexity of developing highly-dependable software systems is the focus of much research in the software engineering community. In particular, research on model-driven development (MDD) focuses on raising the level of abstraction at which systems are developed through the use of models. One can roughly partition prevailing MDD research perspectives into two camps. In one camp, emphasis is placed on formalizing modeling activities and artifacts to facilitate automated analysis and generation of dependable implementations. Work in the other camp focuses on developing model-based techniques that leverage human expertise and past development experience that are not formalized. In this talk I argue that MDD research programs that target the problem of developing dependable software systems need to take both perspectives. Approaches that integrate techniques from the two camps are more likely to provide comprehensive and effective support for developing dependable systems. I will give an overview of MDD research at Colorado State University and collaborating institutions and discuss some of the problems, pitfalls, and challenges associated with MDD research that seeks to produce practical results.

Session 0: Posters

Chair: Udo Voges, Germany

Wednesday, 28 September 2005, 10:30-10:50

CMMI RAMS Extension Based on CENELEC Railway Standard
Jose Antonio Fonseca, Jorge Rady de Almeida Junior (Escola Politicnica da Universidade de Sao Paulo, Brazil)

The Importance of Single-Source Engineering of Emergency and Process Shutdown Systems
Robert Martinez, Torgeir Enkerud (ABB Corporate Research, Norway)

Combining Extended UML Models and Formal Methods to Analyze Real-Time Systems
Nawal Addouche (Ecole des Mines d'Alès/ LGI2P, France)
Christian Antoine, Jacky Montmain (URC CEA-Ecole des Mines d'Alès, France)

Defining and Decomposing Safety Policy for Systems of Systems
Martin Hall-May, Tim Kelly (University of York, United Kingdom)

Generalising Event Trees using Bayesian Networks with a Case Study of Train Derailment
George Bearfield, Atkins Rail, London, William Marsh (Queen Mary University of London, United Kingdom)

Coffee break
Wednesday, 28 September 2005, 10:50-11:15

Session 1

Chair: Udo Voges, Germany
Wednesday, 28 September 2005, 11:15-12:30

Control and Data Flow Testing on Function Block Diagrams
Eunkyoung Jee, Junbeom Yoo, Sungdeok Cha (Korea Advanced Institute of Science and Technology (KAIST), Rep. of Korea)

Comparing Software Measures with Fault Counts Derived from Unit Testing of Safety Critical Software
Wolfgang Herzner, Stephan Ramberger, Thomas Laenger, Christian Reumann, Thomas Gruber, Christian Sejkora (ARC Seibersdorf research, Austria)

Automatic Analysis of a Safety Critical Tele Control System
Edoardo Campagnano, Ester Ciancamerla, Michele Minichino (ENEA, Italy)
Enrico Tronci (Università di Roma, Italy)

Lunch
Wednesday, 28 September 2005, 12:30-13:30

Session 2

Chair: Francesca Saglietti, Germany
Wednesday, 28 September 2005, 13:30-14:45

A Formal Model for Fault tolerance in Distributed Systems
Brahim Hamid, Mohamed Mosbah (LABRI, ENSEIRB - University of Bordeaux-1, France)

Model Based Safety Analysis of Simulink Models Using SCADE Design Verifier
Anjali Joshi, Mats Heimdahl (University of Minnesota, Minneapolis, U.S.A.)

Using Safety Critical Artificial Neural Networks in Gas Turbine Aero Engine Control
Zeshan Kurd, Tim Kelly (Department of Computer Science, University of York, United Kingdom)

Coffee break
Wednesday, 28 September 2005, 14:45-15:00

Session 3

Chair: Atte Helminen, Finland
Wednesday, 28 September 2005, 15:00-16:40

On the effectiveness of run time checks
Meine van der Meulen, Lorenzo Strigini (Centre for Software Reliability, City University, United Kingdom)

A technique for fault tolerance assessment of COTS based systems
Ruben Alexandersson, Krishna Chaitanya D., Peter Öhman (Chalmers University of Technology, Sweden)

Finding Upper Bounds for Software Failure Probabilities - Experiments and Results
Monica Kristiansen (Østfold College University / IFE, Norway)

Justification of smart sensors for nuclear applications
Peter Bishop, Robin Bloomfield (Adelard and CSR, City Univeristy, United Kingdom)
Sofia Guerra, Kostas Tourlas (Adelard, United Kingdom)

