Linked Knowledge Nuggets: arrow_forward "Fo(u)rces of Cybersecurity Engineering"
personAuthor: Timo Karasch,
Florian Schmitt
Cybersecurity Goals, Controls, Requirements and Threats are important forces for cybersecurity engineering. It is nearly impossible to separate them in a timely manner. In fact, they influence each other during definition.
This webinar gives a simple example of the interaction of these four forces and addresses the consistency to existing standards in Cybersecurity (ISO 21434 and Automotive SPICE for Cybersecurity). It shows a possible approach for implementation in your organization.
school
Webinar recording and slides
arrow_forward "Testmanagement"
personAuthor: Process Fellows
Test Management ensures that testing activities are strategically planned, monitored, and evaluated across all development phases. From unit tests to system-level integration, this cross-cutting discipline defines methods, tools, documents, and roles to ensure traceable and efficient verification and validation.
school
PF_Testmanagement_Extract.pdf Short Overview of Test Management (related to all Automotive SPICE® verification processes)
arrow_forward "Verification level vs. Verification timepoint"
personAuthor: Process Fellows
The execution of a verification measure is not necessarily linked to the verification time point.
It is possible that a verification measure from SWE.6 is carried out as part of the verification of the SW component and integration verrifcation if the setup or the environment is better suited to this.
However, it remains a verification of the SW requirements.
The decisive factor is what a verification measure is derived from.
However, it is important to ensure that this verification measure is included in and part of the report and in the summary of the SW verification.
Pay attention to the sequences and dependencies to be followed.
# PROCESS PURPOSE
The purpose is to confirm that the implementation of the design and (Integration = A process of combining items to larger items up to an overall system.) of the components comply with the cybersecurity (Requirement = A property or capability that must be achieved or possessed by a system, system item, product or service to satisfy a contract, standard, specification or other formally imposed documents.), the refined architectural design and detailed design.
# PROCESS OUTCOMES
O1
Risk treatment (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measures are developed.
O2 (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measures are selected according to the release scope.
O3
The implementation of the design and the (Integration = A process of combining items to larger items up to an overall system.) of the components is verified. (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) results are recorded.
O4 (Consistency = Consistency addresses content and semantics and ensures that work products are not in contradiction to each other. Consistency is supported by bidirectional traceability.) and bidirectional (Traceability = The degree to which a relationship can be established between two or more products of the development process, especially products having a predecessor-successor or master-subordinate relationship to one another.) are established between the risk treatment (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measures and the cybersecurity (Requirement = A property or capability that must be achieved or possessed by a system, system item, product or service to satisfy a contract, standard, specification or other formally imposed documents.), as well as between the risk treatment (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measures and the refined architectural design, detailed design and (Software unit = Software unit in design and implementation-oriented processes:
As a result of the decomposition of a software component, the software is decomposed into software units which are a representation of a software element, which is decided not to be further subdivided and that is a part of a software component at the lowest level, in a conceptual model
Software unit in verification-oriented processes:
An implemented SW unit under verification is represented e.g., as source code files, or an object file.). Bidirectional (Traceability = The degree to which a relationship can be established between two or more products of the development process, especially products having a predecessor-successor or master-subordinate relationship to one another.) is established between the (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) results and the risk treatment (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measures.
O5
The results of the risk treatment (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) are summarized and communicated to all affected parties.
Specify risk treatment (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measures suitable to provide evidence of compliance of the implementation with the cybersecurity (Requirement = A property or capability that must be achieved or possessed by a system, system item, product or service to satisfy a contract, standard, specification or other formally imposed documents.) and the refined architectural design and detailed design.
Note 1: The risk treatment (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) may provide objective evidence that the outputs of a particular phase of the (System = A collection of interacting items organized to accomplish a specific function or set of functions within a specific environment.), (Software = Computer programs, procedures, and possibly associated documentation and data pertaining to the operation of a computer system.) and (Hardware = Physical equipment used to process, store, or transmit computer programs or data.) development life cycle (e.g., (Requirement = A property or capability that must be achieved or possessed by a system, system item, product or service to satisfy a contract, standard, specification or other formally imposed documents.), design, implementation, (Testing = Activity in which an item (system, hardware, or software) is executed under specific conditions; and the results are recorded, summarized and communicated.)) meet the specified (Requirement = A property or capability that must be achieved or possessed by a system, system item, product or service to satisfy a contract, standard, specification or other formally imposed documents.) for that phase.
Note 2: The risk treatment (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measures may further include a check for any unspecified functionality, dynamic (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) of control flow and data flow, and (Static analysis = A process of evaluating an item based on its form, structure, content or documentation.) focusing on security (Coding = The transforming of logic and data from design specifications (design descriptions) into programming language.) standards.
