Click on a search word OR use the drop-down choices to search for a paper.
2018
Chowdhury, Thomas; Lesiuta, Eric; Rikley, Kerianne; Lin, Chung-Wei; Kang, Eunsuk; Kim, BaekGyu; Shiraishi, Shinichi; Lawford, Mark; Wassyng, Alan
Safe and Secure Automotive Over-the-Air Updates Proceedings Article
In: pp. 172-187, Springer, Cham, 2018, ISBN: 978-3-319-99130-6.
Abstract | Links | BibTeX | Tags: assurance case template, critical vehicle functionality, integrated safety & security, ISO 26262, over-the-air updates, SAE J3061
@inproceedings{Chowdhury2018,
title = {Safe and Secure Automotive Over-the-Air Updates},
author = {Thomas Chowdhury and Eric Lesiuta and Kerianne Rikley and Chung-Wei Lin and Eunsuk Kang and BaekGyu Kim and Shinichi Shiraishi and Mark Lawford and Alan Wassyng},
url = {https://www.mcscert.ca/wp-content/uploads/2019/02/OTAUpdates.pdf},
isbn = {978-3-319-99130-6},
year = {2018},
date = {2018-09-18},
pages = {172-187},
publisher = {Springer, Cham},
abstract = {Over-the-air updates have been used for years in the software industry, allowing bug fixes and enhancements to desktop, laptop, and mobile operating systems and applications. Automotive vehicles now depend on software to the extent that manufacturers are turning to over-the-air updates for critical vehicle functionality. History shows that our software systems are most vulnerable to lapses in safety and dependability when they undergo change, and performing an update over a communication channel adds a significant security concern. This paper presents our ideas on assuring integrated safety and security of over-the-air updates through assurance case templates that comply with both ISO 26262 (functional safety) and SAE J3061 (cyber-security). Wisely, the authors of SAE J3061 structured the guidebook so that it meshes well with ISO 26262, and we have been able to use principles we developed for deriving an assurance case template from ISO 26262, to help include compliance with SAE J3061 in the template. The paper also demonstrates how a specialization of the template helps guide us to pre-emptively mitigate against potential vulnerabilities in over-the-air update implementations.},
keywords = {assurance case template, critical vehicle functionality, integrated safety & security, ISO 26262, over-the-air updates, SAE J3061},
pubstate = {published},
tppubtype = {inproceedings}
}
2017
Chowdhury, Thomas; Lin, Chung-Wei; Kim, BaekGyu; Lawford, Mark; Shiraishi, Shinichi; Wassyng, Alan
Principles for Systematic Development of an Assurance Case Template from ISO 26262 Proceedings
IEEE, no. 69-72, 2017.
Abstract | Links | BibTeX | Tags: assurance case, assurance case template, critical properties, critical systems, functional safety standard, ISO 26262, safe & trustworthy systems, safety cases, semi-automated template development, software-intensive systems, standardized assurance structures safety assessment
@proceedings{Chowdhury2017,
title = {Principles for Systematic Development of an Assurance Case Template from ISO 26262},
author = {Thomas Chowdhury and Chung-Wei Lin and BaekGyu Kim and Mark Lawford and Shinichi Shiraishi and Alan Wassyng},
url = {https://www.mcscert.ca/wp-content/uploads/2019/02/ISSRE2017-1.pdf},
doi = {doi:10.1109/ISSREW.2017.14},
year = {2017},
date = {2017-09-25},
booktitle = {IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW), IEEE},
number = {69-72},
pages = {69-72},
publisher = {IEEE},
abstract = {A failure in a critical system can cause death, injury,financial loss, and environmental damage. To develop safe and trustworthy systems, we need to plan the development and assessment of system functionality in advance. Assurance Cases are a generalization of Safety Cases, and are gaining momentum as a preferred way of demonstrating assurance of critical properties in complex software-intensive systems.To cope with the lack of standardized assurance structures,and to encourage safety assessment prior to development, we previously proposed the use of an assurance case template. The principles presented here can be used to build an assurance case template that complies with the functional safety standard,ISO 26262 in a cost-effective way. In the future, such principles may lead to semi-automated development of these templates},
keywords = {assurance case, assurance case template, critical properties, critical systems, functional safety standard, ISO 26262, safe & trustworthy systems, safety cases, semi-automated template development, software-intensive systems, standardized assurance structures safety assessment},
pubstate = {published},
tppubtype = {proceedings}
}
2015
Wassyng, Alan; Singh, Neeraj Kumar; Geven, Mischa; Proscia, Nicholas; Wang, Hao; Lawford, Mark; Maibaum, Tom
Can Product-Specific Assurance Case Templates Be Used as Medical Device Standards? Journal Article
In: IEEE Design & Test, vol. 32, no. 5, pp. 45–55, 2015.
BibTeX | Tags: assurance case template, medical device standards
@article{wassyng2015can,
title = {Can Product-Specific Assurance Case Templates Be Used as Medical Device Standards?},
author = {Wassyng, Alan and Singh, Neeraj Kumar and Geven, Mischa and Proscia, Nicholas and Wang, Hao and Lawford, Mark and Maibaum, Tom},
year = {2015},
date = {2015-01-01},
journal = {IEEE Design & Test},
volume = {32},
number = {5},
pages = {45--55},
publisher = {IEEE},
keywords = {assurance case template, medical device standards},
pubstate = {published},
tppubtype = {article}
}