Towards tool-based security-informed safety oriented process line engineering

Abstract

For the purpose of certification, manufactures of nowadays highly connected safety-critical systems are expected to engineer their systems according to well-defined engineering processes in compliance with safety and security standards. Certification is an extremely expensive and time-consuming process. Since safety and security standards exhibit a certain degree of commonality, certification-related artifacts (e.g., process models) should to some extent be reusable. To enable systematic reuse and customization of process information, in this paper we further develop security-informed safety-oriented process line engineering (i.e., engineering of sets of processes including security and safety concerns). More specifically, first we consider three tool-supported approaches for process-related commonality and variability management and we apply them to limited but meaningful portions of safety and security standards within airworthiness. Then, we discuss our findings. Finally, we draw our conclusions and sketch future work.