Abstract
Providing Complex Cyber-Physical Systems (C-CPSs) more efficiently and faster is a goal that requires improvements in engineering process for producing high-quality, advanced engineering artifacts. Furthermore, information security must be a top priority when engineering C-CPSs as the engineering artifacts represent assets of high value.
This chapter overviews the engineering process of C-CPSs, typically long-running technical systems, such as industrial manufacturing systems and continuous processing systems. This chapter also covers major areas of requirements that include: (a) processes with intensive generation of engineering artifacts; (b) challenges regarding dependencies and complexity of engineering artifacts, stemming from variants of a product and the associated production process for a family of products; (c) management of model and consistency rules for dependencies between model parts; (d) the internationalization of the engineering process with partners on different levels of trust; and (e) the security of the engineering processes, such as confidentiality of engineering plans, and the security of the systems to be engineered, such as security aspects in the design phase.
For selected requirement areas, the chapter discusses several approaches for quality improvement from business informatics that addresses important classes of requirements, but introduces new complexity to the engineering process. Therefore, the chapter reviews information security improvement approaches for engineering processes, including the consideration of new security requirements stemming from risks introduced by advanced informatics solutions. Finally, the chapter provides an overview on the book parts and the contributions of the chapters to address advanced engineering process requirements.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Abowd, P., Hörmann, K., Vanamali, B., Wall, D., & Schnetzer, S. (2018). Automotive spice essentials: Automotive spice v3.1 – at a glance. Kugler Maag.
Axelsson, J., & Skoglund, M. (2016). Quality assurance in software ecosystems: A systematic literature mapping and research agenda. JSS, 114, 69–81.
Beth, M., Chrissis, B., & Konrad, M. (2011). CMMI for development: Guidelines for process integration and product improvement. Boston, MA: Addison Wesley.
Biffl, S., Gerhard, D., & Lüder, A. (2017a). Introduction to the multi-disciplinary engineering for cyber-physical production systems. In Multi-disciplinary engineering for cyber-physical production systems (pp. 1–24). Cham: Springer.
Biffl, S., Lüder, A., & Gerhard, D. (Eds.). (2017b). Multi-disciplinary engineering for cyber-physical production systems – Data models and software solutions for handling complex engineering projects. Cham: Springer.
Borky, J. M., & Bradley, T. H. (2018). Effective model based systems engineering. Cham: Springer.
Bosch, J. (2009, August). From software product lines to software ecosystems. In Proceedings of the 13th international software product line conference (pp. 111–119). Pittsburgh: Carnegie Mellon University.
Brambilla, M., Cabot, J., & Wimmer, M. (2017). Model-driven software engineering in practice. Synthesis Lectures on Software Engineering, 3(1), 1–207.
Deming, W. E. (1986). Out of the crisis. Cambridge, MA: MIT Press.
Deming, W. E. (1993). The new economics. Cambridge, MA: MIT Press.
Dragos, Inc. (2018). Industrial control vulnerabilities: 2017 in review (Technical report). Hanover, MD: Dragos. https://dragos.com/media/2017-Review-Industrial-Control-Vulnerabilities.pdf.
Eckhart, M., & Ekelhart, A. (2018a, May). Towards security-aware virtual environments for digital twins. In Proceedings of the 4th ACM workshop on cyber-physical system security (pp. 61–72). ACM.
Eckhart, M., & Ekelhart, A. (2018b). Securing cyber-physical systems through digital twins. ERCIM NEWS, 115, 22–23.
Foehr, M., Jäger, T., Turrin, C., Petrali, P., & Pagani, A. (2013). Methodology for consideration of product quality within factory automation engineering. In 2013 IEEE international conference on industrial technology (ICIT) (pp. 1333–1338). Cape Town.
Gilb, T. (2005). Competitive engineering: A handbook for systems engineering, requirements engineering, and software engineering using Planguage. Amsterdam: Elsevier.
Gruhn, V., Gries, S., Hesenius, M., Ollesch, J., Ur Rehmann, S., Schwenzfeier, N., Wahl, C., & Wessling, F. (2017). Engineering cyber-physical systems, within H. Fujita, A. Selamat, S. Omatu, new trends in intelligent software – Methodologies, tools, and techniques. In Proceedings of 16th SoMeT. Amsterdam: IOS Press.