Note 3: The risk treatment (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) methods and techniques may include network tests simulating attacks (non-authorized commands, signals with wrong hash key, flooding the connection with messages, etc.), and simulating brute force attacks.
Note 4: The risk treatment (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) methods and techniques may also include audits, review, and other techniques.
Note 5: Methods of deriving test cases for (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measures may include generation and analysis of equivalence classes, boundary values analysis, and/or (Error = The difference between a computed, observed, or measured value or condition and the true, specified, or theoretically correct value or condition.) guessing based on knowledge or experience.
Systems Engineering aligned with Safety, Security and SPICE
- from a practical point of view
Sponsored
Unclear requirements, missing traceability, and an unstructured architecture can be costly, which is why our training “Systems Engineering aligned with Safety, Security and SPICE – from a practical point of view” demonstrates how structured methods and clear processes enable efficient system development.
Document the selection of (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measures considering selection criteria including criteria for regression (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.). The documented selection of (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measures shall have sufficient coverage according to the release scope.
Note 6: Examples for selection criteria can be prioritization of (Requirement = A property or capability that must be achieved or possessed by a system, system item, product or service to satisfy a contract, standard, specification or other formally imposed documents.), continuous development, the need for regression (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) (due to e.g., changes to the (Software = Computer programs, procedures, and possibly associated documentation and data pertaining to the operation of a computer system.) (Requirement = A property or capability that must be achieved or possessed by a system, system item, product or service to satisfy a contract, standard, specification or other formally imposed documents.)), or the intended use of the delivered product release (test bench, test track, public road etc.).
Verify the implementation of the design and component (Integration = A process of combining items to larger items up to an overall system.) using the selected risk treatment (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measures. Record the risk treatment (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) results including pass/fail status and corresponding (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measure data.
Note 7: See SUP.9 for handling (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) results that deviate from expected results.
BP4
Ensure consistency and establish bidirectional traceability. (
O4 )
Ensure (Consistency = Consistency addresses content and semantics and ensures that work products are not in contradiction to each other. Consistency is supported by bidirectional traceability.) and establish bidirectional (Traceability = The degree to which a relationship can be established between two or more products of the development process, especially products having a predecessor-successor or master-subordinate relationship to one another.) between the risk treatment (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measures and the cybersecurity (Requirement = A property or capability that must be achieved or possessed by a system, system item, product or service to satisfy a contract, standard, specification or other formally imposed documents.). Ensure (Consistency = Consistency addresses content and semantics and ensures that work products are not in contradiction to each other. Consistency is supported by bidirectional traceability.) and establish bidirectional (Traceability = The degree to which a relationship can be established between two or more products of the development process, especially products having a predecessor-successor or master-subordinate relationship to one another.) between the risk treatment (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measures and the refined architectural design, detailed design and (Software unit = Software unit in design and implementation-oriented processes:
As a result of the decomposition of a software component, the software is decomposed into software units which are a representation of a software element, which is decided not to be further subdivided and that is a part of a software component at the lowest level, in a conceptual model
Software unit in verification-oriented processes:
An implemented SW unit under verification is represented e.g., as source code files, or an object file.). Establish bidirectional (Traceability = The degree to which a relationship can be established between two or more products of the development process, especially products having a predecessor-successor or master-subordinate relationship to one another.) between the (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) results and risk treatment (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measures.
Note 8: Bidirectional (Traceability = The degree to which a relationship can be established between two or more products of the development process, especially products having a predecessor-successor or master-subordinate relationship to one another.) supports (Consistency = Consistency addresses content and semantics and ensures that work products are not in contradiction to each other. Consistency is supported by bidirectional traceability.), facilitates impact analysis, and supports demonstration of (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) coverage. (Traceability = The degree to which a relationship can be established between two or more products of the development process, especially products having a predecessor-successor or master-subordinate relationship to one another.) alone, e.g., the existence of links, does not necessarily mean that the information is consistent.
Linked Knowledge Nuggets: arrow_forward "Archiving test results"
personAuthor: Process Fellows
Don’t lose your evidence. With perspective to testing, SUP.8.BP1 in combination with SUP.8.BP8 expects structured storage of test logs, verdicts, anomalies, and configuration info. This is not only a formality: It enables you to later on reproduce details about a certain system version.
arrow_forward "Consistency vs. Traceability – What’s the Difference?"
personAuthor: Process Fellows
Consistency ensures that related content doesn’t contradict itself – e.g., requirements align with architecture and test. Traceability, in contrast, is about links: can you follow a requirement through to implementation and verification? Both are needed – consistency builds trust, traceability enables control. Typically, traceability strongly supports consistency review.
arrow_forward "The role of traceability in risk control"
personAuthor: Process Fellows
Traceability isn’t just about completeness — it’s about managing impact. When a requirement changes, trace links tell you what’s affected. That’s your early-warning system.
arrow_forward "The true benefit of traceability
"
personAuthor: Process Fellows
Sometimes the creation of traceability is seen as an additional expense, the benefits are not recognized.
