Don t Be the Developer Whose Rocket Crashes on Lift off LDRA Ltd
|
|
- Daniel Berry
- 6 years ago
- Views:
Transcription
1
2 Don t Be the Developer Whose Rocket Crashes on Lift off 2015 LDRA Ltd
3 Cost of Software Defects Consider the European Space Agency s Ariane 5 flight 501 on Tuesday, June Due to an error in the software design (inadequate protection from integer overflow), the rocket veered off its flight path 37 seconds after launch and was destroyed by its automated selfdestruct system
4 Rapid Adoption of Function Safety Standards Lockheed Martin Orion Functional safety standards adoption in space Commercial space industry, DOD, and others that are not normally required to meet avionics standards are rapidly adopting Embedded systems across industries Adopting best practices incrementally Standards compliance is becoming fundamental to winning business
5 Functional Safety Software Challenges Objectives and project documents Verification evidence and audit trail Integration with targets Tool qualification Structural coverage (Functional and unit Tests) Data/control flow and coupling Meeting coding standards Traceability of requirements through code and test Reduce cost of compliance Manage distributed team Reduce time to compliance and market
6 Leading Safety Critical Standards Avionics Industrial DO 178B (First published 1992) / DO 178C IEC (First published 1998, Updated 2010) Railway Nuclear Automotive Medical Process CENELEC EN (First published 2001) IEC (First published 2001) ISO (Published 2011) IEC (First published 2006) IEC (First published 2003)
7 Requirements Traceability Across Software Levels
8 Linking Requirements to Design Requirements Design Implementation Unit Test System Test Deployment Requirements Design Simulink
9 Linking Low Level Requirements to Design and Implementation Requirements Design Implementation Unit Test System Test Deployment Source Code Simulink
10 Typical Decomposition Within DOORS
11 Traceability Throughout The Lifecycle Traceability from high level system requirements through lower level requirements, code, and tests ensures that requirements are properly implemented and verified Essential for reliability and ensures security requirements are properly implemented and verified
12 Returning Data Back To DOORS
13 Automating Coding Standards Adherence Requirements Design Implementation Unit Test System Test Deployment C/C++ Java ADA High Quality Software MISRA C / C++ CERT C / CERT JAVA CWE High Integrity C++ HIS IPA/SEC C JSF++ AV Netrino C
14 Another Example: Code Result uint16_t a; uint16_t b; uint32_t c; uint32_t x; x = a + b + c; Depends on the size of int used by the compiler. If it is 16 bit, then there may be loss of granularity for a + b
15 Array Bounds Exceeded Code Result int32_t a[ 10 ]; uint32_t i; for ( i = 0; i < 20; ++i ) { a[ i ] = 0; } Depending on the runtime environment (OS, etc), this will result in an exception or overwrite unrelated memory.
16 Automation of Unit / Low level Testing Requirements Design Implementation Unit Test System Test Deployment LLR_0001 LLR_ LLR_000n LLT_0001 LLT_ LLT_000m
17 Developing, Executing, and Reviewing Tests
18 Robustness Testing at the Unit Level
19 The Requirement, Test Case and Results Visibility into requirements and test data at the point of test creation
20 Aggregating Coverage from High and Low Level Testing Requirements Design Implementation Unit Test System Test Deployment HLR_0001 HLR_ HLR_000n HLT_0001 HLT_ HLT_000m LLR_0001 LLR_ LLR_000n LLT_0001 LLT_ LLT_000m
21 What is Structural Coverage? Measurement of Test Effectiveness How effectively did tests exercise code? Exercised, entry points, statements, branches, compound conditionals, execution paths Systems requirement reliability levels up with one defect per 10 9 operating hours Metric that helps determine when a system is adequately tested Structural Coverage is Often Mandated DO 178B/C DO 278(A) for Commercial/Defense avionics and ground systems IEC for industrial controls ISO for automotive IEC for medical devices EN for rail Company based standards (in house)
22 Types of Coverage Depending on the SIL or DAL level and functional safety standard being followed, coverage requirements and required methodology varies Statement Coverage Branch Decision Coverage Modified Condition / Decision Coverage (MC/DC) Data Coupling and Control Coupling Coverage Object Code Coverage Linear Code Sequence And Jump Coverage Test Path (LCSAJ)
23 Visualising Structural Coverage Statement and Branch Coverage as viewed within a Flowgraph