Hahn, A. (2016). Operational technology and information technology in industrial control systems. In Cyber-security of SCADA and other industrial control systems (pp. 51–68). Cham: Springer.
Howard, M., & Lipner, S. (2006). The security development lifecycle (Vol. 8). Redmond: Microsoft Press.
Hoyle, D. (2017). ISO 9000 quality systems handbook-updated for the ISO 9001:2015 standard. In Increasing the quality of an organization’s outputs. Abingdon: Taylor & Francis.
Hundt, L., & Lüder, A. (2012, September). Development of a method for the implementation of interoperable tool chains applying mechatronical thinking—use case engineering of logic control. In Emerging technologies & factory automation (ETFA), 2012 IEEE 17th conference (pp. 1–8). IEEE.
ISO 9000:2015. (2015). Quality management systems – Fundamentals and vocabulary.
ISO/IEC 25000:2014. (2014). Systems and software engineering – Systems and software quality requirements and evaluation (SQuaRE) – Guide to SQuaRE.
Kagermann, H., Helbig, J., Hellinger, A., &Wahlster, W. (2013). Recommendations for implementing the strategic initiative INDUSTRIE 4.0: Securing the future of German manufacturing industry. Final report of the Industrie 4.0 working group, Forschungsunion.
Kaner, C., Falk, J., & Nguyen, H. Q. (1999). Testing computer software. Hoboken, NJ: Wiley.
Kenett, R. S., Ruggeri, F., & Faltin, F. W. (2018). Analytic methods in systems and software testing. Hoboken, NJ: Wiley.
Kieseberg, P., & Weippl, E. (2018). Security challenges in cyber-physical production systems. In International conference on software quality (pp. 3–16). Cham: Springer.
Laporte, C. Y., & April, A. (2018). Software quality assurance. Hoboken, NJ: Wiley.
Lee, E. A. (2008). Cyber physical systems: Design challenges. In 11th IEEE symposium on object oriented real-time distributed computing (ISORC) (pp. 363–369). IEEE.
Lee, R. M., Assante, M. J., & Conway, T. (2014). German steel mill cyber attack. Industrial Control Systems, 30, 62.
Lindemann, U. (2007). Methodische Entwicklung technischer Produkte. Berlin: Springer.
Lüder, A., Schmidt, N., Hell, K., Röpke, H., & Zawisza, J. (2017a). Fundamentals of artifact reuse in CPPS. In Multi-disciplinary engineering for cyber-physical production systems: Data models and software solutions for handling complex engineering projects (pp. S113–S138). Cham: Springer.
Lüder, A., Schmidt, N., Hell, K., Röpke, H., & Zawisza, J. (2017b). Identification of artifacts in life cycle phases of CPPS. In Multi-disciplinary engineering for cyber-physical production systems: Data models and software solutions for handling complex engineering projects (pp. S139–S167). Cham: Springer.
Lüder, A., Schmidt, N., Hell, K., Röpke, H., & Zawisza, J. (2017c). Description means for information artifacts throughout the life cycle of CPPS. In Multi-disciplinary engineering for cyber-physical production systems: Data models and software solutions for handling complex engineering projects (pp. S169–S183). Cham: Springer.
Lunze, J. (2016). Automatisierungstechnik – Methoden für die Überwachung und Steuerung kontinuierlicher und ereignisdiskreter Systeme. De Gruyter Studium.
Macaulay, T., & Singer, B. L. (2016). Cybersecurity for industrial control systems: SCADA, DCS, PLC, HMI, and SIS. Abingdon: Auerbach.
McGraw, G. (2004). Software security. IEEE Security & Privacy, 2(2), 80–83.
McGraw, G. (2006). Software security: Building security in (Vol. 1). Boston, MA: Addison-Wesley.
McLaughlin, S., Konstantinou, C., Wang, X., Davi, L., Sadeghi, A. R., Maniatakos, M., & Karri, R. (2016). The cybersecurity landscape in industrial control systems. Proceedings of the IEEE, 104(5), 1039–1057.
Monostori, L. (2014). Cyber-physical production systems: Roots, expectations and R&D challenges. In Proceedings of the 47th CIRP conference on manufacturing; systems, procedia CIRP (Vol. 17, pp. 9–13).
