VF2017: Safety and Security Considerations for Software and Digital Hardware Verification

Conference: Verification Futures 2017 (click here to see full programme)
Speaker: John Colley (Research Fellow) University of Southampton
Presentation Title: Safety and Security Considerations for Software and Digital Hardware Verification
Abstract: Safety and Security are considered to be distinct specialisms, with typically separate functions within the organisation. However, in order to verify that the software and hardware components meet the safety and security constraints derived by system analysis, it is necessary that the verification effort considers these constraints as a whole. Safety and security are emergent properties of the system, their needs often conflict and it is not satisfactory to consider their requirements separately and in isolation from the overall requirements of the system.

We present an approach, based on the airborne systems standard, DO-178C and its formal methods supplement, DO-333, that uses system analysis and formal modelling at the abstract level to verify that the system hazards and vulnerabilities can be mitigated successfully in the system architecture. We also consider the requirements for independence in the verification approach, which is important in safety critical applications, but even more so when security is a factor.

    • Safety and Security considerations for complex, high-consequence systems are increasingly becoming an expensive and time-consuming factor in system development.
    • Safety and security are emergent properties of the system, their needs often conflict and it is not satisfactory to consider their requirements separately and in isolation from the overall requirements of the system.
    • A formal, model-based approach to verifying that the software and digital hardware design does not cause the system safety and security constraints to be violated is supported by the established airborne systems standard DO-178C and DO-333.
Speaker Bio: John Colley has twenty years of experience in the development of EDA tools for simulation, test generation, code coverage and model checking. He is now Involved in the ongoing development of verification and validation methods for high-consequence systems, both formal and simulation based, in the defence, rail and semiconductor sectors.

Since 2010 John has been a Research Fellow at the Electronic and Software Systems Group of the University of Southampton where he coordinates the ADVANCE(287563) FP7 project (Advanced Design and Verification Environment for Cyber-physical System Engineering).
He is Workpackage Leader, Process Integration in ADVANCE, covering Requirements Analysis, Safety Analysis, Testing and Coverage in the railway signalling and smart grid domains. He is involved in the ongoing development of verification and validation methods for safety-critical systems, both formal and simulation based, for three UK Ministry of Defence suppliers.

Slides