There was a strong TECoSA presence at this year’s Scandinavian Conference on System & Software Safety (SCSSS 2022) which took place in Göteborg on 22-23 November.
A central meeting place for Scandinavian safety experts from different industries, this year’s conference was attended by 120 people and several TECoSA partners were involved in the organisation and workshops (namely KTH, Einride, Saab, Safety Integrity and CAG Syntell). In all, 3 out of 4 of the workshops were led by TECoSA members, with Workshop 3 focusing on the results of the TECoSA SME Project MBRASA.
Workshop 1 – Managing continuous assurance of complex dependable systems (Fredrik Warg, RISE)
Workshop 2 – Understanding CPS Trustworthiness (Rusyadi Ramli, supported by Fredrik Asplund and Martin Törngren, KTH)
Workshop 3 – Embracing complexity of Systems-of-Systems using Model-Based Risk Assessment and Safety Analysis (Tom Strandberg, CAG Syntell, and Joakim Fröberg, Safety Integrity)
Workshop 4 – Automated and connected driving and the promises and challenges of cellular technology for systems of systems (Martin Törngren and Gianfilippo Fornaro, KTH)
The main take aways from TECoSA’s perspective was that the conference provided a very useful meeting place with the opportunity to engage with leading Swedish experts in safety and cybersecurity, and there was good engagement from TECoSA partners. The workshops provided a useful format for interactions with these experts, and we are currently working on a follow-up analysis of the results from the workshops (with the aim to generate academic papers from the findings).
As well as the workshops and the great networking opportunities, this year’s keynotes (described here: http://safety.addalot.se/2022) were highly engaging. In particular, we would like to highlight the keynote by Dr Marie Moe, a cybersecurity researcher at NTNU. She talked about the challenges of the increasing complexity with software defined and connected devices, with many of the experiences and incidents taken from actual events and findings related to Dr Moe’s own pacemaker!
“A Man-in-the-Middle of my Heart Attack”,
by Dr. Marie Moe, NTNU
Gradually we are all becoming more and more dependent on connected technology. We will be able to live longer with an increased quality of life due to medical devices and sensors attached to, or integrated into our bodies. However, our dependence on technology grows faster than our ability to secure it, and a security failure of a medical device may cause patient harm and have fatal consequences.
Dr. Marie Moe is a security researcher, and in 2015 she started a hacking project to figure out if she could trust the device that was keeping her alive, an IoT-connected pacemaker implant. This talk will cover the latest findings from this research project, in particular how it is possible to perform a Man-in-the-Middle attack between the pacemaker device and the corresponding backend server with the help of a fake mobile base station, giving access to the patient’s medical data.