24 Assembler Code Coverage Traceability of requirements through source code and object code Requirement for adherence DO 178C Level A High order language coverage as well as coverage at the Assembly level to show traceability to object code
25 Data and Control Coupling Coverage DO 178C section c states: Analysis to confirm that the requirements based testing has exercised the data and control coupling between code components Control coupling coverage is ensuring that every invocation of a function has been exercised Data coupling coverage is ensuring that we have exercised every access to the data
26 From the Simulation to the Target Model Test Execution In Simulation Simulation Test Cases Modeling tools Reusing model tests Model Coverage/Code Coverage Model Behaviour And Model Coverage Application Behaviour And Code Coverage Generated Code Executed on Host Test Cases Host Computer Test Cases Reused Test Cases Pass Coverage Requirements Met Generated Code Executed on Target Test Cases Target H/W
27 Integrations Required Across the Lifecycle Requirements Modeling Tools RTM Compilers Processors Source Languages & Host Platforms IDE s Communication Protocols RTOS Version Control
28 Characteristics of Secure Systems Dependable Executes predictably Operates correctly Trustworthiness Minimal vulnerabilities that can be exploited No malicious logic Survivability Resists or tolerates known and novel attacks Quick recovery Dependability Trustworthiness Survivability Secure Software
29 Standards/Organizations Common Criteria IEC ISO IEC IEEE ISO/IEC Common Criteria for Information Technology Security Evaluation Industrial Network and System Security Information Security Management Information Security for Power System Control Operations (Smart Grids) Systems and Software Engineering. Replaced MIL STD 498 Security Techniques Message Authentication Codes
30 CERT Standards/Organizations Computer Emergency Response Team (CERT C and CERT Java) CWE/CVE OWASP DIACAP NIST Common Criteria Common Weakness Enumeration Open Web Application Security Project Defense Information Assurance Certification and Accreditation Process Information Assurance DOD National Institute of Standards and Technology Risk Management Framework Information Technology Security Evaluation
31 Understanding Quality and Security Software Security Software Quality Reliability Processes Security Processes Safety Critical Security Critical Thinking Safety vs Security Does the application perform reliably as designed? Is the application resistant to external attacks Failing Functionality vs Attack Surface
32 CERT Computer Emergency Response CERT Analysed more than 1000 Vulnerabilities Team Project through Carnegie Mellon University Addresses Vulnerability of S/W that is being developed S/W already deployed Primary Cause Easily avoided defects Common programming errors Follow the Standard Uniform set of rules and guidelines Determined by project and organisation Programmer s familiarity or preference doesn't matter
33 Automating Secure Standards Adherence
34 CWE Structural Coverage
35 Utilizing Continuous Integration Agility in high reliability software Popularity of continuous integration in the functional safety area Adoption of Agile development practices Finding practical ways of merging traditional requirements driven development with Agile practices
36 Improving Workflow with IDE Integrations Unified development and verification environment More efficient and easier to implement within a process Utilizes existing building/execution framework Reduces process implementation cost and developer time
37 Application Lifecycle Requirements Design Implementation Unit Test System Test Deployment
38 Questions & Answers
39 For Further Information LDRA Software Technology LDRA Limited
Structural Coverage Analysis for Safety-Critical Code - Who Cares? 2015 LDRA Ltd 1
Structural Coverage Analysis for Safety-Critical Code - Who Cares? 2015 LDRA Ltd 1 What is Structural Coverage? Measurement of Test Effectiveness How effectively did tests exercise code? Exercised, entry
More informationBest Practices Process & Technology. Sachin Dhiman, Senior Technical Consultant, LDRA
Best Practices Process & Technology Sachin Dhiman, Senior Technical Consultant, LDRA Best Quality Software Product Requirements Design Coding Testing 2 Product Requirement Feature Requirement Security
More informationCoding Standards in FACE Conformance. John Thomas, Chris Edwards, and Shan Bhattacharya
Coding Standards in FACE Conformance John Thomas, Chris Edwards, and Shan Bhattacharya LDRA Overview Provider of Software Quality, Compliance Management & Testing Solutions Established 1975 ISO 9001 certified
More informationCoding Standards in FACE Conformance. John Thomas, Chris Edwards, and Shan Bhattacharya
