27 Sep Safety-security concept review meeting with TÜV Rheinland
Safety and security are key concepts for UP2DATE as the future adoption of our contributions by industry could be subject to certification. For this reason, in UP2DATE we have early concept reviews with certification authorities.
WP3 deals with safety and security requirements of software updates on high-performance mixed-criticality platforms. While safety and security are two complementary and crucial system properties, they pose different requirements when it comes to software updates:
- Security requires the frequent installation of security patches in order to solve system vulnerabilities
- In safety-critical systems modifications are rather discouraged and may require costly re-certification processes
In the project we propose solutions to deal with this challenge as well as with the increasing complexity of emerging critical embedded systems. However, novel research approaches are not always well aligned with certification requirements. That is why UP2DATE has an specific task devoted to the safety and security concept assessment of its main contributions.
As part of this task, the project has developed a safety-security concept that has been reviewed by TÜV Rheindland, a certification body external to the project consortium. The review meeting, held on the 24th of September, resulted in very interesting discussions with the main conclusion that “The safety and security concept document is of very high quality and from the logical point of view it covers the fundamentals of safety and security requirements, with very solid foundations for a research project” according to the words of TÜV reviewers.
Now the path to follow is clear and WP3 is working on the open issues raised by TÜV. Next project phases will study how to apply these concepts in a real industrial scenario, where conversations with TÜV will continue.