TY - JOUR AU - Geismann, Johannes AU - Bodden, Eric ID - 20507 JF - Journal of Systems and Software SN - 0164-1212 TI - A systematic literature review of model-driven security engineering for cyber–physical systems VL - 169 ER - TY - CONF AB - Faults in the realization and usage of cyber-physical systems can cause significant security issues. Attackers might exploit vulnerabilities in the physical configurations, control systems, or accessibility through internet connections. For CPS, two challenges are combined: Firstly, discipline-specific security measures should be applied. Secondly, new measures have to be created to cover interdisciplinary impacts. For instance, faulty software configurations in cyber-physical production systems (CPPS) might allow attackers to manipulate the correct control of production processes impacting the quality of end products. From liability and publicity perspective, a worst-case scenario is that such a corrupted product is delivered to a customer. In this context, security-oriented fault-tolerance in Systems Engineering (SE) requires measures to evaluate interdisciplinary system designs with regard to potential scenarios of attacks. The paper at hand contributes a conceptual threat modelling approach to cover potential attack scenarios. The approach can be used to derive both system-level and discipline-specific security solutions. As an application case, issues are focused on which attackers intend to exploit vulnerabilities in a CPPS. The goal is to support systems engineers in verification and validation tasks regarding security-oriented fault-tolerance. AU - Gräßler, Iris AU - Bodden, Eric AU - Pottebaum, Jens AU - Geismann, Johannes AU - Roesmann, Daniel ID - 23521 T2 - Advanced, Contemporary Control, Advances in Intelligent Systems and Computing TI - Security-Oriented Fault-Tolerance in Systems Engineering: A Conceptual Threat Modelling Approach for Cyber-Physical Production Systems VL - 1196 ER - TY - CONF AU - Geismann, Johannes AU - Gerking, Christopher AU - Bodden, Eric ID - 20549 KW - ITSECWEBSITE T2 - International Conference on Software and System Processes (ICSSP) TI - Towards Ensuring Security by Design in Cyber-Physical Systems Engineering Processes ER - TY - CONF AU - Geismann, Johannes ID - 20784 T2 - IEEE International Conference on Software Architecture Companion (ICSA-C 2018) TI - Traceable Threat Modeling for Safety-critical Systems ER - TY - CONF AB - Cyber-physical Systems are distributed, embedded systems that interact with their physical environment. Typically, these systems consist of several Electronic Control Units using multiple processing cores for the execution. Many systems are applied in safety-critical contexts and have to fulfill hard real-time requirements. The model-driven engineering paradigm enables system developers to consider all requirements in a systematical manner. In the software design phase, they prove the fulfillment of the requirements using model checking. When deploying the software to the executing platform, one important task is to ensure that the runtime scheduling does not violate the verified requirements by neglecting the model checking assumptions. Current model-driven approaches do not consider the problem of deriving feasible execution schedules for embedded multi-core platforms respecting hard real-time requirements. This paper extends the previous work on providing an approach for a semi-automatic synthesis of behavioral models into a deterministic real-time scheduling. We add an approach for the partitioning and mapping development tasks. This extended approach enables the utilization of parallel resources within a single ECU considering the verification assumptions by extending the open tool platform App4mc. We evaluate our approach using an example of a distributed automotive system with hard real-time requirements specified with the MechatronicUML method. AU - Geismann, Johannes AU - Höttger, Robert AU - Krawczyk, Lukas AU - Pohlmann, Uwe AU - Schmelter, David ED - Pires, Luís Ferreira ED - Hammoudi, Slimane ED - Selic, Bran ID - 20785 T2 - Model-Driven Engineering and Software Development TI - Automated Synthesis of a Real-Time Scheduling for Cyber-Physical Multi-core Systems VL - 1 ER - TY - CONF AB - Modern Cyber-physical Systems are executed in physical environments and distributed over several Electronic Control Units using multiple cores for execution. These systems perform safety-critical tasks and, therefore, have to fulfill hard real-time requirements. To face these requirements systematically, system engineers de- velop these systems model-driven and prove the fulfillment of these requirements via model checking. It is important to ensure that the runtime scheduling does not violate the verified requirements by neglecting the model checking assumptions. Currently, there is a gap in the process for model-driven approaches to derive a feasible runtime scheduling that respects these assumptions. In this paper, we present an approach for a semi- automatic synthesis of behavioral models into a deterministic scheduling that respects real-time requirements at runtime. We evaluate our approach using an example of a distributed automotive system with hard real-time requirements specified with the MechatronicUML method. AU - Geismann, Johannes AU - Pohlmann, Uwe AU - Schmelter, David ID - 20804 T2 - Proceedings of the 5th International Conference on Model-Driven Engineering and Software Development TI - Towards an Automated Synthesis of a Real-time Scheduling for Cyber-physical Multi-core Systems ER - TY - GEN AU - Schäfer, Wilhelm AU - Dziwok, Stefan AU - Pohlmann, Uwe AU - Bobolz, Jan AU - Czech, Mike AU - Dann, Andreas Peter AU - Geismann, Johannes AU - Hüwe, Marcus AU - Krieger, Arthur AU - Piskachev, Goran AU - Schubert, David AU - Wohlrab, Rebekka ID - 20832 TI - Seminar Theses of the Project Group Cybertron ER - TY - GEN AU - Geismann, Johannes ID - 20833 TI - Multi-Core Execution of Safety-Critical Component-Based Software ER - TY - CONF AB - Die Komplexität von mechatronischen Systemen wird stetig größer. MechatronicUML (MUML) ist eine Methode zur Entwicklung für Software von mechatronischen Systemen. Im Rahmen einer Bachelorarbeit wurde ein bestehender Quelltextgenerator für MUML-Modelle so erweitert, dass Quelltext für ein Echtzeitbetriebssystem generiert werden kann, welches auf einem LEGO Mindstorms-Roboter installiert ist. AU - Geismann, Johannes ID - 20831 T2 - Berichtsband der Informatiktage 2013: Smarte Sichten, smarte Schichten TI - Quelltextgenerierung für LEGO Mindstorms-Roboter VL - 12 ER -