Safety, Security, and Configurable Software Systems: A Systematic Mapping Study

Andy Kenner; Richard May; Jacob Krüger; Gunter Saake; Thomas Leich

doi:10.1145/3461001.3471147

Safety, Security, and Configurable Software Systems: A Systematic Mapping Study

Andy Kenner, Richard May, Jacob Krüger, Gunter Saake, Thomas Leich

Engineering of Software-Intensive Systems

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/Congresprocedure › Conferentiebijdrage › Academic › peer review

8 Citaten (Scopus)

Samenvatting

Safety and security are important properties of any software system, particularly in safety-critical domains, such as embedded, automotive, or cyber-physical systems. Moreover, particularly those domains also employ highly-configurable systems to customize variants, for example, to different customer requirements or regulations. Unfortunately, we are missing an overview understanding of what research has been conducted on the intersection of safety and security with configurable systems. To address this gap, we conducted a systematic mapping study based on an automated search, covering ten years (2011–2020) and 65 relevant (out of 367) publications. We classified each publication based on established security and safety concerns (e.g., CIA triad) as well as the connection to configurable systems (e.g., ensuring security of such a system). In the end, we found that considerably more research has been conducted on safety concerns, but both properties seem underexplored in the context of configurable systems. Moreover, existing research focuses on two directions: Ensuring safety and security properties in product-line engineering; and applying product-line techniques to ensure safety and security properties. Our mapping study provides an overview of the current state-of-the-art as well as open issues, helping practitioners identify existing solutions and researchers define directions for future research.

Originele taal-2	Engels
Titel	Proceedings of the 25th ACM International Systems and Software Product Line Conference, SPLC 2021
Redacteuren	Mohammad Mousavi, Pierre-Yves Schobbens, Hugo Araujo, Ina Schaefer, Maurice H. ter Beek, Xavier Devroey, Jose Miguel Rojas, Monica Pinto, Leopoldo Teixeira, Thorsten Berger, Johannes Noppen, Iris Reinhartz-Berger, Paul Temple, Ferruccio Damiani, Justyna Petke
Uitgeverij	Association for Computing Machinery, Inc
Pagina's	148-159
Aantal pagina's	12
ISBN van elektronische versie	9781450384698
DOI's	https://doi.org/10.1145/3461001.3471147
Status	Gepubliceerd - 6 sep. 2021

Publicatie series

Naam	ACM International Conference Proceeding Series

Bibliografische nota

DBLP License: DBLP's bibliographic metadata records provided through http://dblp.org/ are distributed under a Creative Commons CC0 1.0 Universal Public Domain Dedication. Although the bibliographic metadata records are provided consistent with CC0 1.0 Dedication, the content described by the metadata records is not. Content may be subject to copyright, rights of privacy, rights of publicity and other restrictions.

Toegang tot document

10.1145/3461001.3471147

Andere bestanden en links

Link naar publicatie in Scopus

Citeer dit

Kenner, A., May, R., Krüger, J., Saake, G., & Leich, T. (2021). Safety, Security, and Configurable Software Systems: A Systematic Mapping Study. In M. Mousavi, P.-Y. Schobbens, H. Araujo, I. Schaefer, M. H. ter Beek, X. Devroey, J. M. Rojas, M. Pinto, L. Teixeira, T. Berger, J. Noppen, I. Reinhartz-Berger, P. Temple, F. Damiani, & J. Petke (editors), Proceedings of the 25th ACM International Systems and Software Product Line Conference, SPLC 2021 (blz. 148-159). (ACM International Conference Proceeding Series). Association for Computing Machinery, Inc. https://doi.org/10.1145/3461001.3471147

Kenner, Andy ; May, Richard ; Krüger, Jacob et al. / Safety, Security, and Configurable Software Systems: A Systematic Mapping Study. Proceedings of the 25th ACM International Systems and Software Product Line Conference, SPLC 2021. redacteur / Mohammad Mousavi ; Pierre-Yves Schobbens ; Hugo Araujo ; Ina Schaefer ; Maurice H. ter Beek ; Xavier Devroey ; Jose Miguel Rojas ; Monica Pinto ; Leopoldo Teixeira ; Thorsten Berger ; Johannes Noppen ; Iris Reinhartz-Berger ; Paul Temple ; Ferruccio Damiani ; Justyna Petke. Association for Computing Machinery, Inc, 2021. blz. 148-159 (ACM International Conference Proceeding Series).

