Programme 2017


Day 1 | 9 October 2017Day 2 | 10 October 2017Day 3 | 11 October 2017
9.00 – 9.30

Reception with coffee and tea

9.30 – 10.00

Welcome by the chair and introduction to the topic

Prof. Dr Dr h.c. Manfred BroyProf. Dr Dr h.c. Manfred Broy
Ordinarius Software & Systems Engineering
Technical University Munich, Informatics Institute

Introduction

10.00 – 10.30

The most frustrating functional safety misconceptions – and how to counter them

  • Typical misconceptions that are still around us
    • “My sensor is ASIL C.”
    • “This is a safety relevant product, so everything needs to be redundant.”
    • “I don’t care about functional safety, that’s your job!”
    • Etc.
  • Counter-arguments for daily use

Dr Pierre Metz Adam Schnellbach

Dr Pierre Metz, Organisational Safety Manager, Brose Fahrzeugteile GmbH & Co. KG
Adam Schnellbach, Lead Engineer Safety Methods and Analysis, AVL LIST GMBH

10.30 – 10.45

Q&A / discussion

10.45 – 11.15

Introduction into part 11 of ISO DIS 26262: Guideline for semiconductors

  • A short overview
  • Highlights of part 11

Carsten GebauerCarsten Gebauer
Senior Expert, Bosch Center of Competence „Functional Safety“
Robert Bosch GmbH

11.15 – 11.45

Coffee break

Automated driving

11.45 – 12.15

Development Process for Systematic Test and Validation of Automated Driving Demonstrated by an Automated Lane Change

  • Design and functional validation on basis of pre-defined scenarios
  • Stochastic test generation using microscopic traffic flow simulation
  • Consideration of human factors for functional validation

Prof. Arno EichbergerProf. Arno Eichberger
Institute of Automotive Engineering
University of Technology Graz

12.15 – 12.45

Safe perception of the vehicle environment for automated driving

  • Current status of research within BMWI-project “Autoconstruct”
  • Challenges with regard to functional safety and SOTIF
  • Current questions and potential approaches for solutions

Heiko EhrichHeiko Ehrich
Line Manger, Electronic Systems & Car IT
TÜV NORD Mobilität GmbH & Co. KG

12.45 – 13.00

Q&A and discussion

13.00 – 14.00

Lunch

14.00 – 14.30

Formally Verifying Safety Properties of a Highly Automated Driving Function

  • Challenge: validate a distributed safety concept before implementation is available
  • Approach: formalize safety requirements and use model checker
  • Case study: activation/deactivation logic for highly automated driving function
  • Result: increased confidence, reduced testing effort

Dr Klaus WinkelmannDr Klaus Winkelmann
Functional Safety Professional
iQmine GmbH

14.30 – 15.00

Predictable and safe SW integration for the next generation ADAS and Autonomous Driving platforms

  • Trend: massive ECU consolidation leads to multi-domain, mixed-criticality ECUs with multiple virtualized RTOSs (AR Classic, Linux, QNX, etc. towards AR Adaptive) running on new 64-bit ARM and Intel cores
  • Challenge: SW integration becomes a cross-domain discipline with new requirements to run-time flexibility and the after-SOP integration of “untrusted” applications
  • Solution: cross-domain SW architecture expert teams, modern build and QA/CI systems, effective use of separation kernels / hypervisors to meet safety requirements
  • Presentation: lessons learned from recent ADAS and autonomous driving projects, plus outlook into Autosar Adaptive

Dr Kai RichterDr Kai Richter
Senior Technical Director
Luxoft

15.00 – 15.30

Coffee break

15.30 – 16.00

The role and evolution of Safety MCUs in High-Available and Fault-Tolerant Functional Safety Architectures

  • Outlook into to highly integrated MCU safety architectures: many core architectures
  • Mixed-criticality functions
  • From functional redundancies to high available operation, opportunities and challenges
  • New opportunities for safety computation up to ASIL D

Antonio VilelaAntonio Vilela
Lead Principal Functional Safety Concept
Infineon Technologies AG

Legal Aspects

16.00 – 16.30

The legal impact of ISO 26262

  • Why is ISO 26262 not just a technical standard?
  • Appropriately considering functional safety during contract negotiations
  • Employee’s personal liability
  • First cases pending at court?

Andreas ReuterAndreas Reuter
former Syndikus Corporate Legal Services
Robert Bosch GmbH

17.30

At the end of the first conference day we invite you to a dinner. Enjoy the relaxed atmosphere and get spoilt with fine food and drinks at our Networking Night 2017!

9.00 – 9.30

Reception with coffee and tea

9.30 – 10.00

Welcome and summary of the previous day by the chair

Prof. Dr Dr h.c. Manfred BroyProf. Dr Dr h.c. Manfred Broy

Cybersecurity as it relates to safety

10.00 – 10.30

Cybersecurity of Automated and Connected Vehicles

  • Reference Architecture Model Automotive (RAMA)
  • Assets, Attacks and Security Objectives
  • “Security Live Cycle”
  • Tracking of Vehicles based on Secondary Vehicle Identifiers

Prof. Dipl.-Ing. Markus UllmannProf. Dipl.-Ing. Markus Ullmann
Head of Division D14 “Technologische Grundlagen sicherer elektronischer Identitäten, Chipsicherheit”
Bundesamt für Sicherheit in der Informationstechnik (BSI)

10.30 – 11.00

Security aspects, J3061 and the link to safety

  • How is the automotive industry addressing cybersecurity?
  • Overview of SAE J3061
  • Outlook on the joint ISO/SAE cybersecurity standard
  • How do safety and security work together?

Dr David WardDr David Ward
Head of Functional Safety
HORIBA MIRA Ltd.