Coding Standards in FACE Conformance John Thomas, Chris Edwards, and Shan Bhattacharya LDRA Overview Provider of Software Quality, Compliance Management & Testing Solutions Established 1975 ISO 9001 certified
More informationAutomating Best Practices to Improve Design Quality
Automating Best Practices to Improve Design Quality Adam Whitmill, Senior Application Engineer 2015 The MathWorks, Inc. 1 Growing Complexity of Embedded Systems Emergency Braking Body Control Module Voice
More information정형기법을활용한 AUTOSAR SWC 의구현확인및정적분석
정형기법을활용한 AUTOSAR SWC 의구현확인및정적분석 Develop high quality embedded software 이영준 Principal Application Engineer 2015 The MathWorks, Inc. 1 Agendas Unit-proving of AUTOSAR Component and Runtime error Secure Coding
More informationSimulink 모델과 C/C++ 코드에대한매스웍스의정형검증툴소개 The MathWorks, Inc. 1
Simulink 모델과 C/C++ 코드에대한매스웍스의정형검증툴소개 2012 The MathWorks, Inc. 1 Agenda Formal Verification Key concept Applications Verification of designs against (functional) requirements Design error detection Test
More informationAutomating Best Practices to Improve Design Quality
Automating Best Practices to Improve Design Quality 임베디드 SW 개발에서의품질확보방안 이제훈차장 2015 The MathWorks, Inc. 1 Key Takeaways Author, manage requirements in Simulink Early verification to find defects sooner
More informationVerification and Validation of High-Integrity Systems
Verification and Validation of High-Integrity Systems Chethan CU, MathWorks Vaishnavi HR, MathWorks 2015 The MathWorks, Inc. 1 Growing Complexity of Embedded Systems Emergency Braking Body Control Module
More informationSeven Roadblocks to 100% Structural Coverage (and how to avoid them)
Seven Roadblocks to 100% Structural Coverage (and how to avoid them) White Paper Structural coverage analysis (SCA also referred to as code coverage) is an important component of critical systems development.
More informationWHITE PAPER. 10 Reasons to Use Static Analysis for Embedded Software Development
WHITE PAPER 10 Reasons to Use Static Analysis for Embedded Software Development Overview Software is in everything. And in many embedded systems like flight control, medical devices, and powertrains, quality
More informationIntro to Proving Absence of Errors in C/C++ Code
Intro to Proving Absence of Errors in C/C++ Code Develop high quality embedded software Kristian Lindqvist Senior Pilot Engineer MathWorks 2016 The MathWorks, Inc. 1 The Cost of Failure Ariane 5: Overflow
More informationIDE for medical device software development. Hyun-Do Lee, Field Application Engineer
IDE for medical device software development Hyun-Do Lee, Field Application Engineer Agenda SW Validation Functional safety certified tool IAR Embedded Workbench Code Analysis tools SW Validation Certifications
More informationVerification and Validation of Models for Embedded Software Development Prashant Hegde MathWorks India Pvt. Ltd.
Verification and Validation of Models for Embedded Software Development Prashant Hegde MathWorks India Pvt. Ltd. 2015 The MathWorks, Inc. 1 Designing complex systems Is there something I don t know about
More informationModel-Based Design for High Integrity Software Development Mike Anthony Senior Application Engineer The MathWorks, Inc.
Model-Based Design for High Integrity Software Development Mike Anthony Senior Application Engineer The MathWorks, Inc. Tucson, AZ USA 2009 The MathWorks, Inc. Model-Based Design for High Integrity Software
More informationIIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com IIRA: Industrial Internet Reference Architecture RAMI: Reference Architecture Model for Industrie IIoT:
More informationSecure Development Lifecycle
Secure Development Lifecycle Strengthening Cisco Products The Cisco Secure Development Lifecycle (SDL) is a repeatable and measurable process designed to increase Cisco product resiliency and trustworthiness.
More informationBUILDING APPLICATION SECURITY INTO PRODUCTION CONTAINER ENVIRONMENTS Informed by the National Institute of Standards and Technology
BUILDING APPLICATION SECURITY INTO PRODUCTION CONTAINER ENVIRONMENTS Informed by the National Institute of Standards and Technology ebook BUILDING APPLICATION SECURITY INTO PRODUCTION CONTAINER ENVIRONMENTS
More informationVerification and Test with Model-Based Design
Verification and Test with Model-Based Design Flight Software Workshop 2015 Jay Abraham 2015 The MathWorks, Inc. 1 The software development process Develop, iterate and specify requirements Create high
More informationCERTIFIED. Faster & Cheaper Testing. Develop standards compliant C & C++ faster and cheaper, with Cantata automated unit & integration testing.
