Workshop: Functional Safety and Cybersecurity



Alexander Much, Elektrobit, Germany

Miklos Biro, SCCH, Austria

Richard Messnarz, ISCN GmbH, Austria
Definition of Functional Safety and Cybersecurity

Implementing Functional Safety and Cybersecurity of electronic systems requires a broad spectrum of skills for a thorough understanding of domain specific standards and technological advances, engineering of complex functions and countermeasures against unintended behavior both due failures and security attacks with balanced architecture decisions, usage and misuse profiles. Automotive and Medical domain scenarios will be presented and discussed. Also contributions and discussions will be included concerning “How much agile is possible in safe and cyber secure systems and software development?”.
Download the Cybersecurity Expert Judgement Workshop Results from EuroSPI2019


Workshop Program 9.9.2020

Workshop - Functional Safety & Cybersecurity
09.00 - 10.30
Automotive Cybersecurity Engineering Job Roles and Best Practices - Developed in the SOQRATES Group
Richard Messnarz, ISCN GesmbH, Austria, Georg Macher, TU Graz, Austria, Florian Stahl, AVL Regensburg, Germany, Stefan Wachter, msgPlaut, Austria, Damjan Ekert, ISCN GesmbH, Austria
A Developer Driven Framework for Security and Privacy in the Internet of Medical Things
Ceara Treacy, John Loane, and Fergal McCaffery, Regulated Software Research Centre and Lero, Dundalk Institute of Technology, Dundalk, Ireland
10.30 - 11.00
Coffee Break
11.00 - 12.30
Achieving Data Privacy with a Dependability Mechanism for Cyber Physical Systems
Gilbert Regan, Fergal Mc Caffery, Pangkaj Chandra Paul, Dundalk Institute of Technology, Ireland,  Jan Reich, Ioannis Sorokos, Fraunhofer, Germany,  Eric Armangeud, AVL, Austria,  Marc Zeller, Siemens Germany, and Simone Longo, General Motors, USA
Supporting Process Design in the Autonomous Era with new Standards and Guidelines
Masao Ito, Nil Inc., Japan
12.30 - 14.00
Lunch Break
14.00 - 15.30
Assessing Risk Estimations for Cyber-Security Using Expert Judgment
Michael Krisper, Jürgen Dobaj, and Georg Macher, Graz University of Technology, Austria
Requirements definition taking a flyer on DO-254
Alastair Walker, Lorit Consultancy GmbH, Austria
15.30 - 16.00
Coffee Break
16.00 - 17.00
An ICS based scenario generator for cyber ranges
Xabier Larrucea, Tecnalia and University of the Basque Country, Alberto Molinuevo, University of the Basque Country, Spain
Questions from Audience
17.15 - 18.00
Key Note: Updates to DRIVES - The Strategic EU Blueprint Project for Automotive, ACEA Petr Dolejsi, European Automobile Manufacturers Association (ACEA)
18.30 - 19.00
Buses take the delegates from the university to the Dusseldorf City Center
19.00 - 24.00
To the Key Brewery in Dusseldorf - Traditional beer garden

Workshop Program 10.9.2020

Workshop - Functional Safety & Cybersecurity
08.00 - 08.40
08.40 - 09.00
Opening by University of Applied Sciences Düsseldorf, EuroSPI and ECQA, Prof. Niemann
09.00 - 09.45
Key Note 2: How to Educate the Cloud?, Sara Schmitz,Netsuite, Germany Chair: Gabriele Sauberer
10.00 - 11.00
A Systematical and “Proven in Use” Approach for “System Item Integration and Testing” in Context of ISO 26262
Martin Ringdorfer, Gerhard Griessnig, Patrick Draxler and Adam Schnellbach, AVL List GesmbH, Austria
Questions from Audience
11.00 - 11.30
Coffee Break
11.30 - 12.30
Interactive Workshop
12.30 - 14.00
Lunch Break

How do I submit my paper?


Please follow the following steps for submitting a paper:

  • Your thematic topic paper should comprise 10-12 pages.
  • Your paper has to be conform to the Springer CCIS format which is the same as the Lecture Notes in Computer Science (LNCS) format (please see the author guidelines of Springer)
  • The paper has to be uploaded to the EuroAsiaSPI² conference website (see below).
  • Authors of accepted papers will be asked to write a final paper of 10 to maximum 12 pages and to prepare a 20 minutes PowerPoint presentation.
  • The final paper has to be uploaded to the EuroAsiaSPI² conference website again.
  • Papers shall reference the SPI Manifesto (find relationships to values and principles or propose new values and principles to be added).

Note: To publish the paper in the proceedings the authors have to sign a copyright form and at least one of the authors has to present the paper at the conference. The paper will be published in printed form and electronically and therefore we need all source files.

Please read first the author submission guideMore...

Also see "Thematic Paper Submission for one of the 10 workshop communities" for more information

Thematic Paper Topics

  • ISO 26262 Experiences
  • IEC 61508 Experiences
  • Safety Assessments and Automotive SPICE assessments Integrated
  • New Norm Parts published in 2018
  • Design Patterns for Functional Safety
  • SOTIF - Safety of the Intended Functionality
  • SAE J3061
  • ISO 27000 Cybersecurity Norms
  • Experiences with Cybersecurity Norms
  • Specific Experiences with Attack Trees
  • Cybersecurity Concepts
  • New System and Software Architectures and Networks
  • How to create Systems adressing both Functionl Safety and Cybersecurity

Submission Dates

10.04.2020 First Thematic Paper Submission
30.04.2020 Review by International Programme Committee and Notification of Acceptance
05.06.2020 Camera Ready Version of Paper for Book
07.08.2020 (now 14.08.2020) Early Registration Deadline (All presenters must register, otherwise the contribution is deselected)
28.08.2020 Upload of Powerpoint Conference Presentation

SPRINGER Book Series

EuroAsiaSPI² is publishing an annual SPRINGER book and the EuroSPI books show a total of 150000 (one hunded fifty thousand) chapter downloads. The workshop papers will form a chapter for this thematic topic in the SPRINGER book.

Additional Information

Key Contributors

Key contributions will come from European initiatives which developed best practices for traceability. However, the workshop is open to include experts who are willing to share their best practices with the community.

We invite experts to share their experiences with the EuroSPI community:

• Good tracebility practices / experiences
• Bad traceability practices / experiences
• Re-Use of traceability in "Baukasten" architectures
• Automatic generation of reports
• Environments and tools supporting traceability

Interactive Workshop Approach

Focus of interest and main questions discussed during the workshop will be:
  • Integrating a system design which covers all these norms? Examples and best practices.
  • Integrating assessment models where in one assessment all norms can be covered (in areas where there is an overlapping and synergy effect).
  • Can we implement agile in safety and security and if so, what are the best practices and/or limits?
  • What are best practices in medical device industry and what are learning effects for Automotive? What are joined embedded system problems to be solved?
  • What are best practices in Automotive industry and what are learning effects for the medical device industry? What are joined embedded system problems to be solved?
Each presentation will be discussed towards these main topics of interest. A panel discussion at the end shall come up with a summary of the solutions presented and with new research topics to focus on to solve this integrated approach (work for next year to meet at next EuroAsiaSPI and share again).