Skip to main content
SpringerLink
Log in
Book cover

International Conference on Software Quality

SWQD 2019: Software Quality: The Complexity and Challenges of Software Engineering and Software Quality in the Cloud pp 14–30Cite as

Towards a Flexible and Secure Round-Trip-Engineering Process for Production Systems Engineering with Agile Practices

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 338))

Abstract

In Production Systems Engineering (PSE), many projects conceptually follow the plan of traditional waterfall processes with sequential process steps and limited security activities, while engineers actually work in parallel and distributed groups following a Round-Trip-Engineering (RTE) process. Unfortunately, the applied RTE process in PSE is coarse-grained, i.e., often data are exchanged via E-Mail and integrated seldom and inefficiently as the RTE process is not well supported by methods and tools that facilitate efficient and secure data exchange. Thus, there is a need for frequent synchronization in a secure way to enable engineers building on a stable and baseline of engineering data. We build on Scrum, as an established agile engineering process, and security best practices to support flexible and secure RTE processes. In this paper, we introduce and initially evaluate an efficient and secure RTE process for PSE, augmented with agile practices, and discuss the identification and mitigation of security concerns and risks. First results show that the augmented RTE process can provide strong benefits from agile practices for the collaboration of engineers in PSE environments. Security practices can be added but need to be balanced well regarding sufficient mitigation of security risks and extra effort for engineers to ensure an overall benefit to both engineers and the management.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    See the basic RTE Use Case: http://qse.ifs.tuwien.ac.at/wp-content/uploads/1703_EN.pdf.

  2. 2.

    Agile Manifest: http://agilemanifesto.org/.

  3. 3.

    Atlassian Jira: https://www.atlassian.com/software/jira.

References

  1. Abrahamsson, P., Salo, O., Ronkainen J., Warsta J.: Agile Software Development Methods: Review and Analysis. VTT Publication 478 (2002)

    Google Scholar 

  2. Biffl, S., Lüder, A., Gerhard, D. (eds.): Multi-Disciplinary Engineering for Cyber-Physical Production Systems. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-319-56345-9

    Book  Google Scholar 

  3. Biffl, S., Lüder, A., Winkler, D.: Multi-disciplinary engineering for Industrie 4.0: semantic challenges and needs (Chap. 2). In: Biffl, S., Sabou, M. (eds.) Semantic Web Technologies for Intelligent Engineering Applications, pp. 17–51. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-319-41490-4_2

    Chapter  Google Scholar 

  4. Drath, R., Lüder, A., Peschke, J., Hundt, L.: AutomationML - the glue for seamless automation engineering. In: Proceedings of the IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), pp. 616–623 (2008)

    Google Scholar 

  5. Drath, R. (ed.): Datenaustausch in der Anlagenplanung mit AutomationML Integration von CAEX, PLCopen XML und COLLADA. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-04674-2

    Book  Google Scholar 

  6. ElMaraghy, H.A. (ed.): Changeable and Reconfigurable Manufacturing Systems. Springer, London (2009). https://doi.org/10.1007/978-1-84882-067-8

    Book  Google Scholar 

  7. Grawrock, G.: Dynamics of a Trusted Platform: A Building Block Approach. Intel Press, Santa Clara (2009)

    Google Scholar 

  8. Howard, M., Lipner, S.: The Security Development Lifecycle, vol. 8. Microsoft Press, Redmond (2006)

    Google Scholar 

  9. Leffingwell, D.: Scaling Software Agility: Best Practices for Large Enterprises. Pearson Education, London (2007)

    Google Scholar 

  10. Lee, E.A.: Cyber physical systems: design challenges. In: Proceedings of the 11th IEEE International Symposium on Object Oriented Real-Time Distributed Computing (ISORC), pp. 363–369. IEEE (20080

    Google Scholar 

  11. Medvidovic, N., Egyed, A., Rosenblum, D.S.: Round-trip software engineering using UML: from architecture to design and back. In: Proceedings of the 2nd International Workshop on Object-Oriented Reengineering (WOOR), pp. 1–8 (1999)

    Google Scholar 

  12. Michalos, G., Makris, S., Papakostas, P., Mourtzis, D., Chryssolouris, G.: Automotive assembly technologies review: challenges and outlook for a flexible and adaptive approach. J. Manuf. Sci. Technol. 2, 81–91 (2010)

    Article  Google Scholar 

  13. Moser, T., Biffl, S.: Semantic tool interoperability for engineering manufacturing systems. In: Proceedings of the 15th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA) (2010)