11.00 – 11.15

Q&A and discussion

11.15 – 11.45

Coffee break

11.45 – 12.15

SAE J3061 – An approach to combine safety and security?

  • Cybersecurity and its aspects
  • How cyber attacks can affect safety inside a car
  • Challenges to be covered by future standards

Marcus RauMarcus Rau
Global Operations Manager Competence Center for Functional Safety & Cyber Security
SGS-TÜV Saar GmbH

12.15 – 12.45

Adapting Common Criteria to make Cybersecurity an integral part of functional safety

  • Security – An inevitable attribute of Safety
  • Essentials of Common Criteria a.k.a ISO/IEC 15408
  • Integrating Security Functional components from Common
  • Criteria into Safety Development Life cycle

Janagarajan RadhakrishnanJanagarajan Radhakrishnan
Functional Safety Manager
TATA EL XSI

12.45 – 13.00

Q&A and discussion

13.00 – 14.00

Lunch

14.00 – 14.30

Satisfying Safety and Security Requirements by Static Code Analysis

  • Examples of safety-relevant versus security-relevant programming defects
  • Similarities and differences of safety and security requirements at the programming level
  • Applying sound static analysis to demonstrate safety and security properties
  • Achieving data safety: idenfying the impact of potentially corrupted input data

Dr Daniel KästnerDr Daniel Kästner
CTO
AbsInt GmbH

14.30 – 15.00

Vulnerability Tree Analysis versus Fault Tree Analysis – Combined Security\Safety Analysis Approach

  • Introduction to Vulnerability Tree Analysis (VTA) for critical security systems
  • A comprehensive and cost-effective approach to combine VTA with FTA
  • Use case: VTA/FTA analysis for Medium Range Radar system
  • Conclusion and future work

Esam MamdouhEsam Mamdouh
Functional Safety Department Manager
eJad

15.00 – 15.30

Coffee break

15.30 – 16.00

Achieving Cybersecurity by Applying Secure Hardware

  • Architectures
  • Current situation
  • Communication requirements
  • Cybersecurity by hardware
  • Attributes of secure hardware

Friedhelm BeckerFriedhelm Becker
CEO
DCB Distribution & Consulting Becker

16.00 – 16.30

A Hybrid Hardware-Software Solution for Protection In-Vehicle Communication

Dr. Yao LuDr. Yao Lu
Automotive Cyber Security Expert
Trillium Incorporated

16.30

End of the 2nd conference day

9.00 – 9.30

Reception with coffee and tea

9.30 – 10.00

Welcome and summary of the previous day by the chair

Prof. Dr Dr h.c. Manfred BroyProf. Dr Dr h.c. Manfred Broy

Practice with ISO 26262

10.00 – 10.30

Model-Based Dependent Failure Analysis

Bülent SariBülent Sari
Safety Manager, Electronics Powertrain Technology
ZF Friedrichshafen AG

10.30 – 11.00

SOTIF – Safety of the intended functionality

  • SOTIF mindset
  • Application of SOTIF for advanced driver-assistance systems (ADAS)
  • Challenges in the application of SOTIF for automated driving (AD)
  • Examples Automatic Emergency Braking (AEB) and Traffic Jam Pilot (TJP)

Dr Susanne EbelDr Susanne Ebel
Senior Expert and Team Leader Functional Safety in the development of driver assistance and automated driving functions
Robert Bosch GmbH

11.00 – 11.30

Coffee break

11.30 – 12.00

Evaluation of architecture variants for hard real-time systems

  • Dealing with timing constraints in control flow
  • Preventing temporal faults by design
  • Timing as part of system architecture

Frank Sigiliano Pinecker Dr-Ing. Isabella Stilkerich

Frank Sigiliano Pinecker, Consultant, Method Park Consulting GmbH
Dr-Ing. Isabella Stilkerich, Software-Engineering Specialist, Schaeffler Technologies AG & Co. KG

Software, Tools and Methods

12.00 – 12.30

A methodology for the automatic injection and analysis of faults in analog element of integrated circuits

  • Variation of fault models for analog element primitive (CMOS transistors, Integrated Resistors, Capacitors and Diodes)
  • Verification of the proposed Fault Models against literature benchmark and back-2-back Test
  • Use of the proposed Fault Models during automatic Fault Injections in analog element of Integrated Circuits
  • Integration of the methodology in the computation of the HW architectural metrics

Dr Vincenzo SaccoDr Vincenzo Sacco
Global Functional Safety Manager
Melexis Technologies SA

12.30 – 13.30

Lunch

13.30 – 14.00

Introduction of SCDL (Safety Concept Description Language) and SCN-SG (Safety Concept Notation Study Group)

  • Well known problems when you build Safety Concepts according to ISO 26262
  • Introduction of SCDL as SCN-SG’s proposal
  • Digest of SCDL specification as a semi-formal notation
  • Next steps

Shuhei YamashitaShuhei Yamashita
Principal Technical Expert / Senior Director
DNV GL Business Assurance Japan K.K.

14.00 – 14.30

Tool Qualification Process Certification

  • Process Modeling
  • Process Simulation
  • Automated Compliance Check
  • Tool Classification and Qualification

Dr Oscar SlotoschDr Oscar Slotosch
CEO
Validas AG

Robustness Validation

14.30 – 15.00

Robust Validation for functional safety software on vehicle level

  • Challenges of functional safety software validation
  • Generation method of vehicle validation test case
  • Test experience with vehicle validation test result
  • Conclusion and Summary

Changhyeon LeeChanghyeon Lee
Transmission System Integration Engineer
Continental

15.00 – 15.30

Q&A and discussion

15.30

End of the Conference