Workshop: Functional Safety and Cybersecurity



Alexander Much, Elektrobit, Germany

Miklos Biro, SCCH, Austria

Richard Messnarz, ISCN GmbH, Austria
Definition of Functional Safety and Cybersecurity

Implementing Functional Safety and Cybersecurity of electronic systems requires a broad spectrum of skills for a thorough understanding of domain specific standards and technological advances, engineering of complex functions and countermeasures against unintended behavior both due failures and security attacks with balanced architecture decisions, usage and misuse profiles. Automotive and Medical domain scenarios will be presented and discussed. Also contributions and discussions will be included concerning “How much agile is possible in safe and cyber secure systems and software development?”.
Download the Cybersecurity Expert Judgement Workshop Results from EuroSPI2019


Workshop Program 1.9.2021

Workshop - Best Practices in Design of Systems Applying Functional Safety and Cybersecurity
09.00 - 10.30
First Experiences with the Automotive SPICE for Cybersecurity Assessment Model
Richard Messnarz, ISCN, Austria, So Norimatsu, JASPIC, Japan, Jürgen Dobaj, TU Graz, Austria, Damjan Ekert, ISCN, Austria, Georg Macher, TU Graz, Austria, Tobias Zehetner, Laura Aschbacher, ISCN, Austria
Dealing with privacy for protecting information
Xabier Larrucea, Izaskun Santamaria, Tecnalia, Spain
A Proposal for the Tailoring of AUTOSAR Coding Guidelines C++ to ISO 26262-6:2018
Ricardo Eito-Brun, Carlos III University of Madrid, Spain
10.30 - 11.00
Coffee Break
11.00 - 12.30
Asset driven ISO/SAE 21434 compliant Automotive Cybersecurity Analysis withThreatGet
Christoph Schmittner, AIT, Austria, Bernhard Schrammel, msg Plaut, Austria, Sandra König, AIT, Austria
A-SPICE for cybersecurity: Analysis and Enriched practices
Esraa Magdy, VALEO Egypt
FMEA Integration in Requirements Management as a Basis for an Automotive SPICE Level 3 Project
Ovi Bachmann, GRape GesmbH, Germany, Bernhardt Steger, ISCN GesmbH, Austria
12.30 - 14.00
Lunch Break
14.00 - 15.30
Lean integration of IT security and data privacy governance aspects into product development in agile organizations
Alexander Poth, Mario Kottke, Volkswagen AG, Germany, Kerstin Middelhauve, AUDI AG, Germany, Torsten Mahr, Volkswagen Financial Services AG, Germany, Andreas Riel, University of Grenoble Alpes, France
Cybersecurity Verification and Validation Testing in Automotive
Damjan Ekert, ISCN GesmbH, Austria, Jürgen Dobaj, Institute of Technical Informatics, Austria, Alen Salamun, Real Security, Slovenia, Georg Macher, Institute of Technical Informatics, Austria, Richard Messnarz, (ISCN GesmbH, Austria
Safety Design Strategies in Highly Autonomous Drive Level 2 – Lateral Control Decomposition Concept
Svatopluk Stolfa, Jakub Stolfa, Petr Simonik, Tomas Mrovec, Tomas Harach, Tomas Harach, Richard Messnarz, ISCN GesmbH, Austria
15.30 - 16.00
Coffee Break
16.00 - 17.00
A Compiler and Language Support for Designing Mixed-Criticality Applications
Nermin Kajtazovic, Peter Hödl, Leo Happ Botler, Siemens AG, Austria,Georg Macher, Graz University of Technology, Austria
Work on the IEEE Software Safety Standard and open questions to be addressed
Taz Daughtrey, Central University of Virginia, USA
17.15 - 18.00
Key Note 1: ASA Automotive Skills Alliance - Integrating European Blueprint Projects into a European Alliance, ACEA Petr Dolejsi, DRIVES Project, European Automobile Manufacturers Association (ACEA)
18.30 - 19.00
Buses take the delegates from the university to the Social Event at the Wine Cellar Winzer Krems
19.00 - 24.00
Wine tasting and food at a historical and famous wine cellar - Traditional wine culture along the Danube Valley