CERTIFIED Faster & Cheaper Testing Develop standards compliant C & C++ faster and cheaper, with Cantata automated unit & integration testing. Why Industry leaders use Cantata Cut the cost of standards
More informationAutomatización de Métodos y Procesos para Mejorar la Calidad del Diseño
Automatización de Métodos y Procesos para Mejorar la Calidad del Diseño Luis López 2015 The MathWorks, Inc. 1 Growing Complexity of Embedded Systems Emergency Braking Body Control Module Voice Recognition
More informationLeveraging Formal Methods for Verifying Models and Embedded Code Prashant Mathapati Application Engineering Group
Leveraging Formal Methods for Verifying Models and Embedded Code Prashant Mathapati Application Engineering Group 2014 The MathWorks, Inc. 1 The Cost of Failure News reports: Recall Due to ECU software
More informationConvergence of Safety, Systems & Cybersecurity Bill StClair, Director, LDRA, US Operations
Convergence of Safety, Systems & Cybersecurity Bill StClair, Director, LDRA, US Operations Agenda Nexus of Safety and Cybersecurity Separation and Connectivity Trends in Aerospace Cybersecurity Isn t Security
More informationModel-Based Design for Safety Critical Automotive Applications
Model-Based Design for Safety Critical Automotive Applications Mirko Conrad Senior Team Lead Simulink Certification and Standards 2008 The MathWorks, Inc. Model-Based Design for Safety-Critical Applications
More informationUsing Model-Based Design in conformance with safety standards
Using Model-Based Design in conformance with safety standards MATLAB EXPO 2014 Kristian Lindqvist Senior Engineer 2014 The MathWorks, Inc. 1 High-Integrity Applications Software-based systems that are
More informationIncreasing Embedded Software Confidence Model and Code Verification. Daniel Martins Application Engineer MathWorks
Increasing Embedded Software Confidence Model and Code Verification Daniel Martins Application Engineer MathWorks Daniel.martins@mathworks.fr 1 What is the Cost of Software Failure Ariane 5 $7,500,000,000
More informationAddressing Future Challenges in the Development of Safe and Secure Software Components The MathWorks, Inc. 1
Addressing Future Challenges in the Development of Safe and Secure Software Components 2016 The MathWorks, Inc. 1 Cybersecurity Emerging Topic in the Auto Industry Vehicle-to-Infrastructure Wifi Hotspot
More informationValidation Suites vs. Validation Kits
Validation s vs. Validation s A Side by Side Comparison Validated Software Corporation (VSC) offers a set of turnkey certification products for Micrium s µc/os real-time operating system (RTOS) that are
More informationIncreasing Design Confidence Model and Code Verification
Increasing Design Confidence Model and Code Verification 2017 The MathWorks, Inc. 1 The Cost of Failure Ariane 5 $7,500,000,000 Rocket & payload lost 2 The Cost of Failure USS Yorktown 0 Knots Top speed
More informationS1.1: RESEARCH AND DEVELOPMENT IN EUROPE FOR COMPETITIVE MANUFACTURING. Competitiveness of Industry by means of Cross Fertilisation
S1.1: RESEARCH AND DEVELOPMENT IN EUROPE FOR COMPETITIVE MANUFACTURING Competitiveness of Industry by means of Cross Fertilisation STORYLINE: FOCUS ON KEY ENABLERS FOR DISTRIBUTED INDUSTRIALS SYSTEMS HOW
More informationSimplifying Functional Safety Certification with the ARM Keil µvision 5 IDE and the LDRA tool suite
Simplifying Functional Safety Certification with the ARM Keil µvision 5 IDE and the LDRA tool suite LDRA 2017 LDRA tool suite v9.7.0 August 2017 1 Goals Starting with some simple requirements written in
More informationMASP Chapter on Safety and Security
MASP Chapter on Safety and Security Daniel Watzenig Graz, Austria https://artemis.eu MASP Chapter on Safety & Security Daniel Watzenig daniel.watzenig@v2c2.at Francois Tuot francois.tuot@gemalto.com Antonio
More informationDelivering Software Quality and Security through Test, Analysis and Requirements Traceability
Increase Productivity with Automated Unit/Integration/Low Level Testing with LDRAunit Delivering Software Quality and Security through Test, Analysis and Requirements Traceability SoftwareTechnology Unit
More informationBy V-cubed Solutions, Inc. Page1. All rights reserved by V-cubed Solutions, Inc.