Coffee break
Wednesday, 28 September 2005, 16:40-17:00

Session 4

Chair: Peter Jacobsson, Sweden
Wednesday, 28 September 2005, 17:00-18:15

Evolutionary Safety Analysis: Motivations from the Air Traffic Management Domain
Massimo Felici (LFCS, School of Informatics, The University of Edinburgh, United Kingdom)

Public-Key Cryptography and Availability
Tage Stabell-Kulø, Simone Lupetti (University of Tromsø, Norway)

End To End Worst Case Response Time Analysis for Hard Real Time Distributed Systems
Lei Wang, Zhaohui Wu (College of Computer Science, Zhejiang University, China)

Talk

Thursday, 29 September 2005, 9:00-10:00

Bjørn Wahlstrøm, VTT Industrial Systems

Title: Risk assessment and safety engineering; applications for computer systems

The modern society relies to an increasing extent on computers for various functions. This development has brought an increasing efficiency in the production of various goods and services. Unfortunately however, this development has also brought an increasing societal dependence on the computer systems, which may be challenged either by deficient designs or malicious actions. This fact has put a large emphasis on safety and security in the design of all kinds of computer systems. Risk assessment and safety engineering are established methodologies that have been used in the design and analysis of many systems, including computers, to ensure their reliability and dependability. The applied methodologies have their origin in safety oriented industries such as the nuclear power, off-shore and transportation and they have recently found applications also in health care, banking and more generally for different kinds services that are important for a well functioning society. This broadening of the applications of risk assessment and safety engineering has actually suggested that systems safety and security could be treated as a discipline of its own. The application of risk assessment and safety engineering in the computer field is important due to two reasons, firstly because computers in an increasing number are used to control and protect important systems and secondly because computers may represent a threat themselves if they have not been properly designed. One problem in the design and analysis of interconnected computer systems is their complexity, which makes it increasingly difficult to ensure their reliability and dependability. This complexity also puts a large demand on designing the human computer interfaces to be understandable and efficient. The point of departure of the presentation is safety and security needs as seen from the perspective of nuclear industry, but it takes a broader view towards the use of risk analysis and safety engineering more generally for ensuring computer dependability in important societal infra-structures. Taking this view it is important to consider systems safety and security on a more abstract level to ensure that there are enough interactions between designers and analysts in the development process and in different fields of application. There is also a need for a larger awareness and understanding of needs and solutions to make it possible to find balanced and cost effective designs. A conclusion of the presentation is that a multidisciplinary approach and systems thinking are necessary prerequisites in ensuring reliability and dependability of future computer systems.

Session 5

Chair: Odd Nordland, Norway
Thursday, 29 September 2005, 10:00-10:50

Safety Interfaces for Component Based Systems
Jonas Elmqvist, Simin Nadjm-Tehrani (Linköping University, Sweden)
Marius Minea (Department of Computing, Politehnica University of Timisoara, Romania)

A Safety Related PES for Task Oriented Real Time Execution without Asynchronous Interrupts
Martin Skambraks (Fernuniversität in Hagen, Germany)

Coffee break
Thursday, 29 September 2005, 10:50-11:15

Session 6

Chair: Michele Minichino, Italy
Thursday, 29 September 2005, 11:15-12:30

Are High-level Languages suitable for Robust Telecoms Software?
Jan Henry Nyström, Phil Trinder (Heriot-Watt University, Scotland, United Kingdom)
David King (Motorola, United Kingdom)

Functional Apportioning of Safety Requirements on Railway Signalling Systems
Ola Løkberg, Øystein Skogstad (SINTEF ICT, Norway)

Automatic Code Generation for PLC Controllers
Sacha Krzysztof (Warsaw University of Technology/Institute of Control, Poland)

Lunch
Thursday, 29 September 2005, 12:30-13:30

Session 7

Chair: Erwin Schoitsch, Austria
Thursday, 29 September 2005, 13:30-14:45

The TACO approach for traceability and communication of requirements
Terje Sivertsen, Rune Fredriksen, Atoosa P-J Thunem (Institute for Energy Technology, Norway)
Jan-Erik Holmberg, Janne Valkonen, Olli Ventä (VTT Industrial Systems, Finland)
Jan-Ove Andersson (Ringhals AB, Sweden)