Traceability should be set up at the same time as the derived elements are created. Both work products are open in front of us and the creation of the trace often only takes a few moments.
In the aftermath, the effort increases noticeably and the risk of gaps is high.
If the traceability is complete and consistent, the discovery of dependencies is unbeatably fast and reliable compared to searching for dependencies at a later stage, when there may also be time pressure.
It also enables proof of complete coverage of the derived elements and allows the complete consistency check.
BP5
Summarize and communicate results. (
O5 )
Summarize the risk treatment (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) results and communicate them to all affected parties.
Note 9: Providing all necessary information from the risk treatment (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) execution in a summary enables other parties to judge the consequences.
# OUTPUT INFORMATION ITEMS
13-52
Communication Evidence (
O5 )
All forms of interpersonal communication such as:
e-mails, also automatically generated ones
tool-supported workflows
meeting, verbally or via meeting minutes (e.g. daily standups)
podcast
blog
videos
forum
live chat
wikis
photo protocol
Used by these processes:
SEC.1 Cybersecurity Requirements Elicitation
SEC.2 Cybersecurity Implementation
SEC.3 Risk Treatment Verification
SEC.4 Risk Treatment Validation
Used by these process attributes:
PA2.1 Performance Management
13-51
Consistency Evidence (
O4 )
Demonstrates bidirectional (Traceability = The degree to which a relationship can be established between two or more products of the development process, especially products having a predecessor-successor or master-subordinate relationship to one another.) between artifacts or information in artifacts, throughout all phases of the life cycle, by e.g.:
tool links
hyperlinks
editorial references
naming conventions
Evidence that the content of the referenced or mapped information coheres semantically along the (Traceability = The degree to which a relationship can be established between two or more products of the development process, especially products having a predecessor-successor or master-subordinate relationship to one another.) chain, e.g., by
performing pair working or group work
reviewing by peers, e.g., spot checks
maintaining revision history in documents
providing change commenting (via e.g., meta-information) of database or repository entries
Note: This evidence can be accompanied by e.g., Definition of Done (DoD) approaches.
Used by these processes:
SEC.1 Cybersecurity Requirements Elicitation
SEC.2 Cybersecurity Implementation
SEC.3 Risk Treatment Verification
SEC.4 Risk Treatment Validation
08-60
Verification Measure (
O1 )
A (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measure can be a test case, a measurement, a calculation, a simulation, a review, an optical inspection, or an analysis
The specification of a (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measure includes:
pass/fail criteria for (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measures (test completion and ending criteria)
a definition of entry and exit criteria for the (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measures, and abort and re-start criteria
Techniques (e.g. black-box and/or white-box- (Testing = Activity in which an item (system, hardware, or software) is executed under specific conditions; and the results are recorded, summarized and communicated.), equivalence classes and boundary values, (Fault = A manifestation of an error in software.) injection for Functional Safety, penetration (Testing = Activity in which an item (system, hardware, or software) is executed under specific conditions; and the results are recorded, summarized and communicated.) for Cybersecurity, back-to-back (Testing = Activity in which an item (system, hardware, or software) is executed under specific conditions; and the results are recorded, summarized and communicated.) for model-based development, ICT)
Necessary (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) environment & infrastructure
Necessary sequence or ordering
Used by these processes:
SEC.3 Risk Treatment Verification
03-50
Verification Measure Data (
O3 )
(Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measure data are data recorded during the execution of a (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measure, e.g.:
for test cases: raw data, logs, traces, tool generated outputs
measurements: values
calculations: values
simulations: protocol
reviews such as optical inspections and findings record
analyses: values
Used by these processes:
SEC.3 Risk Treatment Verification
08-58
Verification Measure Selection Set (
O2 )
Include criteria for re- (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) in the case of changes (regression)
Identification of (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measures, also for (Regression testing = Selective retesting of a system or item to verify that modifications have not caused unintended effects and that the system or item still complies with its specified requirements.)
Used by these processes:
SEC.3 Risk Treatment Verification
15-52
Verification Results (
O3 )
(Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) data and logs
(Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measure passed
(Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measure not passed
(Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) measure not executed
Information about the test execution (date, tester name etc.)
Abstraction or summary of (Verification = Verification is confirmation, through the provision of objective evidence, that specified requirements have been fulfilled in a given work item.) results
SEC.3
Risk Treatment Verification