By V-cubed Solutions, Inc. Page1 Purpose of Document This document will demonstrate the efficacy of CODESCROLL CODE INSPECTOR, CONTROLLER TESTER, and QUALITYSCROLL COVER, which has been developed by V-cubed
More informationGuidance for Requirements for qualified trust service providers: trustworthy systems and products
Guidance for Requirements for qualified trust service providers: trustworthy systems and products Note on using the guidance: examples are used throughout they are not normative or exclusive, but there
More informationImplementation and Verification Daniel MARTINS Application Engineer MathWorks
Implementation and Verification Daniel MARTINS Application Engineer MathWorks Daniel.Martins@mathworks.fr 2014 The MathWorks, Inc. 1 Agenda Benefits of Model-Based Design Verification at Model level Code
More informationCertification Authorities Software Team (CAST) Position Paper CAST-25
Certification Authorities Software Team (CAST) Position Paper CAST-25 CONSIDERATIONS WHEN USING A QUALIFIABLE DEVELOPMENT ENVIRONMENT (QDE) IN CERTIFICATION PROJECTS COMPLETED SEPTEMBER 2005 (Rev 0) NOTE:
More informationAn incremental and multi-supplement compliant process for Autopilot development to make drones safer
An incremental and multi-supplement compliant process for Autopilot development to make drones safer Frédéric POTHON - ACG Solutions frederic.pothon@acg-solutions.fr Tel: (33)4. 67. 609.487 www.acg-solutions.fr
More informationMIS Week 9 Host Hardening
MIS 5214 Week 9 Host Hardening Agenda NIST Risk Management Framework A quick review Implementing controls Host hardening Security configuration checklist (w/disa STIG Viewer) NIST 800-53Ar4 How Controls
More informationChanging the way the world does software
Changing the way the world does software Automated Certification from Soup to Nuts Nick Tudor njt@drisq.com Introducing D-RisQ D-RisQ is a SME based in Malvern, UK. All personnel have a background in mathematics,
More informationSoftware Verification and Validation (VIMMD052) Introduction. Istvan Majzik Budapest University of Technology and Economics
Software Verification and Validation (VIMMD052) Introduction Istvan Majzik majzik@mit.bme.hu Budapest University of Technology and Economics Dept. of Measurement and Information s Budapest University of
More informationA Model-Based Reference Workflow for the Development of Safety-Related Software
A Model-Based Reference Workflow for the Development of Safety-Related Software 2010-01-2338 Published 10/19/2010 Michael Beine dspace GmbH Dirk Fleischer dspace Inc. Copyright 2010 SAE International ABSTRACT
More informationautomatisiertensoftwaretests
FunktionaleSicherheitmit automatisiertensoftwaretests SOFTWARE CONSIDERATIONS IN AIRBORNE SYSTEMS AND EQUIPMENT CERTIFICAION RTCA DO-178B RTCA Dynamisch& Statisch 0 Agenda Übersicht über Sicherheitsstandards
More informationTSP and Security. PSP/TSP Community of Practice Breakout Group. December 14-15, 2016
TSP and Security PSP/TSP Community of Practice Breakout Group December 14-15, 2016 Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 2016 Carnegie Mellon University Topics
More informationSecure Development Processes
Secure Development Processes SecAppDev2009 What s the problem? Writing secure software is tough Newcomers often are overwhelmed Fear of making mistakes can hinder Tend to delve into security superficially
More informationFrom Design to Production
From Design to Production An integrated approach Paolo Fabbri Senior Engineer 2014 The MathWorks, Inc. 1 Do you know what it is? Requirements System Test Functional Spec Integration Test Detailed Design
More informationProduction Code Generation and Verification for Industry Standards Sang-Ho Yoon Senior Application Engineer
Production Code Generation and Verification for Industry Standards Sang-Ho Yoon Senior Application Engineer 2012 The MathWorks, Inc. 1 High-Integrity Applications Often Require Certification Software-based
More informationProgramming Language Vulnerabilities within the ISO/IEC Standardization Community
Programming Language Vulnerabilities within the ISO/IEC Standardization Community Stephen Michell International Convenor JTC 1/SC 22 WG 23 Programming Language Vulnerabilities stephen.michell@maurya.on.ca
More informationEnhancing the Cybersecurity of Federal Information and Assets through CSIP
TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3
More informationSoftware Testing Lecture 1. Justin Pearson
Software Testing Lecture 1 Justin Pearson 2017 1 / 50 Four Questions Does my software work? 2 / 50 Four Questions Does my software work? Does my software meet its specification? 3 / 50 Four Questions Does
More informationCERTIFICATION ISSUES IN AUTOMOTIVE SOFTWARE
CERTIFICATION ISSUES IN AUTOMOTIVE SOFTWARE Speaker: Mario Fusani Systems and Software Evaluation Centre ISTI CNR, Pisa, Italy mario.fusani@isti.cnr.it 1 CONTENTS Certification What is certification? Definitions