An IEC 62061 Compliant Safety System Design Method for Machinery
Bengt Ljungquist, Thomas Thelin (Lund University, Sweden)

Design Evaluation: Estimating Multiple Critical Performance and Cost Impacts of Designs
Tom Gilb (RPL, Norway)

Coffee break
Thursday, 29 September 2005, 14:45-15:00

Technical visit to Halden

Thursday, 29 September 2005, 15:00-24:00
15:15 Departure from Fredrikstad with bus
16:00 Visit to سtfold University College
17:00 Departure to Reactor / MTO-Laboratory
Bus I: to the Halden Reactor
Bus II: to the IFE MTO laboratory
~ 18:15 Departure to Fredriksten Fortress by bus (or walk)
[~18:00 Alternative departure from Fredrikstad]
19:00 Guiding at the Fortress
20:00Banquet at Fredriksten Fortress
Fredriksten fortress, which has been preserved as if it was a park, is an unforgettable experience. So is also the dinner, bringing you back to the 18 century.
~23:15 Departure to Fredrikstad

Talk

Friday, 30 September 2005, 9:00-10:00

Angelo Marino, Scientific Officer, Unit of ICT for Trust and Security in the European Commission

Title: EU R&D on security and dependability for the sustainable growth of Information Society

Inevitably, the advent of the service-centric Information Society will cause novel security and dependability challenges to surface, mostly associated with digital convergence in media, processes and networks. On the horizon is the emergence of truly complex systems whose security and dependable behaviours will require dynamic configurability, autonomy, adaptability, self-healing and immunity or resilience against failure or attack.

It is therefore important that Europe ensures the development of world class knowledge and competitive industrial capabilities to produce and deliver a new generation of resilient and innovative knowledge-intensive services. Radically new approaches are required that take into account emergent system properties, unpredictable behaviour and non-functional requirements.

The challenge for European R&D on ICT for trust and security is the development of dependability and trust meta-models, architectures and technologies for complex systems and services to:

1. autonomously protect against, respond to, and recover from upset conditions

2. dynamically and autonomously adapt and evolve while securing the seamless control and use of data, information, and knowledge.

This will include access technology through multiple, cross-domain and federated identity management systems, making use of biometrics. The area ICT for Trust and Security in the IST programme brings together information and network security with other technologies focussed on ensuring and improving trust and confidence in the information infrastructure, in its services and information resources. This ensures continuity with respect to the past and at the same time provides an integrated perspective to security and trust in the Information Society from the various relevant perspectives, in an effort to maintain a proper balance between security and liberty in the society.

Current research activities are framed towards these challenges. They include: dependability and resilience of systems and networks, identity and privacy management, authentication, secure digital assets and trusted computing, biometrics, spam, spyware and other potential forms of cyber crime. Particular attention is given to support of standardisation and interoperability, and of various policy areas of the Commission (i.a. regulatory actions in the Information Society, biometrics in travel documents, Critical Infrastructure Protection).

Ongoing coordination and supporting actions are also instrumental to stimulating cooperation between Member States initiatives, aiming at developing the European Research Area dimension in the domain. Finally, activities are deployed targeting international co-operation in security research.

Session 8

Chair: Janusz Gorski, Poland
Friday, 30 September 2005, 10:00-10:50

The Application of Object Oriented Method in Information System Security Evaluation
Qiang Yan, Huaying Shu (School of Economics and Management, Beijing University of Posts and Communications, China)

Towards a Cyber Security Reporting System - A Quality Improvement Process
Jose J. Gonzalez (Agder University College, Norway)

Coffee break
Friday, 30 September 2005, 10:50-11:15

Session 9

Chair: Fridtjov Øwre, Norway
Friday, 30 September 2005, 11:15-12:05

Security research from a multi disciplinary and multi sectoral perspective
Atoosa P-J Thunem (Institute for Energy Technology, Norway)

Problem Frames and Architectures for Security Problems
Denis Hatebur, Maritta Heisel (University of Duisburg-Essen, Germany)

Talk

Friday, 30 September 2005, 12:05-12:30

Berit Svendsen, Telenor Nordic, Fixed

Title: ...

to be published

Safecomp 2006

Friday, 30 September 2005, 12:30-13:00

Introduction to Safecomp 2006
Janusz Gorski, Chair of IPC (Gdansk University of Technology, Poland)

Lunch
Friday, 30 September 2005, 13:00-13:30