AIT Austrian Institute of Technology, GmbH, Austria



AIT, Austria’s largest non-university research institute, provides research for the next generation of infrastructure related technologies in Digital Safety & Security, Health & Bioresources, Energy, Mobility Systems, Vision, Automation and Control, Technology Experience, Low-Emission Transport, and Innovation Systems and Policy.

“Highly Reliable Software and Systems”, a business unit of the Digital Safety & Security Department of AIT is focusing on the development of new methods, tools or process approaches for verification and validation of highly reliable and safe software and systems in the fields of critical embedded/cyber-physical systems. The core competences of the area are design, development, integration, verification & validation (V&V) and certification support of dependable and reliable systems.

In the recent years, a special focus has been established in the area of combined safety- and security-engineering.

In the project AIT will extend WEFACT (Workflow Engine for Analysis, Certification and Test) towards a workflow engine for multi-concern assurance. WEFACT was developed for supporting safety verification and validation the generation of a safety case. First steps towards the support for security certification (ISO 15409, Common Criteria) were investigated in EMC2. In AQUAS, AIT will extend this towards a security aware safety case, considering malicious, non-malicious, intentional and unintentional risk factors and effects on system performance. In addition AIT will extend and combine FMVEA (Failure Mode Vulnerability and Effect Analysis) method and Data Time Flow (DTF) Simulator Engine towards a model-based analysis and simulation of safety and security effects on system performance. Moreover, the model-based test case generation tool family MoMuT will be extended towards testing non-functional properties like safety, security and performance.

Relevant expertise

Participation in standardization committees and working groups regarding interactions between safety, security and other dependability attributes: IEC TC65/WG20, AHG2 and AHG3; IEC SC65E AHG1 and Consideration of cybersecurity for ISO26262 Ed.2 and IEC 61508 Ed. 3.0, and IEC SC65A WG17, Human factors-functional safety.

Participation in projects EMC2, ARROWHEAD, AMASS, Productive4.0, and AutoDrive..

Main tasks

Complementary tools and methods for integration of human user/operator models in safety, security and performance consideration.

Experience in combined assurance cases (safety&security) GSN-based argumentation for safety and security of a system, considering conflict resolution and interplay between dependability attributes.

Cooperation towards verification of safety, security and performance, including automated generation of assurance cases (including multiple dependability attributes) based on tests and simulations.