More informationSimulink 를이용한 효율적인레거시코드 검증방안
Simulink 를이용한 효율적인레거시코드 검증방안 류성연 2015 The MathWorks, Inc. 1 Agenda Overview to V&V in Model-Based Design Legacy code integration using Simulink Workflow for legacy code verification 2 Model-Based Design
More informationOutline SECURITY AND SAFETY MODELLING FOR EMBEDDED SYSTEMS
SECURITY AND SAFETY MODELLING FOR EMBEDDED SYSTEMS https://www.sesamo-project.eu John Favaro, Intecs S.p.A. Robert Stroud, Adelard LLP Outline Introduction to SESAMO SESAMO objectives Project organization
More informationLeveraging Formal Methods Based Software Verification to Prove Code Quality & Achieve MISRA compliance
Leveraging Formal Methods Based Software Verification to Prove Code Quality & Achieve MISRA compliance Prashant Mathapati Senior Application Engineer MATLAB EXPO 2013 The MathWorks, Inc. 1 The problem
More informationCyber Security for Process Control Systems ABB's view
Kaspersky ICS Cybersecurity 2017, 2017-09-28 Cyber Security for Process Control Systems ABB's view Tomas Lindström, Cyber Security Manager, ABB Control Technologies Agenda Cyber security for process control
More informationProcess for the Evaluation and Acceptance of Building Products in the USA
Process for the Evaluation and Acceptance of Building Products in the USA Rick Okawa, P.E. Deputy Vice President of Global Services and Business Development An Integrated Building System Product Certification
More informationVector Software. Using VectorCAST to Satisfy Software Verification and Validation for ISO W H I T E P A P E R
Vector Software W H I T E P A P E R Using VectorCAST to Satisfy Software Verification and Validation for ISO 26262 Purpose This document is intended to serve as a reference to show how the VectorCAST products
More informationGNAT Pro Innovations for High-Integrity Development
GNAT Pro Innovations for High-Integrity Development José F. Ruiz Senior Software Engineer Ada Europe 2010, Valencia 2010-06-15 www.adacore.com Index Development environment Tools Static
More informationGuidelines for deployment of MathWorks R2010a toolset within a DO-178B-compliant process
Guidelines for deployment of MathWorks R2010a toolset within a DO-178B-compliant process UK MathWorks Aerospace & Defence Industry Working Group Guidelines for deployment of MathWorks R2010a toolset within
More informationVerification, Validation, and Test with Model-Based Design
2008-01-2709 Verification, Validation, and Test with Model-Based Design Copyright 2008 The MathWorks, Inc Tom Erkkinen The MathWorks, Inc. Mirko Conrad The MathWorks, Inc. ABSTRACT Model-Based Design with
More informationIoT & SCADA Cyber Security Services
RIOT SOLUTIONS PTY LTD P.O. Box 10087 Adelaide St Brisbane QLD 4000 BRISBANE HEAD OFFICE Level 22, 144 Edward St Brisbane, QLD 4000 T: 1300 744 028 Email: sales@riotsolutions.com.au www.riotsolutions.com.au
More informationStandardkonforme Absicherung mit Model-Based Design
Standardkonforme Absicherung mit Model-Based Design MATLAB EXPO 2014 Dr. Marc Segelken Principal Application Engineer 2014 The MathWorks, Inc. 1 Safety Standards for Embedded Systems IEC 61508 ISO 26262
More informationSDLC Maturity Models
www.pwc.com SDLC Maturity Models SecAppDev 2017 Bart De Win Bart De Win? 20 years of Information Security Experience Ph.D. in Computer Science - Application Security Author of >60 scientific publications
More informationThe Software Assurance Ecosystem: OMG s Approach to Systems & Software Assurance
The Software Assurance Ecosystem: OMG s Approach to Systems & Software Assurance Dr. Richard Mark Soley Chairman and CEO Object Management Group, Inc. With thanks to the OMG Systems Assurance Domain Task
More informationSECURITY TRAINING SECURITY TRAINING
SECURITY TRAINING SECURITY TRAINING Addressing software security effectively means applying a framework of focused activities throughout the software lifecycle in addition to implementing sundry security
More informationEngineering Your Software For Attack
Engineering Your Software For Attack Robert A. Martin Senior Principal Engineer Cyber Security Center Center for National Security The MITRE Corporation 2013 The MITRE Corporation. All rights reserved.
More informationA ROADMAP TO STANDARDIZING THE IRIG 106 CHAPTER 10 COMPLIANT DATA FILTERING AND OVERWRITNG SOFTWARE PROCESS
A ROADMAP TO STANDARDIZING THE IRIG 106 CHAPTER 10 COMPLIANT DATA FILTERING AND OVERWRITNG SOFTWARE PROCESS Item Type text; Proceedings Authors Berard, Alfredo; Manning, Dennis; Kim, Jeong Min Publisher
More informationSecure Agile How to make secure applications using Agile Methods Thomas Stiehm, CTO
Secure Agile How to make secure applications using Agile Methods Thomas Stiehm, CTO tom.stiehm@coveros.com 1 About Coveros Coveros helps organizations accelerate the delivery of business value through
More informationSecurity analysis and assessment of threats in European signalling systems?
