It is the aim of this working group to provide a forum for
discussion in the area of safety and security of computer and
information systems in the German-speaking region, which is
concerned with foundational research in and applications of formal
or mathematically precise techniques in software engineering.
The development of safety- and security-critical systems is
difficult. Many systems are designed and realised which exhibit
severe shortcomings regarding safety or security, which sometimes
enable spectacular failures or exploits.
The reason for this is, that on the one hand, mathematically
precise definitions for basic notions of safety and security are
still lacking or these definitions do not map immediately to the
development context. On the other hand, established methods of
software engineering support consideration of safety or security
requirements only insufficiently.
It is thus necessary to further the discussion about basic
definitions, and to map these to notations and processes which
support the development of safety- and security-critical systems.
Topics of interest of the working group include therefore:
- the mathematical or logical founded definition of notions
of safety and security
- adjustment of techniques from safety-critical systems to
the specific situation of security-critical systems (such as
research regarding quantifiable measures of security)
- the modelling and specifications of safety- and
security-requirements, in particular using formal techniques
- the formal specification of safety- or security-critical
system parts
- the design, the decomposition, and the composition of
software-based systems with the systematic and demonstrable
realisation of safety- or security-requirements
- the mapping (or refinement) of safety- and
security-properties to existing technologies and the investigation
of related methodological problems
- the development of verification techniques and methods to
demonstrate safety and security properties of specifications or
programs, also with support of tools such as theorem provers,
model checkers or computer-aided-software-engineering tools
- the investigation of the use test methods on the basis of
formal models to demonstrate safety or security properties, in
particular to generate test sequences from a specification to
check safety- or security-relevant properties of an implementation
- the integration of safety- and security-aspects in the
practical development process, with use and adaption of
industrially acknowleged methods, notations, and processes.
Of particular importance is the realisation that safety and
security are holistic properties of systems. The discussion with the
working group should thus encourage the exchange between experts of
different specialisations and to contribute to a general
understanding of the problem.
|