PASSAC2023: 1st International Workshop on Patterns of Argumentation for Safety-Security Assurance Cases 2023 LAAS-CNRS in the Toulouse University Campus Toulouse, France, September 19, 2023 |
Conference website | https://safecomp2023.cnrs.fr/ |
Submission link | https://easychair.org/conferences/?conf=passac2023 |
Submission deadline | May 10, 2023 |
PASSAC is the first International Workshop on Patterns of Argumentation for Safety-Security Assurance Cases. This workshop aims to explore how a structured argument in support of a claim about the safety of a system or product should consider malicious interference. There is little, if any, published guidance concerning the integration of malicious and non-malicious elements in a safety assurance case. Is this simply a matter of extending a safety case argument with additional branches to address a list of security threats? Or would it be better to start with an entirely different structure shaped around a cybersecurity framework, e.g., a separate branch of the argument for each of the five functions of the NIST Cybersecurity Framework, namely, Identify, Protect, Detect, Respond, and Recover? Recognizing that safety and security are often intertwined, how tightly should the argument weave details about malicious sources of safety risk together with related details of non-malicious sources?
We invite short presentations that address the above questions by proposing a repeatable pattern of argumentation for safety-security assurance cases. Preference will be given to presentations that use a graphical diagram notation such as Goal Structuring Notation (GSN) to depict a pattern of argumentation. Prospective contributors are encouraged to use the example of the steering system for a Maritime Autonomous Surface Ship (MASS) [https://en.wikipedia.org/wiki/Autonomous_cargo_ship] to illustrate a suggested pattern of argumentation for safety-security in response to the above questions. A description available online [http://cslabs.com/CMASS.pdf] can be used as a reference model for an illustrative example. The top-level safety hazard for the steering system could, for example, be "unwanted steering" or "loss of steering" where malicious interference is seen to be a significant potential cause of such hazards. In addition to describing a repeatable pattern of argumentation, presentations should provide some guidance for how this pattern can be adapted for different instances of safety-security assurance argument.
The morning session of this full-day workshop will consist of short presentations selected by the Program Committee. In the afternoon, participants will be invited to join a collaborative effort to synthesize 1-3 recommended patterns of argumentation from contributions presented in the morning session. It is anticipated that a summary of the collaborative effort in the afternoon session will be written for publication following the workshop.
Submission Guidelines
A short paper 1000-1500 words (including references) should be submitted through the PASSAC 2023 submission page. In addition to the upper bound of 1500 words, the entire paper including figures must not exceed 10 pages. The paper should provide an introduction to the content of the presentation, e.g., a description of the repeatable pattern of argumentation. The paper should highlight the key features of this pattern and briefly explain how it could be used across a variety of systems or products. This short paper will be used by the PASSAC Program Committee as a basis for inviting presentations for the morning session of this workshop.
Committees
Co-chairs
- Jeffrey Joyce, President, Critical Systems Labs Inc., https://www.criticalsystemslabs.com/
- Claudio Menghi, Assistant Professor, University of Bergamo | Adjunct Professor, McMaster University, https://claudiomenghi.github.io/
Program committee
- Mehrnoosh Askarpour, Lead Software Safety Analyst, General Motors | Adjunct Professor, McMaster University, https://askarpour.github.io/
- Jeff Baker, Senior Director, Engineering Operations, Blackberry QNX, https://blackberry.qnx.com/
- Patricia Bomme, Head of Safety and Compliance Management, Skyguide – Swiss Air Navigation Services Ltd, Swiss air navigation service provider — Skyguide
- Marsha Chechik, Professor, University of Toronto, https://www.cs.toronto.edu/~chechik/
- Marie Farrell, Royal Academy of Engineering Research Fellow, University of Manchester, https://mariefarrell.github.io/
- Angelo Gargantini, Professor, University of Bergamo, https://cs.unibg.it/gargantini/
- Barbara Gallina, Associate Professor, Mälardalen University, http://www.es.mdh.se/staff/308-Barbara_Gallina
- Robert Oates, Senior IoT Cyber Security Consultant, Blackberry QNX, https://blackberry.qnx.com/
- Damiano Torre, Associate Research Scientist, Texas A&M University Central Texas, https://damianotorre.github.io/
- Alan Wassyng, Professor, McMaster University, http://www.cas.mcmaster.ca/~wassyng/
- Jens Weber, Professor, University of Victoria, https://onlineacademiccommunity.uvic.ca/jensweb/
- Charles Wilson, Senior Principal Engineer, Cybersecurity Development Lifecycle Practice, Motional, https://motional.com/
Contact
All questions about submissions should be emailed to Jeffrey Joyce <jeff.joyce@cslabs.com> and Claudio Menghi <claudio.menghi@unibg.it>