Security analysis and assessment of threats in European signalling systems? New Challenges in Railway Operations Dr. Thomas Störtkuhl, Dr. Kai Wollenweber TÜV SÜD Rail Copenhagen, 20 November 2014 Slide
More informationDRYING CONTROL LOGIC DEVELOPMENT USING MODEL BASED DESIGN
DRYING CONTROL LOGIC DEVELOPMENT USING MODEL BASED DESIGN Problem Definition To generate and deploy automatic code for Drying Control Logics compatible with new SW architecture in 6 months using MBD, a
More informationSecurity: The Key to Affordable Unmanned Aircraft Systems
AN INTEL COMPANY Security: The Key to Affordable Unmanned Aircraft Systems By Alex Wilson, Director of Business Development, Aerospace and Defense WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY
More informationTEL2813/IS2820 Security Management
TEL2813/IS2820 Security Management Security Management Models And Practices Lecture 6 Jan 27, 2005 Introduction To create or maintain a secure environment 1. Design working security plan 2. Implement management
More informationBUILDING FUNCTIONAL SAFETY PRODUCTS WITH WIND RIVER VXWORKS RTOS
BUILDING FUNCTIONAL SAFETY PRODUCTS WITH WIND RIVER VXWORKS RTOS Alex Wilson Director, Market Development 2017 WIND RIVER. ALL RIGHTS RESERVED. For over 30 years, Wind River has helped the world's technology
More informationConsiderations in automotive embedded development Global Automotive Director Kiyo Uemura
Considerations in automotive embedded development Global Automotive Director Kiyo Uemura Agenda 1. IAR Systems Introduction 2. Background & ISO 26262 3. Software Development at the software level 4. Supporting
More informationAdvanced Security Tester Course Outline
Advanced Security Tester Course Outline General Description This course provides test engineers with advanced skills in security test analysis, design, and execution. In a hands-on, interactive fashion,
More informationCERT C++ COMPLIANCE ENFORCEMENT
CERT C++ COMPLIANCE ENFORCEMENT AUTOMATED SOURCE CODE ANALYSIS TO MAINTAIN COMPLIANCE SIMPLIFY AND STREAMLINE CERT C++ COMPLIANCE The CERT C++ compliance module reports on dataflow problems, software defects,
More informationJay Abraham 1 MathWorks, Natick, MA, 01760
Jay Abraham 1 MathWorks, Natick, MA, 01760 Stringent performance requirements and shorter development cycles are driving the use of modeling and simulation. Model-Based Design core of this development
More informationVerification of Requirements For Safety-Critical Software
Verification of Requirements For Safety-Critical Software Paul B. Carpenter Director, Life Cycle Technology Aonix, 5040 Shoreham Place, San Diego, CA USA, 92122 Email: paulc@aonix.com; Tel: 602-816-0245;
More informationBuilding an Assurance Foundation for 21 st Century Information Systems and Networks
Building an Assurance Foundation for 21 st Century Information Systems and Networks The Role of IT Security Standards, Metrics, and Assessment Programs Dr. Ron Ross National Information Assurance Partnership
More information18-642: Code Style for Compilers
18-642: Code Style for Compilers 9/6/2018 2017-2018 Philip Koopman Programming can be fun, so can cryptography; however they should not be combined. Kreitzberg and Shneiderman 2017-2018 Philip Koopman
More information2015 The MathWorks, Inc. 1
2015 The MathWorks, Inc. 1 신호처리응용을위한 Model Based Design Workflow 이웅재부장 2015 The MathWorks, Inc. 2 CASE: Software in Signal Processing Application (Medical) Medical devices are increasingly driven by complex
More informationSCADE TRAINING PROGRAM 2016
SCADE TRAINING PROGRAM 2016 Register online! Esterel Technologies SAS - A wholly-owned subsidiary of ANSYS Inc. - An ISO 9001:2008 Certified Company 1 Model-Based Design Embedded Software Certified/Qualified
More informationSecurity Management Models And Practices Feb 5, 2008
TEL2813/IS2820 Security Management Security Management Models And Practices Feb 5, 2008 Objectives Overview basic standards and best practices Overview of ISO 17799 Overview of NIST SP documents related
More informationFOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY
FOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY The Foundation Certificate in Information Security (FCIS) course is designed to provide
More informationFinal Presentation AUTOCOGEQ GMV, 2017 Property of GMV All rights reserved UNCLASSIFIED INFORMATION
@ESTEC GMV, 2017 Property of GMV All rights reserved UNCLASSIFIED INFORMATION El presente documento está clasificado como "GMV-XXXX". Esta clasificación habilita a su receptor al uso de la información
