Thursday, September 23rd
|13:00 – 13:15 CET||Welcome!|
|13:15 – 13:55 CET||Michael Winokur||MBSE and the Industrial Reality of System Engineering Management|
|14:00 – 14:40 CET||Orsolya Nemeth, Salome Wagner and Konrad Wieland||How Cyber Security Threat Modeling keeps your organisation innovative|
|14:40 – 15:00 CET||Break|
|15:00 – 15:40 CET||Niels Jørgen Strøm||Systems Engineering – creating a common base for the development organization to cope with current and future challenges|
|15:45 – 16:25 CET||David Walden||Key Skills for Moving Beyond Greenfield Systems Engineering|
|16:30 – 16:45 CET||Outlining future activities|
MBSE and the Industrial Reality of System Engineering Management
Speaker: Michael Winokur, Holon Institute of Technology
The presentation will address the application of Model Based Systems Engineering in Industrial practice. What is the dream, what is the reality and what can be expected in the near future for MBSE application to complex Cyber Physical Systems development. In particular the presentation will address the dilemmas posed by the need for effective application of MBSE when confronted to the realities of Systems Engineering Management requirements and constraints.
Examples from industrial applications will be presented to illustrate the subjects and the dilemmas that confront the Systems Engineering community in these area.
The presentation will briefly address efforts pursued in academia to forward the state of the practice.
How Cyber Security Threat Modeling keeps your organisation innovative
Orsolya Nemeth, Sparx Services Central Europe
Salome Wagner and Konrad Wieland, LieberLieber Software GmbH
Cyber Security Threat Modeling is the holistic approach to the detection, management and mitigation of potential IoT system threats. ThreatGet offers a 360° view on components and assets, identifying unseen risks to the system under development.
Innovation in many of today’s organisations is driven by the endless potential offered by the internet of things (“IoT”). Interaction and flexibility are key elements for smart services which interface to the network of digital data and communication. The complexity of this cyber landscape is one of the biggest challenges when it comes to systems engineering. Interfaces between systems offer an open door to potential threats. The challenge is to address and manage those threats while bringing innovative services to market as quickly as possible. There are different ways to identify potential threats within systems. One framework is the “STRIDE Model” which differentiates among 6 types of threats: Spoofing, Tampering, Repudiation, Information disclosure, Denial of Service plus Elevation of Privilege. This method, originally invented by Microsoft, is one approach but offers a gap analysis only, leaving out the complexity within operating systems.
Although threat analysis is an integral part of systems development, it relies on subjective expert judgment. Therefore, to bring Cyber Security Modeling to the next level, the Austrian Institut of Technology (“AIT”) has developed a tool based on Sparx Systems Enterprise Architect, called “ThreatGet”. It automates this analysis by formalizing threat information. Its analysis results are reusable and all mitigations and design decisions are traceable throughout the development process. It helps organisations to save costs, and due to the updatable threat catalogue the analysis stays up-to-date.
This threat modeling tool automatically identifies threats and supports ongoing risk management. The tool extends the well-established Enterprise Architect modeling platform and is designed to support use cases in domains like automotive, railways, energy and critical infrastructure. It contains domain-specific, security-relevant elements for systems modeling and comes with an up-to-date threat catalogue maintained by AIT. Project-specific model elements and threats can also be added. All model elements contain pre-defined security parameters to consider existing security concepts. The tool will automatically assess the system model to find potential security issues in the design and will also suggest mitigations. Identified threats are traceable from analysis to qualification. Finally, standard-compliant risk and management reports are generated.
The presentation will discuss the different aspects of Cyber Security Threat Modeling and its benefits for the entire organisation: shorter development cycles for innovative systems while keeping threats to the system at bay throughout every stage of the lifecycle.
Systems Engineering – creating a common base for the development organization to cope with current and future challenges
Speaker: Niels Jørgen Strøm, Grundfos
Grundfos is with an annual production of more than 17 million pump units the biggest pump manufacturer in the world.
Pumps currently account for minimum 10 % of the world’s total electricity consumption. By switching to energy efficient pumps and pump solutions, we can cut that down by 50 % and save 5% of the global electricity consumption. Being a purpose driven company, Grundfos actively works to support the UN Goals 6 (Clean Water and Sanitation) and 13 (Climate action).
Grundfos has for many years had a process-oriented culture, auditing according to ISO 9001, and assessing processes within all professional disciplines according to ISO 15504.
However, individual parts of the development organization having functions and roles such as system architects, project managers, production engineers, hardware engineers, mechanics engineers, mechatronics engineers, software engineers, traditionally all speak a language of their own, and the development effort has also traditionally taken place in individual units with individual processes fostering a large degree of expertise but also requiring a big effort to coordinate and align across the organizational and professional boundaries. The trend is that products get increasingly smarter and connected, going from individual products to systems and digitalization, thus increasing complexity in development projects by an order of magnitude. If, on top of this, we acknowledge an increased need for speed in development and frequent deliveries, this calls for a different approach.
Excellent cross functional collaboration becomes a must and we must work smarter, for example by enabling parallel development of product and production equipment and by turning to increased use of simulation and platforms. Systems Engineering has for many years been a well-established philosophy and practice in traditionally complex segments like aerospace and defense, but now it increasingly fast becomes interesting in all business segments, and for Grundfos it has become a lever for a cross organizational and cross discipline holistic approach to tame the complexity and act as a common ground and language.
Key Skills for Moving Beyond Greenfield Systems Engineering
Speaker: David Walden Sysnovation, LLC
Systems Engineering Practitioners need to move beyond their traditional Document-Centric, Greenfield (Clean/Blank-Sheet) Systems Engineering heritage as we move forward to tackle the ever-increasing complexities of the future. This talk will discuss how transitioning beyond Greenfield Systems Engineering, such as Brownfield/Legacy Systems Engineering, Product Line Engineering, Systems of Systems Engineering, and Social Systems Engineering, requires additional Systems Engineering hard skills and soft skills to help ensure success.