It is the aim of this working group to provide a forum for discussion in the area of safety and security of computer and information systems in the German-speaking region, which is concerned with foundational research in and applications of formal or mathematically precise techniques in software engineering.

The development of safety- and security-critical systems is difficult. Many systems are designed and realised which exhibit severe shortcomings regarding safety or security, which sometimes enable spectacular failures or exploits.

The reason for this is, that on the one hand, mathematically precise definitions for basic notions of safety and security are still lacking or these definitions do not map immediately to the development context. On the other hand, established methods of software engineering support consideration of safety or security requirements only insufficiently.

It is thus necessary to further the discussion about basic definitions, and to map these to notations and processes which support the development of safety- and security-critical systems.

Topics of interest of the working group include therefore:

 

  • the mathematical or logical founded definition of notions of safety and security
  • adjustment of techniques from safety-critical systems to the specific situation of security-critical systems (such as research regarding quantifiable measures of security)
  • the modelling and specifications of safety- and security-requirements, in particular using formal techniques
  • the formal specification of safety- or security-critical system partsthe design, the decomposition, and the composition of software-based systems with the systematic and demonstrable realisation of safety- or security-requirements
  • the mapping (or refinement) of safety- and security-properties to existing technologies and the investigation of related methodological problems
  • the development of verification techniques and methods to demonstrate safety and security properties of specifications or programs, also with support of tools such as theorem provers, model checkers or computer-aided-software-engineering tools
  • the investigation of the use test methods on the basis of formal models to demonstrate safety or security properties, in particular to generate test sequences from a specification to check safety- or security-relevant properties of an implementation
  • the integration of safety- and security-aspects in the practical development process, with use and adaption of industrially acknowleged methods, notations, and processes.

Of particular importance is the realisation that safety and security are holistic properties of systems. The discussion with the working group should thus encourage the exchange between experts of different specialisations and to contribute to a general understanding of the problem.