More informationQuality Assurance and IT Risk Management
Quality Assurance and IT Risk Deutsche Bank s QA and Testing Transformation Journey Michael Venditti Head of Enterprise Testing Services, Deutsche Bank IT RISK - REGULATORY GOVERNANCE Major shifts in the
More informationImproving Security in the Application Development Life-cycle
Improving Security in the Application Development Life-cycle Migchiel de Jong Software Security Engineer mdejong@fortifysoftware.com March 9, 2006 General contact: Jurgen Teulings, 06-30072736 jteulings@fortifysoftware.com
More informationAchieving Java Application Security With Parasoft Jtest
Achieving Java Application Security With Parasoft Jtest Cloud computing continues to gain traction as enterprises increasingly embrace the shift to Internet-based environments. Unfortunately, this also
More informationVerification, Validation & Traceability Nightmares? 5-ways to streamline these processes. Simplicity AI Jul-15 COMMERCIAL IN CONFIDENCE
Verification, Validation & Traceability Nightmares? 5-ways to streamline these processes Make life easier as a test engineer Use Technology to Help with Common Activities 1. Test Coverage 2. Gauge R &
More informationAutomating the Top 20 CIS Critical Security Controls
20 Automating the Top 20 CIS Critical Security Controls SUMMARY It s not easy being today s CISO or CIO. With the advent of cloud computing, Shadow IT, and mobility, the risk surface area for enterprises
More informationCoding and Unit Testing! The Coding Phase! Coding vs. Code! Coding! Overall Coding Language Trends!
Requirements Spec. Design Coding and Unit Testing Characteristics of System to be built must match required characteristics (high level) Architecture consistent views Software Engineering Computer Science
More informationIBM Rational Rhapsody
IBM Rational Rhapsody IBM Rational Rhapsody TestConductor Add On Qualification Kit for DO-178B/C Overview Version 1.9 License Agreement No part of this publication may be reproduced, transmitted, stored
More informationVerification and Validation
Verification and Validation Assuring that a software system meets a user's needs Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 19 Slide 1 Objectives To introduce software verification
More informationXD Framework (XDF) Overview. For More Information Contact BlueSpace at Tel: (512) Web:
XD Framework (XDF) Overview For More Information Contact BlueSpace at Tel: (512) 366-3940 Email: info@bluespace.com Web: www.bluespace.com Contents 1 INTRODUCTION... 3 2 CASE STUDY... 4 2.1 PROBLEM STATEMENT...
More information18-642: Code Style for Compilers
18-642: Code Style for Compilers 9/25/2017 1 Anti-Patterns: Coding Style: Language Use Code compiles with warnings Warnings are turned off or over-ridden Insufficient warning level set Language safety
More informationCyber Attacks & Breaches It s not if, it s When
` Cyber Attacks & Breaches It s not if, it s When IMRI Team Aliso Viejo, CA Trusted Leader with Solution Oriented Results Since 1992 Data Center/Cloud Computing/Consolidation/Operations 15 facilities,
More informationBy Matthew Noonan, Project Manager, Resource Group s Embedded Systems & Solutions
Building Testability into FPGA and ASIC Designs By Matthew Noonan, Project Manager, Resource Group s Embedded Systems & Solutions Introduction This paper discusses how the architecture for FPGAs and ASICs
More informationUNCLASSIFIED. R-1 Program Element (Number/Name) PE D8Z / Software Engineering Institute (SEI) Applied Research. Prior Years FY 2013 FY 2014
Exhibit R-2, RDT&E Budget Item Justification: PB 2015 Office of Secretary Of Defense Date: March 2014 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: COST ($ in Millions) Prior Years
More informationFault-Injection testing and code coverage measurement using Virtual Prototypes on the context of the ISO standard
Fault-Injection testing and code coverage measurement using Virtual Prototypes on the context of the ISO 26262 standard NMI Automotive Electronics Systems 2013 Event Victor Reyes Technical Marketing System
More informationSparta Systems TrackWise Digital Solution
Systems TrackWise Digital Solution 21 CFR Part 11 and Annex 11 Assessment February 2018 Systems TrackWise Digital Solution Introduction The purpose of this document is to outline the roles and responsibilities
More information