Abstract
In Production Systems Engineering (PSE), many projects conceptually follow the plan of traditional waterfall processes with sequential process steps and limited security activities, while engineers actually work in parallel and distributed groups following a Round-Trip-Engineering (RTE) process. Unfortunately, the applied RTE process in PSE is coarse-grained, i.e., often data are exchanged via E-Mail and integrated seldom and inefficiently as the RTE process is not well supported by methods and tools that facilitate efficient and secure data exchange. Thus, there is a need for frequent synchronization in a secure way to enable engineers building on a stable and baseline of engineering data. We build on Scrum, as an established agile engineering process, and security best practices to support flexible and secure RTE processes. In this paper, we introduce and initially evaluate an efficient and secure RTE process for PSE, augmented with agile practices, and discuss the identification and mitigation of security concerns and risks. First results show that the augmented RTE process can provide strong benefits from agile practices for the collaboration of engineers in PSE environments. Security practices can be added but need to be balanced well regarding sufficient mitigation of security risks and extra effort for engineers to ensure an overall benefit to both engineers and the management.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
See the basic RTE Use Case: http://qse.ifs.tuwien.ac.at/wp-content/uploads/1703_EN.pdf.
- 2.
Agile Manifest: http://agilemanifesto.org/.
- 3.
Atlassian Jira: https://www.atlassian.com/software/jira.
References
Abrahamsson, P., Salo, O., Ronkainen J., Warsta J.: Agile Software Development Methods: Review and Analysis. VTT Publication 478 (2002)
Biffl, S., Lüder, A., Gerhard, D. (eds.): Multi-Disciplinary Engineering for Cyber-Physical Production Systems. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-319-56345-9
Biffl, S., Lüder, A., Winkler, D.: Multi-disciplinary engineering for Industrie 4.0: semantic challenges and needs (Chap. 2). In: Biffl, S., Sabou, M. (eds.) Semantic Web Technologies for Intelligent Engineering Applications, pp. 17–51. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-319-41490-4_2
Drath, R., Lüder, A., Peschke, J., Hundt, L.: AutomationML - the glue for seamless automation engineering. In: Proceedings of the IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), pp. 616–623 (2008)
Drath, R. (ed.): Datenaustausch in der Anlagenplanung mit AutomationML Integration von CAEX, PLCopen XML und COLLADA. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-04674-2
ElMaraghy, H.A. (ed.): Changeable and Reconfigurable Manufacturing Systems. Springer, London (2009). https://doi.org/10.1007/978-1-84882-067-8
Grawrock, G.: Dynamics of a Trusted Platform: A Building Block Approach. Intel Press, Santa Clara (2009)
Howard, M., Lipner, S.: The Security Development Lifecycle, vol. 8. Microsoft Press, Redmond (2006)
Leffingwell, D.: Scaling Software Agility: Best Practices for Large Enterprises. Pearson Education, London (2007)
Lee, E.A.: Cyber physical systems: design challenges. In: Proceedings of the 11th IEEE International Symposium on Object Oriented Real-Time Distributed Computing (ISORC), pp. 363–369. IEEE (20080
Medvidovic, N., Egyed, A., Rosenblum, D.S.: Round-trip software engineering using UML: from architecture to design and back. In: Proceedings of the 2nd International Workshop on Object-Oriented Reengineering (WOOR), pp. 1–8 (1999)
Michalos, G., Makris, S., Papakostas, P., Mourtzis, D., Chryssolouris, G.: Automotive assembly technologies review: challenges and outlook for a flexible and adaptive approach. J. Manuf. Sci. Technol. 2, 81–91 (2010)
Moser, T., Biffl, S.: Semantic tool interoperability for engineering manufacturing systems. In: Proceedings of the 15th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA) (2010)
Petersen, K., Wohlin, C., Baca, D.: The waterfall model in large-scale development. In: Bomarius, F., Oivo, M., Jaring, P., Abrahamsson, P. (eds.) PROFES 2009. LNBIP, vol. 32, pp. 386–400. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02152-7_29
Pfleeger, C.P., Pfleeger, S.L.: Security in computing. In: Prentice Hall Professional Technical Reference (2002)
Schwaber, K., Beedle, M.: Agile Software Development with Scrum, vol. 1. Prentice Hall, Upper Saddle River (2002)
Shameli-Sendi, A., Aghababaei-Barzegar, R., Cheriet, M.: Taxonomy of information security risk assessment (ISRA). Comput. Secur. 57, 14–30 (2016)
Slijepcevic, S., Potkonjak, M., Tsiatsis, V., Zimbeck, S., Srivastava, M.B.: On communication security in wireless ad-hoc sensor networks. In: Proceedings of the 11th IEEE Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE), pp. 139–144 (2002)
Trusted Computing Platform Alliance; Building A Foundation of Trust in the PC; Whitepaper (2000)
Trusted Computing Platform Alliance; Main Specification 1.1b; Trusted Computing Group 2003
Van Bulck, J., Piessens, F., Strackx, R.: Foreshadow: extracting the keys to the intel SGX kingdom with transient out-of-order execution. In: 27th USENIX Security Symposium. USENIX Association (2018)
Vyatkin, V.: Software engineering in industrial automation: state-of-the-art review. IEEE Trans. Ind. Inform. 9(3), 1234–1249 (2013)
VDI: IT-security for industrial automation – general model. VDI guideline. VDI/VDE 2182 (2011)
Winkler, D., Moser, T., Mordinyi, R., Sunindyo, W., Biffl, S.: Engineering object change management process observation in distributed automation systems projects. In: Proceedings of 18th European System & Software Process Improvement and Innovation (EuroSPI), Industrial Track, pp. 8.25–8.36 (2011)
Winkler, D., Ekaputra, F., Biffl, S.: AutomationML review support in multi-disciplinary engineering environments. In: Proceedings of the 21st International Conference on Emerging Technologies and Factory Automation (ETFA). IEEE (2016)
Winkler, D., Sabou, M., Biffl, S.: Improving quality assurance in multi-disciplinary engineering environments with semantic technologies (Chap. 8). In: Kounis, L.D. (ed.) Quality Control and Assurance – An Ancient Greek Term ReMastered, pp. 177–200. INTEC Publishing, London (2017)
Acknowledgment
The financial support by the Austrian Federal Ministry for Digital, Business and Enterprise and the National Foundation for Research, Technology and Development is gratefully acknowledged.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Winkler, D., Rinker, F., Kieseberg, P. (2019). Towards a Flexible and Secure Round-Trip-Engineering Process for Production Systems Engineering with Agile Practices. In: Winkler, D., Biffl, S., Bergsmann, J. (eds) Software Quality: The Complexity and Challenges of Software Engineering and Software Quality in the Cloud. SWQD 2019. Lecture Notes in Business Information Processing, vol 338. Springer, Cham. https://doi.org/10.1007/978-3-030-05767-1_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-05767-1_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-05766-4
Online ISBN: 978-3-030-05767-1
eBook Packages: Computer ScienceComputer Science (R0)