Myers, G. J., & Sandler, C. (1979). The art of software testing. Hoboken, NJ: Wiley.
Ning, J., Chen, Z., & Liu, G. (2010, August). PDCA process application in the continuous improvement of software quality. In Computer, mechatronics, control and electronic engineering (CMCE), 2010 international conference (Vol. 1, pp. 61–65). IEEE.
Radmand, P., Talevski, A., Petersen, S., & Carlsen, S. (2010). Taxonomy of wireless sensor network cyber security attacks in the oil and gas industries. In Advanced information networking and applications (AINA), 2010 24th IEEE international conference (pp. 949–957). IEEE.
Schleipen, M., Lüder, A., Sauer, O., Flatt, H., & Jasperneite, J. (2015). Requirements and concept for plug-and-work. Automatisierungstechnik, 63(10), 801–820.
Schmittner, C., Ma, Z., & Schoitsch, E. (2015). Combined safety and security development lifecycle. In Industrial informatics (INDIN), 2015 IEEE 13th international conference (pp. 1408–1415). IEEE.
Schnieder, E. (1999). Methoden der Automatisierung. Braunschweig: Vieweg.
Slay, J., & Miller, M. (2008). Lessons learned from the Maroochywater breach. In International conference on critical infrastructure protection (pp. 73–82). Boston, MA: Springer.
Sokovic, M., Pavletic, D., & Pipan, K. K. (2010). Quality improvement methodologies–PDCA cycle, RADAR matrix, DMAIC and DFSS. Journal of Achievements in Materials and Manufacturing Engineering, 43(1), 476–483.
Stouffer, K., Pillitteri, V., Lightman, S., Abrams, M., & Hahn, A. (2015). Guide to Industrial Control Systems (ICS) security. NIST Special Publication, 800(82). http://dx.doi.org/10.6028/NIST.SP.800-82r2.
Strahilov, A., & Hämmerle, H. (2017). Engineering workflow and software tool chains of automated production systems. In S. Biffl, A. Lüder, & D. Gerhard (Eds.), Multi-disciplinary engineering for cyber-physical production systems – Data models and software solutions for handling complex engineering projects (pp. 207–234). Cham: Springer.
Tian, J. (2005). Software quality engineering: Testing, quality assurance, and quantifiable improvement. Hoboken, NJ: Wiley.
Ullrich, J., Voyiatzis, A. G., & Weippl, E. R. (2016). Secure cyber-physical production systems: Solid steps towards realization. In Cyber-physical production systems (CPPS), 2016 1st international workshop (pp. 1–4). IEEE.
VDI Richtlinie 3695. (2009). Engineering von Anlagen – Evaluieren und optimieren des Engineerings. Berlin: Beuth.
VereinDeutscherIngenieure. (2004). VDI-Richtlinie 2206 – Entwicklungsmethodik für mechatronische Systeme. Düsseldorf: Beuth.
Wagner, S. (2007). Cost-optimisation of analytical software quality assurance. Munich: Technical University Munich.
Weippl, E., & Kieseberg, P. (2017). Security in cyber-physical production systems: A roadmap to improving IT-security in the production system lifecycle. In AEIT international annual conference (pp. 1–6). IEEE.
Whittle, J., Hutchinson, J., & Rouncefield, M. (2019). Model-driven development – A practical approach. Abingdon: Routledge.
Zanero, S. (2017, April). Cyber-physical systems. Computer, 50(4), 14–16.
Zhu, Y.-M. (2016). Software reading techniques: Twenty techniques for more effective software review and inspection. New York: Apress.
Acknowledgments
The financial support by the Christian Doppler Research Association, the Austrian Federal Ministry for Digital and Economic Affairs, and the National Foundation for Research, Technology, and Development is gratefully acknowledged.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Biffl, S., Eckhart, M., Lüder, A., Weippl, E. (2019). Introduction to Security and Quality Improvement in Complex Cyber-Physical Systems Engineering. In: Biffl, S., Eckhart, M., Lüder, A., Weippl, E. (eds) Security and Quality in Cyber-Physical Systems Engineering. Springer, Cham. https://doi.org/10.1007/978-3-030-25312-7_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-25312-7_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-25311-0
Online ISBN: 978-3-030-25312-7
eBook Packages: Computer ScienceComputer Science (R0)