Software Engineering Institute

Ongoing

Integrated Safety and Security Engineering

The Integrated Safety and Security Engineering (ISSE) project is an ongoing effort looking at the degree to which safety engineering and security engineering can be harmonized when using architectural modeling tools like AADL. The project consists of a number of tasks, which I’ll describe here as we have published results.

The AADL Error Library: An Operationalized Taxonomy of System Errors

A podcast discussing the EMV2 Error Library

The AADL Error Modelling Annex (EMV2, which was developed prior to this project) includes an Error Library. It both embeds a considerable amount of knowledge from academic research and industrial experience and is directly usable in AADL models. Peter Feiler and I wrote a a paper for the HILT18 workshop on the topic, produced a blog post, and made a podcast describing the effort.

Completed

2019

Guided Architecture Trade Space Exploration

A short overview of the GATSE project

I was the PI on a small research project looking at how user-guided exploration of what’s known as a system’s “trade space” might work. This work consists of extending OSATE to automatically explore potential design options in a system and then evaluate them using existing AADL analysis techniques. The code lives over on github, and you can watch a short presentation on the project, or read the MODELS19 publication (or view the slides).

2017

Automated Analysis and Security Policy Enforcement

A presentation I gave on the overall AASPE project — you can also view the slides

Automated Analysis and Security Policy Enforcement (AASPE) was a research project led by Julien Delange and Peter Feiler, and it began before I joined the SEI. It looked primarily at specifying and verifying the separation of different portions of a system (ie, keeping sensor data and control commands separate) as well as analyzing the impacts of potential attacks.

SAFE and Secure

With my background in safety, I looked at safety and security co-analysis under the auspices of AASPE. The result of this effort was a SAW17 publication (slides here, also summarized in two blog posts) that describes some of the security applications of SAFE.