@inproceedings{9259a3483fc24850843ca897cd0bf296,

title = "Safety, Security, and Configurable Software Systems: A Systematic Mapping Study",

abstract = "Safety and security are important properties of any software system, particularly in safety-critical domains, such as embedded, automotive, or cyber-physical systems. Moreover, particularly those domains also employ highly-configurable systems to customize variants, for example, to different customer requirements or regulations. Unfortunately, we are missing an overview understanding of what research has been conducted on the intersection of safety and security with configurable systems. To address this gap, we conducted a systematic mapping study based on an automated search, covering ten years (2011–2020) and 65 relevant (out of 367) publications. We classified each publication based on established security and safety concerns (e.g., CIA triad) as well as the connection to configurable systems (e.g., ensuring security of such a system). In the end, we found that considerably more research has been conducted on safety concerns, but both properties seem underexplored in the context of configurable systems. Moreover, existing research focuses on two directions: Ensuring safety and security properties in product-line engineering; and applying product-line techniques to ensure safety and security properties. Our mapping study provides an overview of the current state-of-the-art as well as open issues, helping practitioners identify existing solutions and researchers define directions for future research.",

keywords = "Safety, Securty, Software Product Line Engineering, Configurable Systems, Mapping Study, software product line engineering, security, mapping study, safety, configurable systems",

author = "Andy Kenner and Richard May and Jacob Kr{\"u}ger and Gunter Saake and Thomas Leich",

note = "DBLP License: DBLP's bibliographic metadata records provided through http://dblp.org/ are distributed under a Creative Commons CC0 1.0 Universal Public Domain Dedication. Although the bibliographic metadata records are provided consistent with CC0 1.0 Dedication, the content described by the metadata records is not. Content may be subject to copyright, rights of privacy, rights of publicity and other restrictions.",

year = "2021",

month = sep,

day = "6",

doi = "10.1145/3461001.3471147",

language = "English",

series = "ACM International Conference Proceeding Series",

publisher = "Association for Computing Machinery, Inc",

pages = "148--159",

editor = "Mohammad Mousavi and Pierre-Yves Schobbens and Hugo Araujo and Ina Schaefer and {ter Beek}, {Maurice H.} and Xavier Devroey and Rojas, {Jose Miguel} and Monica Pinto and Leopoldo Teixeira and Thorsten Berger and Johannes Noppen and Iris Reinhartz-Berger and Paul Temple and Ferruccio Damiani and Justyna Petke",

booktitle = "Proceedings of the 25th ACM International Systems and Software Product Line Conference, SPLC 2021",

address = "United States",

}

Kenner, A, May, R, Krüger, J, Saake, G & Leich, T 2021, Safety, Security, and Configurable Software Systems: A Systematic Mapping Study. in M Mousavi, P-Y Schobbens, H Araujo, I Schaefer, MH ter Beek, X Devroey, JM Rojas, M Pinto, L Teixeira, T Berger, J Noppen, I Reinhartz-Berger, P Temple, F Damiani & J Petke (uitgave), Proceedings of the 25th ACM International Systems and Software Product Line Conference, SPLC 2021. ACM International Conference Proceeding Series, Association for Computing Machinery, Inc, blz. 148-159. https://doi.org/10.1145/3461001.3471147

Safety, Security, and Configurable Software Systems: A Systematic Mapping Study. / Kenner, Andy; May, Richard; Krüger, Jacob et al.
Proceedings of the 25th ACM International Systems and Software Product Line Conference, SPLC 2021. uitgave / Mohammad Mousavi; Pierre-Yves Schobbens; Hugo Araujo; Ina Schaefer; Maurice H. ter Beek; Xavier Devroey; Jose Miguel Rojas; Monica Pinto; Leopoldo Teixeira; Thorsten Berger; Johannes Noppen; Iris Reinhartz-Berger; Paul Temple; Ferruccio Damiani; Justyna Petke. Association for Computing Machinery, Inc, 2021. blz. 148-159 (ACM International Conference Proceeding Series).

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/Congresprocedure › Conferentiebijdrage › Academic › peer review

TY - GEN

T1 - Safety, Security, and Configurable Software Systems: A Systematic Mapping Study

AU - Kenner, Andy

AU - May, Richard

AU - Krüger, Jacob

AU - Saake, Gunter

AU - Leich, Thomas

N1 - DBLP License: DBLP's bibliographic metadata records provided through http://dblp.org/ are distributed under a Creative Commons CC0 1.0 Universal Public Domain Dedication. Although the bibliographic metadata records are provided consistent with CC0 1.0 Dedication, the content described by the metadata records is not. Content may be subject to copyright, rights of privacy, rights of publicity and other restrictions.

