LieberLieber and AIT: A strong team

LieberLieber, as industry partner for VALU3S, is again working closely with AIT Austrian Institute of Technology, with whom the cyber security product THREATGET was presented in 2019. It supports developers in identifying threats at an early stage and in being able to quickly assess the associated risks. Robert Sicher, LieberLieber’s coordinator of this EU project, comments: “We are pleased to be able to build on our long-standing and successful cooperation with AIT in the field of cyber security. This time, the aim is to help companies developing automated systems to accelerate the important V&V step in terms of security and privacy requirements. We will bring our rich industry experience to bear in order to produce practical, well-founded and rapidly applicable tools, concepts and processes”.

Willibald Krenn, Thematic Coordinator for the Dependable Systems Engineering research focus at the AIT Center for Digital Safety & Security, confirms that AIT is also very pleased with the new project: “We are pleased to be able to continue and deepen our cooperation with LieberLieber in the field of automated verification of highly complex systems. The development of increasingly complex systems, for example AI-based, makes new tools for the verification of security and reliability indispensable.  In Valu3S, we are contributing many years of know-how in this field to ensure that automated verification is efficient enough to cope with future highly complex and autonomous systems”.

13 practical test cases in six industry fields

VALU3S will cover V&V of automated systems in six different areas: Automotive, agriculture, railways, healthcare, aerospace and industrial robotics. For a V&V process, detailed test cases as well as requirement specifications have to be defined over different situations. It is a particular challenge to find suitable test cases that are also representative for real world scenarios. As this step contributes significantly to the time, cost and effort required for the process, industrial partners like LieberLieber, who are familiar with the practical scenarios, are in demand here. “In order to find suitable test cases, interviews with stakeholders in different areas will be conducted to identify frequently used scenarios. The experience of the industry partners will also be very useful in this process, in order to be able to clearly describe the gaps between the current process and the process to be aimed at,” says Sicher.

Intended benefits of VALU3S

The impact of VALU3S is not limited to direct technological and economic factors, but the project also has indirect effects on political, legal, environmental and social improvements. For example, the tasks of safety officers, system integrators, auditors, system engineers, etc. can be revised on the basis of the results. The influence in the field of standardisation is also important, as the results will be incorporated into various areas such as security and data protection as well as trade regulations and policies. “Like LieberLieber, many other project participants are building on experience gained in previous EU or industry projects. This will ensure that the latest V&V methods and tools are designed and evaluated. In this way, we want to achieve optimum time and cost savings for European industry in the increasingly important future verification and validation of the security and data protection requirements of automated systems,” concluded Sicher.

Cyber security through THREATGET

In February 2019, the EU launched a Cybersecurity Initiative to move Europe forward in this critical area. And just a short time later, THREATGET, an Austrian product jointly developed by the AIT Austrian Institute of Technology and LieberLieber, was launched. It supports developers in identifying threats at an early stage and in being able to quickly assess the associated risks.

In the context of a rapidly growing security engineering industry, THREATGET addresses the target group of vehicle manufacturers and all companies that analyse vehicle architectures and systems (e.g. TÜV), as well as people in the automotive training environment.

ThreatGet

• Automated Security Assessment

• Extensible Model Library

• Automated Suggestion of Mitigations

• Automated Threat Intelligence Updates