Workshop Program 2.9.2021

Workshop - Best Practices in Design of Systems Applying Functional Safety and Cybersecurity
08.00 - 08.40
08.40 - 09.00
Opening by University of Applied Sciences Krems, Dr. Deepak Dhungana, Head of Institute of Digitalisation
EuroSPI, Dr Richard Messnarz, Chair,
ECQA, Prof. Michael Reiner,
Samer Sameh, New Egypt SPI Community Joining EuroSPI
10.00 - 11.00
A Comprehensive Cybersecurity Guide and Reference Example to ISO/SAE 21434 and Automotive SPICE
Jürgen Dobaj,Georg Macher, Graz University of Technology, Austria, Damjan Ekert, Richard Messnarz, ISCN GesmbH, Austria
ODD description methods for automated driving vehicle and verifiability for safety
Masao Ito, Nilsoft, Japan
11.00 - 11.30
Coffee Break
11.30 - 12.30
Automotive Cybersecurity - Training the Future
Christoph Schmittner, Abdelkader Shaaban, AIT, Austria, Svatopluk Stolfa, Jakub Stolfa, Jan Plucar, Marek Spanyik, VSB TUO, Czech Republic, Alen Salamun, Real Secuity, Slovenia, Richard Messnarz, Damjan Ekert, ISCN GesmbH, Austria, Georg Macher, Graz University of Technology, Austria, Alexander Much, Elektrobit AG, Germany
Interactive Discussions - Panel
12.30 - 14.00
Lunch Break


Call for Papers


Please follow the following steps for submitting a paper:

  • Your thematic topic paper should comprise 10-12 pages.
  • Your paper has to be conform to the Springer CCIS format which is the same as the Lecture Notes in Computer Science (LNCS) format (please see the author guidelines of Springer)
  • The paper has to be uploaded to the EuroAsiaSPI² conference website (see below).
  • Authors of accepted papers will be asked to write a final paper of 10 to maximum 12 pages and to prepare a 20 minutes PowerPoint presentation.
  • The final paper has to be uploaded to the EuroAsiaSPI² conference website again.
  • Papers shall reference the SPI Manifesto (find relationships to values and principles or propose new values and principles to be added).

Note: To publish the paper in the proceedings the authors have to sign a copyright form and at least one of the authors has to present the paper at the conference. The paper will be published in printed form and electronically and therefore we need all source files.

Please read first the author submission guideMore...

Also see "Thematic Paper Submission for one of the 10 workshop communities" for more information

Thematic Paper Topics

  • ISO 26262 Experiences
  • IEC 61508 Experiences
  • Safety Assessments and Automotive SPICE assessments Integrated
  • New Norm Parts published in 2018
  • Design Patterns for Functional Safety
  • SOTIF - Safety of the Intended Functionality
  • SAE J3061
  • ISO 27000 Cybersecurity Norms
  • Experiences with Cybersecurity Norms
  • Specific Experiences with Attack Trees
  • Cybersecurity Concepts
  • New System and Software Architectures and Networks
  • How to create Systems adressing both Functionl Safety and Cybersecurity

Submission Dates

28.04.2021 First Thematic Paper Submission
14.05.2021 Review by International Programme Committee and Notification of Acceptance
01.06.2021 Camera Ready Version of Paper for Book
02.08.2021 Early Registration Deadline (All presenters must register, otherwise the contribution is deselected)
26.08.2021 Upload of Powerpoint Conference Presentation
30.08.2021 Free Technology Day
01.-03.09.2021 Conference

SPRINGER Book Series

EuroAsiaSPI² is publishing an annual SPRINGER book and the EuroSPI books show a total of 150000 (one hunded fifty thousand) chapter downloads. The workshop papers will form a chapter for this thematic topic in the SPRINGER book.

Additional Information

Key Contributors

Key contributions will come from European initiatives which developed best practices for traceability. However, the workshop is open to include experts who are willing to share their best practices with the community.

We invite experts to share their experiences with the EuroSPI community:

• Good tracebility practices / experiences
• Bad traceability practices / experiences
• Re-Use of traceability in "Baukasten" architectures
• Automatic generation of reports
• Environments and tools supporting traceability

Interactive Workshop Approach

Focus of interest and main questions discussed during the workshop will be:
  • Integrating a system design which covers all these norms? Examples and best practices.
  • Integrating assessment models where in one assessment all norms can be covered (in areas where there is an overlapping and synergy effect).
  • Can we implement agile in safety and security and if so, what are the best practices and/or limits?
  • What are best practices in medical device industry and what are learning effects for Automotive? What are joined embedded system problems to be solved?
  • What are best practices in Automotive industry and what are learning effects for the medical device industry? What are joined embedded system problems to be solved?
Each presentation will be discussed towards these main topics of interest. A panel discussion at the end shall come up with a summary of the solutions presented and with new research topics to focus on to solve this integrated approach (work for next year to meet at next EuroAsiaSPI and share again).