PY - 2021/9/6

Y1 - 2021/9/6

N2 - Safety and security are important properties of any software system, particularly in safety-critical domains, such as embedded, automotive, or cyber-physical systems. Moreover, particularly those domains also employ highly-configurable systems to customize variants, for example, to different customer requirements or regulations. Unfortunately, we are missing an overview understanding of what research has been conducted on the intersection of safety and security with configurable systems. To address this gap, we conducted a systematic mapping study based on an automated search, covering ten years (2011–2020) and 65 relevant (out of 367) publications. We classified each publication based on established security and safety concerns (e.g., CIA triad) as well as the connection to configurable systems (e.g., ensuring security of such a system). In the end, we found that considerably more research has been conducted on safety concerns, but both properties seem underexplored in the context of configurable systems. Moreover, existing research focuses on two directions: Ensuring safety and security properties in product-line engineering; and applying product-line techniques to ensure safety and security properties. Our mapping study provides an overview of the current state-of-the-art as well as open issues, helping practitioners identify existing solutions and researchers define directions for future research.

AB - Safety and security are important properties of any software system, particularly in safety-critical domains, such as embedded, automotive, or cyber-physical systems. Moreover, particularly those domains also employ highly-configurable systems to customize variants, for example, to different customer requirements or regulations. Unfortunately, we are missing an overview understanding of what research has been conducted on the intersection of safety and security with configurable systems. To address this gap, we conducted a systematic mapping study based on an automated search, covering ten years (2011–2020) and 65 relevant (out of 367) publications. We classified each publication based on established security and safety concerns (e.g., CIA triad) as well as the connection to configurable systems (e.g., ensuring security of such a system). In the end, we found that considerably more research has been conducted on safety concerns, but both properties seem underexplored in the context of configurable systems. Moreover, existing research focuses on two directions: Ensuring safety and security properties in product-line engineering; and applying product-line techniques to ensure safety and security properties. Our mapping study provides an overview of the current state-of-the-art as well as open issues, helping practitioners identify existing solutions and researchers define directions for future research.

KW - Safety

KW - Securty

KW - Software Product Line Engineering

KW - Configurable Systems

KW - Mapping Study

KW - software product line engineering

KW - security

KW - mapping study

KW - safety

KW - configurable systems

UR - http://www.scopus.com/inward/record.url?scp=85115341470&partnerID=8YFLogxK

U2 - 10.1145/3461001.3471147

DO - 10.1145/3461001.3471147

M3 - Conference contribution

T3 - ACM International Conference Proceeding Series

SP - 148

EP - 159

BT - Proceedings of the 25th ACM International Systems and Software Product Line Conference, SPLC 2021

A2 - Mousavi, Mohammad

A2 - Schobbens, Pierre-Yves

A2 - Araujo, Hugo

A2 - Schaefer, Ina

A2 - ter Beek, Maurice H.

A2 - Devroey, Xavier

A2 - Rojas, Jose Miguel

A2 - Pinto, Monica

A2 - Teixeira, Leopoldo

A2 - Berger, Thorsten

A2 - Noppen, Johannes

A2 - Reinhartz-Berger, Iris

A2 - Temple, Paul

A2 - Damiani, Ferruccio

A2 - Petke, Justyna

PB - Association for Computing Machinery, Inc

ER -

Kenner A, May R, Krüger J, Saake G, Leich T. Safety, Security, and Configurable Software Systems: A Systematic Mapping Study. In Mousavi M, Schobbens PY, Araujo H, Schaefer I, ter Beek MH, Devroey X, Rojas JM, Pinto M, Teixeira L, Berger T, Noppen J, Reinhartz-Berger I, Temple P, Damiani F, Petke J, redacteurs, Proceedings of the 25th ACM International Systems and Software Product Line Conference, SPLC 2021. Association for Computing Machinery, Inc. 2021. blz. 148-159. (ACM International Conference Proceeding Series). doi: 10.1145/3461001.3471147

Safety, Security, and Configurable Software Systems: A Systematic Mapping Study

Samenvatting

Publicatie series

Bibliografische nota

Toegang tot document

Andere bestanden en links

Vingerafdruk

Citeer dit