    Google Scholar 

  14. Petersen, K., Wohlin, C., Baca, D.: The waterfall model in large-scale development. In: Bomarius, F., Oivo, M., Jaring, P., Abrahamsson, P. (eds.) PROFES 2009. LNBIP, vol. 32, pp. 386–400. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02152-7_29

    Chapter  Google Scholar 

  15. Pfleeger, C.P., Pfleeger, S.L.: Security in computing. In: Prentice Hall Professional Technical Reference (2002)

    Google Scholar 

  16. Schwaber, K., Beedle, M.: Agile Software Development with Scrum, vol. 1. Prentice Hall, Upper Saddle River (2002)

    MATH  Google Scholar 

  17. Shameli-Sendi, A., Aghababaei-Barzegar, R., Cheriet, M.: Taxonomy of information security risk assessment (ISRA). Comput. Secur. 57, 14–30 (2016)

    Article  Google Scholar 

  18. Slijepcevic, S., Potkonjak, M., Tsiatsis, V., Zimbeck, S., Srivastava, M.B.: On communication security in wireless ad-hoc sensor networks. In: Proceedings of the 11th IEEE Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE), pp. 139–144 (2002)

    Google Scholar 

  19. Trusted Computing Platform Alliance; Building A Foundation of Trust in the PC; Whitepaper (2000)

    Google Scholar 

  20. Trusted Computing Platform Alliance; Main Specification 1.1b; Trusted Computing Group 2003

    Google Scholar 

  21. Van Bulck, J., Piessens, F., Strackx, R.: Foreshadow: extracting the keys to the intel SGX kingdom with transient out-of-order execution. In: 27th USENIX Security Symposium. USENIX Association (2018)

    Google Scholar 

  22. Vyatkin, V.: Software engineering in industrial automation: state-of-the-art review. IEEE Trans. Ind. Inform. 9(3), 1234–1249 (2013)

    Article  Google Scholar 

  23. VDI: IT-security for industrial automation – general model. VDI guideline. VDI/VDE 2182 (2011)

    Google Scholar 

  24. Winkler, D., Moser, T., Mordinyi, R., Sunindyo, W., Biffl, S.: Engineering object change management process observation in distributed automation systems projects. In: Proceedings of 18th European System & Software Process Improvement and Innovation (EuroSPI), Industrial Track, pp. 8.25–8.36 (2011)

    Google Scholar 

  25. Winkler, D., Ekaputra, F., Biffl, S.: AutomationML review support in multi-disciplinary engineering environments. In: Proceedings of the 21st International Conference on Emerging Technologies and Factory Automation (ETFA). IEEE (2016)

    Google Scholar 

  26. Winkler, D., Sabou, M., Biffl, S.: Improving quality assurance in multi-disciplinary engineering environments with semantic technologies (Chap. 8). In: Kounis, L.D. (ed.) Quality Control and Assurance – An Ancient Greek Term ReMastered, pp. 177–200. INTEC Publishing, London (2017)

    Google Scholar 

Download references

Acknowledgment

The financial support by the Austrian Federal Ministry for Digital, Business and Enterprise and the National Foundation for Research, Technology and Development is gratefully acknowledged.

Author information

Authors and Affiliations

  1. Christian Doppler Laboratory for Security and Quality Improvement in the Production System Lifecycle (CDL-SQI), Institute of Information Systems Engineering, Information and Software Engineering Group, TU Wien, Vienna, Austria

    Dietmar Winkler & Felix Rinker

  2. Institute of Information Systems Engineering, Information and Software Engineering Group, TU Wien, Vienna, Austria

    Dietmar Winkler & Felix Rinker

  3. Secure Business Austria (SBA) Research, Vienna, Austria

    Peter Kieseberg

  4. University of Applied Sciences, St. Pölten, Austria

    Peter Kieseberg

Authors
  1. Dietmar Winkler
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Felix Rinker
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Peter Kieseberg
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dietmar Winkler .

Editor information

Editors and Affiliations

  1. Vienna University of Technology, Vienna, Austria

    Dietmar Winkler

  2. Vienna University of Technology, Vienna, Austria

    Stefan Biffl

  3. Software Quality Lab GmbH, Linz, Austria

    Johannes Bergsmann

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Winkler, D., Rinker, F., Kieseberg, P. (2019). Towards a Flexible and Secure Round-Trip-Engineering Process for Production Systems Engineering with Agile Practices. In: Winkler, D., Biffl, S., Bergsmann, J. (eds) Software Quality: The Complexity and Challenges of Software Engineering and Software Quality in the Cloud. SWQD 2019. Lecture Notes in Business Information Processing, vol 338. Springer, Cham. https://doi.org/10.1007/978-3-030-05767-1_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-05767-1_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-05766-4

  • Online ISBN: 978-3-030-05767-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation