论文信息 - Computer Safety, Reliability, and Security. SAFECOMP 2020 Workshops: DECSoS 2020, DepDevOps 2020, USDAI 2020, and WAISE 2020, Lisbon, Portugal, September 15, 2020, Proceedings

Computer Safety, Reliability, and Security. SAFECOMP 2020 Workshops: DECSoS 2020, DepDevOps 2020, USDAI 2020, and WAISE 2020, Lisbon, Portugal, September 15, 2020, Proceedings

Development of safety critical systems requires a risk management strategy to identify and analyse hazards, and apply necessary actions to eliminate or control them as malfunctions could be catastrophic. Fault Tree Analysis (FTA) is one of the most widely used methods for safety analysis in industrial use. However, the standard FTA is manual, informal, and limited to static analysis of systems. In this paper, we present preliminary results from a model-based approach to address these limitations using Supervisory Control Theory. Taking an example from the Fault Tree Handbook, we present a systematic approach to incrementally obtain formal models from a fault tree and verify them in the tool Supremica. We present a method to calculate minimal cut sets using our approach. These compositional techniques could potentially be very beneficial in the safety analysis of highly complex safety critical systems, where several components interact to solve different tasks.

[1] LiMin Fu,et al. Rule Generation from Neural Networks , 1994, IEEE Trans. Syst. Man Cybern. Syst..

[2] Darek Ceglarek,et al. The Quality of a Design will not Exceed the Knowledge of its Designer; an Analysis Based on Axiomatic Information and the Cynefin Framework , 2015 .

[3] Hamid Sharif,et al. A Survey of Energy-Efficient Compression and Communication Techniques for Multimedia in Resource Constrained Systems , 2013, IEEE Communications Surveys & Tutorials.

[4] José Barata,et al. NOVAAS: A Reference Implementation of Industrie4.0 Asset Administration Shell with best-of-breed practices from IT engineering , 2019, IECON 2019 - 45th Annual Conference of the IEEE Industrial Electronics Society.

[5] Anders P. Ravn,et al. From Safety Analysis to Software Requirements , 1998, IEEE Trans. Software Eng..

[6] Olivier Barais,et al. Modeling languages in Industry 4.0: an extended systematic mapping study , 2019, Software and Systems Modeling.

[7] Sriram Sankaranarayanan,et al. Verification of automotive control applications using S-TaLiRo , 2012, 2012 American Control Conference (ACC).

[8] Bernhard Ganter,et al. Formal Concept Analysis: Mathematical Foundations , 1998 .

[9] Xiaoxing Ma,et al. Structural Coverage Criteria for Neural Networks Could Be Misleading , 2019, 2019 IEEE/ACM 41st International Conference on Software Engineering: New Ideas and Emerging Results (ICSE-NIER).

[10] Mike Williamsen,et al. Near-Miss Reporting: A Missing Link in Safety Culture , 2013 .

[11] Fei Tao,et al. Digital Twin and Big Data Towards Smart Manufacturing and Industry 4.0: 360 Degree Comparison , 2018, IEEE Access.

[12] Vijay Gehlot,et al. An introduction to systems modeling and simulation with Colored Petri Nets , 2010, Proceedings of the 2010 Winter Simulation Conference.

[13] Xavier Rival,et al. A relational shape abstract domain , 2017, Formal Methods in System Design.

[14] Mehrdad Sabetzadeh,et al. Towards a Model-Based Evolutionary Chain of Evidence for Compliance with Safety Standards , 2012, SAFECOMP Workshops.

[15] Yutaka Matsuno,et al. Tackling Uncertainty in Safety Assurance for Machine Learning: Continuous Argument Engineering with Attributed Tests , 2019, SAFECOMP Workshops.

[16] A concept and local implementation for industry-academy collaboration and life-long learning , 2018 .

[17] P. Glöckner,et al. Extracting Rules from Deep Neural Networks , 2015 .

[18] Rolf Johansson,et al. Towards an Operational Design Domain That Supports the Safety Argumentation of an Automated Driving System , 2020 .

[19] David Salomon,et al. A Concise Introduction to Data Compression , 2007, Undergraduate Topics in Computer Science.

[20] Peter Liggesmeyer,et al. Combination of Safety and Security Analysis - Finding Security Problems That Threaten The Safety of a System , 2013, DECS@SAFECOMP.

[21] Lei Ma,et al. DeepCT: Tomographic Combinatorial Testing for Deep Learning Systems , 2019, 2019 IEEE 26th International Conference on Software Analysis, Evolution and Reengineering (SANER).

[22] Jimmy J. Lin,et al. Compressing and Decoding Term Statistics Time Series , 2016, ECIR.

[23] Sune Wolff. Scrum goes formal: Agile methods for safety-critical systems , 2012, 2012 First International Workshop on Formal Methods in Software Engineering: Rigorous and Agile Approaches (FormSERA).

[24] David Snowden,et al. Cynefin , A Sense of Time and Place : an Ecological Approach to Sense Making and Learning in Formal and Informal Communities , 2001 .

[25] Eliseo Ferrante,et al. ARGoS: a modular, parallel, multi-engine simulator for multi-robot systems , 2012, Swarm Intelligence.

[26] Jian Sun,et al. Delving Deep into Rectifiers: Surpassing Human-Level Performance on ImageNet Classification , 2015, 2015 IEEE International Conference on Computer Vision (ICCV).

[27] Bernhard Schölkopf,et al. Prior Knowledge in Support Vector Kernels , 1997, NIPS.

[28] Mariëlle Stoelinga,et al. Fault tree analysis: A survey of the state-of-the-art in modeling, analysis and tools , 2014, Comput. Sci. Rev..

[29] Michael W. Grieves. Product lifecycle management: the new paradigm for enterprises , 2005 .

[30] Ahmad-Reza Sadeghi,et al. ASSURED: Architecture for Secure Software Update of Realistic Embedded Devices , 2018, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[31] Stefan Boschert,et al. Digital Twin—The Simulation Aspect , 2016 .

[32] Richard Hawkins,et al. A New Approach to creating Clear Safety Arguments , 2011, SSS.

[33] Carl E. Landwehr,et al. Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.

[34] Matthias Bethge,et al. ImageNet-trained CNNs are biased towards texture; increasing shape bias improves accuracy and robustness , 2018, ICLR.

[35] Matthias Hein,et al. Provable Robustness of ReLU networks via Maximization of Linear Regions , 2018, AISTATS.

[36] Junfeng Yang,et al. DeepXplore: Automated Whitebox Testing of Deep Learning Systems , 2017, SOSP.

[37] Rick Salay,et al. Using Machine Learning Safely in Automotive Software: An Assessment and Adaption of Software Process Requirements in ISO 26262 , 2018, ArXiv.

[38] Risi Kondor,et al. On the Generalization of Equivariance and Convolution in Neural Networks to the Action of Compact Groups , 2018, ICML.

[39] Sungjoo Kang,et al. Design and Implementation of Runtime Verification Framework for Cyber-Physical Production Systems , 2019, Journal of Engineering.

[40] Hoyt Lougee,et al. SOFTWARE CONSIDERATIONS IN AIRBORNE SYSTEMS AND EQUIPMENT CERTIFICATION , 2001 .

[41] Yarin Gal,et al. Uncertainty in Deep Learning , 2016 .

[42] Lydia Gauerhof,et al. Reverse Variational Autoencoder for Visual Attribute Manipulation and Anomaly Detection , 2020, 2020 IEEE Winter Conference on Applications of Computer Vision (WACV).

[43] Matthias Althoff,et al. An Online Verification Framework for Motion Planning of Self-driving Vehicles with Safety Guarantees , 2019 .

[44] Cynthia F. Kurtz,et al. The new dynamics of strategy: sense-making in a complex and complicated world , 2003, IEEE Engineering Management Review.

[45] Eric Armengaud,et al. SAHARA: A security-aware hazard and risk analysis method , 2015, 2015 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[46] Alexander Weiss,et al. Hardware-Based Runtime Verification with Embedded Tracing Units and Stream Processing , 2018, RV.

[47] Eric S. K. Yu,et al. Modeling DevOps Deployment Choices Using Process Architecture Design Dimensions , 2015, PoEM.

[48] Hao Wang,et al. Insulin Pump Software Certification , 2013, FHIES.

[49] Insup Lee,et al. A Safety Case Pattern for Model-Based Development Approach , 2012, NASA Formal Methods.

[50] Pietro Marmo,et al. Hazard Analysis of Complex Distributed Railway Systems , 2003, SRDS.

[51] Bev Littlewood,et al. Validation of ultrahigh dependability for software-based systems , 1993, CACM.

[52] Sanjit A. Seshia,et al. New Frontiers in Formal Methods: Learning, Cyber-Physical Systems, Education, and Beyond , 2015 .

[53] Elisabetta Di Nitto,et al. Fallacies and Pitfalls on the Road to DevOps: A Longitudinal Industrial Study , 2019, DEVOPS.

[54] Simon Burton,et al. Structuring Validation Targets of a Machine Learning Function Applied to Automated Driving , 2018, SAFECOMP.

[55] Matt Wynne,et al. The Cucumber Book: Behaviour-Driven Development for Testers and Developers , 2012 .

[56] Philip Koopman,et al. How Many Operational Design Domains, Objects, and Events? , 2019, SafeAI@AAAI.

[57] Jonathan P. Bowen,et al. Formal Versus Agile: Survival of the Fittest , 2009, Computer.

[58] Shin Yoo,et al. Guiding Deep Learning System Testing Using Surprise Adequacy , 2018, 2019 IEEE/ACM 41st International Conference on Software Engineering (ICSE).

[59] Peter G. Bishop,et al. Safety and Assurance Cases: Past, Present and Possible Future - an Adelard Perspective , 2010, SSS.

[60] Andrea Bondavalli,et al. On the Safety of Automotive Systems Incorporating Machine Learning Based Components: A Position Paper , 2018, 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W).

[61] Tengyu Ma,et al. Verified Uncertainty Calibration , 2019, NeurIPS.

[62] Yan Liu,et al. Application of Neural Networks in High Assurance Systems: A Survey , 2010, Applications of Neural Networks in High Assurance Systems.

[63] Christoph Schmittner,et al. Status of the Development of ISO/SAE 21434 , 2018, EuroSPI.

[64] Edward A. Lee,et al. Introduction to Embedded Systems - A Cyber-Physical Systems Approach , 2013 .

[65] Gábor Lugosi,et al. Introduction to Statistical Learning Theory , 2004, Advanced Lectures on Machine Learning.

[66] Qiang Liu,et al. Digital twin-driven manufacturing cyber-physical system for parallel controlling of smart workshop , 2018, Journal of Ambient Intelligence and Humanized Computing.

[67] Yi Zhou,et al. Understanding the Mirai Botnet , 2017, USENIX Security Symposium.

[68] John McDermid,et al. Towards a Framework for Safety Assurance of Autonomous Systems , 2019, AISafety@IJCAI.

[69] Barathram Ramkumar,et al. Simulation studies on ZigBee network for in-vehicle wireless communications , 2014, 2014 International Conference on Computer Communication and Informatics.

[70] Dan Craigen,et al. Experience with formal methods in critical systems , 1994, IEEE Software.

[71] Murray Shanahan,et al. The Event Calculus Explained , 1999, Artificial Intelligence Today.

[72] Manuel Wimmer,et al. Towards a Model-Based DevOps for Cyber-Physical Systems , 2019, DEVOPS.

[73] Seth Flaxman,et al. European Union Regulations on Algorithmic Decision-Making and a "Right to Explanation" , 2016, AI Mag..

[74] Eric Armengaud,et al. Integrated Safety and Security Development in the Automotive Domain , 2017 .

[75] Barbara Gallina,et al. Enhancing State-of-the-art Safety Case Patterns to Support Change Impact Analysis , 2020 .

[76] Christoph Garth,et al. Security in Process: Visually Supported Triage Analysis in Industrial Process Data , 2020, IEEE Transactions on Visualization and Computer Graphics.

[77] Athira Varma Jayakumar,et al. Systematic Model-based Design Assurance and Property-based Fault Injection for Safety Critical Digital Systems , 2020 .

[78] Elena Troubitsyna,et al. Pattern-Based Formal Approach to Analyse Security and Safety of Control Systems , 2019, IMBSA.

[79] Elena Troubitsyna,et al. Towards a Formal Approach to Analysing Security of Safety-Critical Systems , 2018, 2018 14th European Dependable Computing Conference (EDCC).

[80] Arvind Satyanarayan,et al. The Building Blocks of Interpretability , 2018 .

[81] Lorenzo Ciani,et al. A Critical Comparison of Alternative Risk Priority Numbers in Failure Modes, Effects, and Criticality Analysis , 2019, IEEE Access.

[82] M. Ringwelski,et al. The Hitchhiker's guide to choosing the compression algorithm for your smart meter data , 2012, 2012 IEEE International Energy Conference and Exhibition (ENERGYCON).

[83] Mustafa Aljumaili,et al. eMaintenance in railways: Issues and challenges in cybersecurity , 2019, Proceedings of the Institution of Mechanical Engineers, Part F: Journal of Rail and Rapid Transit.

[84] Joseph Pelrine. On Understanding Software Agility— A Social Complexity Point Of View , 2011 .

[85] George Eleftherakis,et al. An Agile Formal Development Methodology , 2003 .

[86] Takuma Oda,et al. Distributed Fleet Control with Maximum Entropy Deep Reinforcement Learning , 2018 .

[87] Eric Thorn,et al. A Framework for Automated Driving System Testable Cases and Scenarios , 2018 .

[88] A. H. Murphy. A New Vector Partition of the Probability Score , 1973 .

[89] Yoshua Bengio,et al. An empirical evaluation of deep architectures on problems with many factors of variation , 2007, ICML '07.

[90] Kush R. Varshney,et al. Engineering safety in machine learning , 2016, 2016 Information Theory and Applications Workshop (ITA).

[91] Sharad Mehrotra,et al. Capturing sensor-generated time series with quality guarantees , 2003, Proceedings 19th International Conference on Data Engineering (Cat. No.03CH37405).

[92] John A. McDermid,et al. Mind the gaps: Assuring the safety of autonomous systems from an engineering, ethical, and legal perspective , 2020, Artif. Intell..

[93] Christoph H. Lampert,et al. Attribute-Based Classification for Zero-Shot Visual Object Categorization , 2014, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[94] Ian Oliver,et al. Analyzing Trust Failures in Safety Critical Systems , 2019 .

[95] Abraham Lempel,et al. A universal algorithm for sequential data compression , 1977, IEEE Trans. Inf. Theory.

[96] Andrew J. Kornecki,et al. Certification of software for real-time safety-critical systems: state of the art , 2009, Innovations in Systems and Software Engineering.

[97] Yann LeCun,et al. Transformation Invariance in Pattern Recognition-Tangent Distance and Tangent Propagation , 1996, Neural Networks: Tricks of the Trade.

[98] Eric D. Ragan,et al. A Survey of Evaluation Methods and Measures for Interpretable Machine Learning , 2018, ArXiv.

[99] Gaël Varoquaux,et al. Scikit-learn: Machine Learning in Python , 2011, J. Mach. Learn. Res..

[100] Robi Malik,et al. Programming a fast explicit conflict checker , 2016, 2016 13th International Workshop on Discrete Event Systems (WODES).

[101] Christof Teuscher,et al. Adversarial explanations for understanding image classification decisions and improved neural network robustness , 2019, Nature Machine Intelligence.

[102] 重信池戸,et al. ISO (International Organization for Standardization ; 国際標準化機構) , 1997 .

[103] Leïla Azouz Saïdane,et al. Trusted Third Party Based Key Management for Enhancing LoRaWAN Security , 2017, 2017 IEEE/ACS 14th International Conference on Computer Systems and Applications (AICCSA).

[104] Hans D. Schotten,et al. Evaluation of Machine Learning-based Anomaly Detection Algorithms on an Industrial Modbus/TCP Data Set , 2018, ARES.

[105] Gerd Ascheid,et al. Efficient On-Line Error Detection and Mitigation for Deep Neural Network Accelerators , 2018, SAFECOMP.

[106] Daniela Giorgi,et al. Towards a topological–geometrical theory of group equivariant non-expansive operators for data analysis and machine learning , 2018, Nat. Mach. Intell..

[107] I. Kondor,et al. Group theoretical methods in machine learning , 2008 .

[108] Shaoyong Guo,et al. Blockchain Based Data Trust Sharing Mechanism in the Supply Chain , 2018, Security with Intelligent Computing and Big-data Services.

[109] W. H. F. Barnes. The Nature of Explanation , 1944, Nature.

[110] an,et al. A Survey on the Security Fight againstRansomware and Trojans in Android , 2014 .

[111] Minna Lanz,et al. The FMS Training Center - a versatile learning environment for engineering education , 2018 .

[112] Alexandru Paul Condurache,et al. GraN: An Efficient Gradient-Norm Based Detector for Adversarial and Misclassified Examples , 2020, ESANN.

[113] Juan Lopez,et al. Firmware modification attacks on programmable logic controllers , 2013, Int. J. Crit. Infrastructure Prot..

[114] Michael Kläs,et al. Increasing Trust in Data-Driven Model Validation - A Framework for Probabilistic Augmentation of Images and Meta-data Generation Using Application Scope Characteristics , 2019, SAFECOMP.

[115] Jude W. Shavlik,et al. Using Sampling and Queries to Extract Rules from Trained Neural Networks , 1994, ICML.

[116] Evans,et al. Domain-driven design , 2003 .

[117] Trevor Darrell,et al. Generating Visual Explanations , 2016, ECCV.

[118] Elena Troubitsyna,et al. Developing Mode-Rich Satellite Software by Refinement in Event B , 2010, FMICS.

[119] Jordi Cabot,et al. Stepwise Adoption of Continuous Delivery in Model-Driven Engineering , 2018, DEVOPS.

[120] Jürgen Schmidhuber,et al. Long Short-Term Memory , 1997, Neural Computation.

[121] Cody Buntain,et al. Computational trust assessment of open media data , 2013, 2013 IEEE International Conference on Multimedia and Expo Workshops (ICMEW).

[122] Amit Sahu,et al. Rule-Based Safety Evidence for Neural Networks , 2020, SAFECOMP Workshops.

[123] Sven Schindler,et al. Honeypot architectures for IPv6 networks , 2016 .

[124] Mark Craven,et al. Extracting comprehensible models from trained neural networks , 1996 .

[125] Radu Calinescu,et al. Assurance Argument Patterns and Processes for Machine Learning in Safety-Related Systems , 2020, SafeAI@AAAI.

[126] Bernhard Schölkopf,et al. Kernel Principal Component Analysis , 1997, ICANN.

[127] Alessandro Cimatti,et al. Combining MILS with Contract-Based Design for Safety and Security Requirements , 2014, SAFECOMP Workshops.

[128] Patrick Cousot,et al. Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[129] Aleksander Madry,et al. Towards Deep Learning Models Resistant to Adversarial Attacks , 2017, ICLR.

[130] Christoph Schmittner,et al. Automotive Cybersecurity Standards - Relation and Overview , 2019, SAFECOMP Workshops.

[131] Simon Burton,et al. Confidence Arguments for Evidence of Performance in Machine Learning for Highly Automated Driving Functions , 2019, SAFECOMP Workshops.

[132] Heidy Khlaaf,et al. Disruptive Innovations and Disruptive Assurance: Assuring Machine Learning and Autonomy , 2019, Computer.

[133] Kwai Sang Chin,et al. Development of a Failure Mode and Effects Analysis Based Risk Assessment Tool for Information Security , 2014 .

[134] Jonathon Shlens,et al. Explaining and Harnessing Adversarial Examples , 2014, ICLR.

[135] Eitan Farchi,et al. Applications of synchronization coverage , 2005, PPoPP.

[136] Georgeta Igna,et al. Distributed MILS Architectural Approach for Secure Smart Grids , 2014, SmartGridSec.

[137] Bharat Mishra,et al. Extended Taxonomy of Rule Extraction Techniques and Assessment of KDRuleEx , 2012 .

[138] Sijia Liu,et al. CNN-Cert: An Efficient Framework for Certifying Robustness of Convolutional Neural Networks , 2018, AAAI.

[139] Stefan Wagner,et al. Using STPA in Compliance with ISO 26262 for Developing a Safe Architecture for Fully Automated Vehicles , 2017, Automotive - Safety & Security.

[140] Gábor Orosz,et al. End-to-End Safe Reinforcement Learning through Barrier Functions for Safety-Critical Continuous Control Tasks , 2019, AAAI.

[141] Yang Li,et al. A Security Architecture in Cyber-Physical Systems: Security Theories, Analysis, Simulation and Application Fields , 2015 .

[142] John A. McDermid,et al. Formal Methods: Use and Relevance for the Development of Safety-Critical Systems , 1992, Comput. J..

[143] E Hicham,et al. Failure Mode and Effects Analysis (FMEA) , 2007 .

[144] Ksenija Dumicic. Representative Samples , 2011, International Encyclopedia of Statistical Science.

[145] Luca Maria Gambardella,et al. RoboNetSim: An integrated framework for multi-robot and network simulation , 2013, Robotics Auton. Syst..

[146] Geraint Rees,et al. Clinically applicable deep learning for diagnosis and referral in retinal disease , 2018, Nature Medicine.

[147] Christian Kreiner,et al. An Automotive Signal-Layer Security and Trust-Boundary Identification Approach , 2017, ANT/SEIT.

[148] Andrew Y. C. Nee,et al. Digital twin driven prognostics and health management for complex equipment , 2018 .

[149] Igor Nai Fovino,et al. Integrating cyber attacks within fault trees , 2009, Reliab. Eng. Syst. Saf..

[150] Soundar R. T. Kumara,et al. Cyber-physical systems in manufacturing , 2016 .

[151] Nancy G. Leveson,et al. Inside Risks An Integrated Approach to Safety and Security Based on Systems Theory , 2013 .

[152] Andreas Steininger,et al. Processor support for temporal predictability - the SPEAR design example , 2003, 15th Euromicro Conference on Real-Time Systems, 2003. Proceedings..

[153] P. Ramadge,et al. Supervisory control of a class of discrete event processes , 1987 .

[154] Günther Pernul,et al. Trust and Big Data: A Roadmap for Research , 2014, 2014 25th International Workshop on Database and Expert Systems Applications.

[155] David A. Clifton,et al. A review of novelty detection , 2014, Signal Process..

[156] Shankar Lal,et al. Towards Dependably Detecting Geolocation of Cloud Servers , 2017, NSS.

[157] Eduardo Tovar,et al. Symphony: routing aware scheduling for DSME networks , 2020, SIGBED.

[158] Rick Salay,et al. Towards a Framework to Manage Perceptual Uncertainty for Safe Automated Driving , 2018, SAFECOMP Workshops.

[159] Margaret Martonosi,et al. Data compression algorithms for energy-constrained devices in delay tolerant networks , 2006, SenSys '06.

[160] David A. Huffman,et al. A method for the construction of minimum-redundancy codes , 1952, Proceedings of the IRE.

[161] Rikard Söderberg,et al. Toward a Digital Twin for real-time geometry assurance in individualized production , 2017 .

[162] Dominik Domis,et al. Advances in component fault trees , 2018, Safety and Reliability – Safe Societies in a Changing World.

[163] Philip Koopman,et al. Toward a Framework for Highly Automated Vehicle Safety Validation , 2018 .

[164] Andreas Komninos,et al. Design and Run-Time Aspects of Secure Cyber-Physical Systems , 2019, Security and Quality in Cyber-Physical Systems Engineering.

[165] Gianluca Percoco,et al. Building a digital twin for additive manufacturing through the exploitation of blockchain: A case analysis of the aircraft industry , 2019, Comput. Ind..

[166] Péter Gáspár,et al. Security issues and vulnerabilities in connected car systems , 2015, 2015 International Conference on Models and Technologies for Intelligent Transportation Systems (MT-ITS).

[167] Antonella Certa,et al. ELECTRE TRI-based approach to the failure modes classification on the basis of risk parameters: An alternative to the risk priority number , 2017, Comput. Ind. Eng..

[168] Peter Schlicht,et al. The Attack Generator: A Systematic Approach Towards Constructing Adversarial Attacks , 2019, 2019 IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops (CVPRW).

[169] Nuno Pereira,et al. Formal security analysis of LoRaWAN , 2019, Comput. Networks.

[170] Insup Lee,et al. Verisig: verifying safety properties of hybrid systems with neural network controllers , 2018, HSCC.

[171] Walid G. Aref,et al. Online Piece-wise Linear Approximation of Numerical Streams with Precision Guarantees , 2009, Proc. VLDB Endow..

[172] Aaron Kane,et al. Runtime Monitoring for Safety-Critical Embedded Systems , 2015 .

[173] Gereon Weiss,et al. Benchmarking Uncertainty Estimation Methods for Deep Learning With Safety-Related Metrics , 2020, SafeAI@AAAI.

[174] Bernhard Schölkopf,et al. Incorporating invariances in nonlinear Support Vector Machines , 2001, NIPS 2001.

[175] Betty H.C. Cheng,et al. Security Patterns for Automotive Systems , 2019, 2019 ACM/IEEE 22nd International Conference on Model Driven Engineering Languages and Systems Companion (MODELS-C).

[176] Franklin Selgert. Cynefin Framework, DevOps and Secure IoT - Understanding the Nature of IoT Systems and Exploring Where in the DevOps Cycle Easy Gains Can Be Made to Increase Their Security , 2020, SAFECOMP Workshops.

[177] Xiaobin Zhang,et al. Co-simulation platforms for co-design of networked control systems: An overview , 2014 .

[178] Robert H. Klenke,et al. A multilevel cybersecurity and safety monitor for embedded cyber-physical systems: WIP abstract , 2018, ICCPS.

[179] Imre J. Rudas,et al. Assessment and Standardization of Autonomous Vehicles , 2018, 2018 IEEE 22nd International Conference on Intelligent Engineering Systems (INES).

[180] Martin Herrmann,et al. Leveraging combinatorial testing for safety-critical computer vision datasets , 2020, 2020 IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops (CVPRW).

[181] Ashish Tiwari,et al. Sherlock - A tool for verification of neural network feedback systems: demo abstract , 2019, HSCC.

[182] Ulrich Dahmen,et al. Experimentable Digital Twins for a Modeling and Simulation-based Engineering Approach , 2018, 2018 IEEE International Systems Engineering Symposium (ISSE).

[183] Thomas G. Dietterich,et al. Benchmarking Neural Network Robustness to Common Corruptions and Perturbations , 2018, ICLR.

[184] Pan He,et al. Adversarial Examples: Attacks and Defenses for Deep Learning , 2017, IEEE Transactions on Neural Networks and Learning Systems.

[185] Tim Miller,et al. Explanation in Artificial Intelligence: Insights from the Social Sciences , 2017, Artif. Intell..

[186] Alexandre Donzé,et al. Breach, A Toolbox for Verification and Parameter Synthesis of Hybrid Systems , 2010, CAV.

[187] Bernhard Schölkopf,et al. Incorporating Invariances in Support Vector Learning Machines , 1996, ICANN.

[188] Xin Zhang,et al. End to End Learning for Self-Driving Cars , 2016, ArXiv.

[189] Edmund M. Clarke,et al. Formal Methods: State of the Art and Future Directions Working Group Members , 1996 .

[190] Daniel Hsu. Time Series Compression Based on Adaptive Piecewise Recurrent Autoencoder , 2017, ArXiv.

[191] Richard Hawkins,et al. A Pattern for Arguing the Assurance of Machine Learning in Medical Diagnosis Systems , 2019, SAFECOMP.

[192] David Wagner,et al. Adversarial Examples Are Not Easily Detected: Bypassing Ten Detection Methods , 2017, AISec@CCS.

[193] Karl Aberer,et al. Towards Online Multi-model Approximation of Time Series , 2011, 2011 IEEE 12th International Conference on Mobile Data Management.

[194] Yoshua Bengio,et al. Understanding the difficulty of training deep feedforward neural networks , 2010, AISTATS.

[195] Tameru Hailesilassie,et al. Rule Extraction Algorithm for Deep Neural Networks: A Review , 2016, ArXiv.

[196] Peter van Beek,et al. Towards Standardization of AV Safety: C++ Library for Responsibility Sensitive Safety , 2019, 2019 IEEE Intelligent Vehicles Symposium (IV).

[197] N. Shahmehri,et al. An Integration of Reputation-based and Policy-based Trust Management , 2005 .

[198] Robi Malik,et al. A framework for compositional nonblocking verification of extended finite-state machines , 2015, Discret. Event Dyn. Syst..

[199] Daniel Fraunholz,et al. Using Temporal and Topological Features for Intrusion Detection in Operational Networks , 2019, ARES.

[200] László Monostori,et al. ScienceDirect Variety Management in Manufacturing . Proceedings of the 47 th CIRP Conference on Manufacturing Systems Cyber-physical production systems : Roots , expectations and R & D challenges , 2014 .

[201] Christoph Schmittner,et al. An Integrated View on Automotive SPICE, Functional Safety and Cyber-Security , 2020 .

[202] Adithya Thaduri,et al. Railway Defender Kill Chain to Predict and Detect Cyber-Attacks , 2020, J. Cyber Secur. Mobil..

[203] Jinsong Du,et al. Research on Digital Twin Technology for Production Line Design and Simulation , 2019 .

[204] Falko Dressler,et al. BARAKA: A Hybrid Simulator of SANETs , 2007, 2007 2nd International Conference on Communication Systems Software and Middleware.

[205] Ediz Şaykol,et al. On utilizing rust programming language for Internet of Things , 2017, 2017 9th International Conference on Computational Intelligence and Communication Networks (CICN).

[206] Elena Troubitsyna,et al. Deriving and Formalising Safety and Security Requirements for Control Systems , 2018, SAFECOMP.

[207] Christoph Schmittner,et al. Security Application of Failure Mode and Effect Analysis (FMEA) , 2014, SAFECOMP.

[208] Elena Troubitsyna,et al. Supporting Reuse in Event B Development: Modularisation Approach , 2010, ASM.

[209] Andrew Y. C. Nee,et al. Enabling technologies and tools for digital twin , 2019 .

[210] Eamonn J. Keogh,et al. Matrix Profile I: All Pairs Similarity Joins for Time Series: A Unifying View That Includes Motifs, Discords and Shapelets , 2016, 2016 IEEE 16th International Conference on Data Mining (ICDM).

[211] Alexander Grunwald,et al. LoRaWAN in a rural context: Use cases and opportunities for agricultural businesses , 2019 .

[212] Chung-Hao Huang,et al. nn-dependability-kit: Engineering Neural Networks for Safety-Critical Systems , 2018, ArXiv.

[213] Erik J Bekkers. B-Spline CNNs on Lie Groups , 2020, ICLR.

[214] Morteza Hashemi,et al. Intra-car multihop wireless sensor networking: a case study , 2014, IEEE Communications Magazine.

[215] Christopher Burgess,et al. beta-VAE: Learning Basic Visual Concepts with a Constrained Variational Framework , 2016, ICLR 2016.

[216] Zoubin Ghahramani,et al. Dropout as a Bayesian Approximation: Representing Model Uncertainty in Deep Learning , 2015, ICML.

[217] Nidhi Kalra,et al. The Enemy of Good , 2017 .

[218] Simon Burton,et al. Making the Case for Safety of Machine Learning in Highly Automated Driving , 2017, SAFECOMP Workshops.

[219] Tania Tudorache,et al. Employing Ontologies for an Improved Development Process in Collaborative Engineering , 2006 .

[220] Eduardo Tovar,et al. COPADRIVe - A Realistic Simulation Framework for Cooperative Autonomous Driving Applications , 2019, 2019 IEEE International Conference on Connected Vehicles and Expo (ICCVE).

[221] Amnon Shashua,et al. On a Formal Model of Safe and Scalable Self-driving Cars , 2017, ArXiv.

[222] Wee Kheng Leow,et al. FERNN: An Algorithm for Fast Extraction of Rules from Neural Networks , 2004, Applied Intelligence.

[223] J. A. McDermid,et al. Towards integrated safety analysis and design , 1994, SIAP.

[224] Martyn Thomas. The role of formal methods in achieving dependable software , 1994 .

[225] Ozan K. Tonguz,et al. Zigbee-based intra-car wireless sensor networks: a case study , 2007, IEEE Wireless Communications.

[226] Gerhard Fischer,et al. Context-aware systems: the 'right' information, at the 'right' time, in the 'right' place, in the 'right' way, to the 'right' person , 2012, AVI.

[227] Siani Pearson,et al. Trusted Computing Platforms: TCPA Technology in Context , 2002 .

[228] Matthias Hein,et al. Why ReLU Networks Yield High-Confidence Predictions Far Away From the Training Data and How to Mitigate the Problem , 2018, 2019 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR).

[229] Bernhard Kaiser,et al. State/event fault trees - A safety analysis model for software-controlled systems , 2007, Reliab. Eng. Syst. Saf..

[230] Martin Schels,et al. Strategies for Safety Goal Decomposition for Neural Networks , 2020 .

[231] Timo Sämann,et al. Strategy to Increase the Safety of a DNN-based Perception for HAD Systems , 2020, ArXiv.

[232] Timo Hämäläinen,et al. Model for sharing the information of cyber security situation awareness between organizations , 2016, International Conference on Telecommunications.

[233] Marco Caccamo,et al. BusMOP : a Runtime Monitoring Framework for PCI Peripherals , 2008 .

[234] R. Gmbh,et al. Securing Vehicular On-Board IT Systems : The EVITA Project , 2009 .

[235] Wei Liu,et al. SSD: Single Shot MultiBox Detector , 2015, ECCV.

[236] Min Wu,et al. Safety Verification of Deep Neural Networks , 2016, CAV.

[237] Tim Kelly. A Systematic Approach to Safety Case Management , 2004 .

[238] Chaoyang Zhang,et al. Digital twin-driven rapid reconfiguration of the automated manufacturing system via an open architecture model , 2020, Robotics Comput. Integr. Manuf..

[239] Stéphane Mallat,et al. Understanding deep convolutional networks , 2016, Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences.

[240] Andrew Y. Ng,et al. Improving palliative care with deep learning , 2017, 2017 IEEE International Conference on Bioinformatics and Biomedicine (BIBM).

[241] Eric Armengaud,et al. A Review of Threat Analysis and Risk Assessment Methods in the Automotive Context , 2016, SAFECOMP.

[242] Christoph Schmittner,et al. RISKEE: A Risk-Tree Based Method for Assessing Risk in Cyber Security , 2019, EuroSPI.

[243] Manfred Morari,et al. Efficient and Accurate Estimation of Lipschitz Constants for Deep Neural Networks , 2019, NeurIPS.

[244] Jie Li,et al. A digital twin-driven approach for the assembly-commissioning of high precision products , 2020, Robotics Comput. Integr. Manuf..

[245] Manuel Mazzara,et al. From DevOps to DevDataOps: Data Management in DevOps processes , 2019, DEVOPS.

[246] J. Zico Kolter,et al. Provable defenses against adversarial examples via the convex outer adversarial polytope , 2017, ICML.

[247] Xabier Larrucea,et al. Approach for Enabling Security Across PLC Phases: An Industrial Use Case , 2018, EuroSPI.

[248] Wolfgang Ahrendt,et al. Verification of Decision Making Software in an Autonomous Vehicle: An Industrial Case Study , 2019, FMICS.

[249] Sergio Caltagirone,et al. The Diamond Model of Intrusion Analysis , 2013 .

[250] Michail Maniatakos,et al. Impact of firmware modification attacks on power systems field devices , 2015, 2015 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[251] Zachary C. Lipton,et al. The Doctor Just Won't Accept That! , 2017, 1711.08037.

[252] Lei Ma,et al. DeepGauge: Multi-Granularity Testing Criteria for Deep Learning Systems , 2018, 2018 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE).

[253] Raymond McCall,et al. Rationale Management in Software Engineering , 2006 .

[254] Luciano Floridi,et al. Why a Right to Explanation of Automated Decision-Making Does Not Exist in the General Data Protection Regulation , 2017 .

[255] Nancy G. Leveson,et al. Engineering a Safer World: Systems Thinking Applied to Safety , 2012 .

[256] Luís Almeida,et al. Network Interference on Cooperative Mobile Robots Consensus , 2015, ROBOT.

[257] Radu Calinescu,et al. Assuring the Machine Learning Lifecycle , 2019, ACM Comput. Surv..

[258] Ewen Denney,et al. Towards Measurement of Confidence in Safety Cases , 2011, 2011 International Symposium on Empirical Software Engineering and Measurement.

[259] Eduardo Tovar,et al. Towards a Realistic Simulation Framework for Vehicular Platooning Applications , 2019, 2019 IEEE 22nd International Symposium on Real-Time Distributed Computing (ISORC).

[260] Yu Zheng,et al. An application framework of digital twin and its case study , 2018, Journal of Ambient Intelligence and Humanized Computing.

[261] Markus Maurer,et al. Ontology based Scene Creation for the Development of Automated Vehicles , 2017, 2018 IEEE Intelligent Vehicles Symposium (IV).

[262] Gerhard Schellhorn,et al. Model Checking FTA , 2003, FME.

[263] W E Vesely,et al. Fault Tree Handbook , 1987 .

[264] Liming Zhu,et al. DevOps - A Software Architect's Perspective , 2015, SEI series in software engineering.

[265] Percy Liang,et al. Understanding Black-box Predictions via Influence Functions , 2017, ICML.

[266] Elena Troubitsyna,et al. Augmenting Event-B modelling with real-time verification , 2012, 2012 First International Workshop on Formal Methods in Software Engineering: Rigorous and Agile Approaches (FormSERA).

[267] Mykel J. Kochenderfer,et al. Reluplex: An Efficient SMT Solver for Verifying Deep Neural Networks , 2017, CAV.

[268] G. Brier. VERIFICATION OF FORECASTS EXPRESSED IN TERMS OF PROBABILITY , 1950 .

[269] Been Kim,et al. Towards A Rigorous Science of Interpretable Machine Learning , 2017, 1702.08608.

[270] Christian Diedrich,et al. Development of Injection Attacks Toolbox in MATLAB/Simulink for Attacks Simulation in Industrial Control System Applications , 2019, 2019 IEEE 17th International Conference on Industrial Informatics (INDIN).

[271] Michael Fisher,et al. Towards Moral Autonomous Systems , 2017, ArXiv.

[272] Kazuhiro Ogata,et al. Formal fault tree analysis of state transition systems , 2005, Fifth International Conference on Quality Software (QSIC'05).

[273] Knut Åkesson,et al. Modeling of discrete event systems using finite automata with variables , 2007, 2007 46th IEEE Conference on Decision and Control.

[274] Matthias Woehrle,et al. Revisiting Neuron Coverage and Its Application to Test Generation , 2020, SAFECOMP Workshops.

[275] Nesrine Kaaniche,et al. A blockchain-based data usage auditing architecture with enhanced privacy and availability , 2017, 2017 IEEE 16th International Symposium on Network Computing and Applications (NCA).

[276] Todd K. Leen,et al. From Data Distributions to Regularization in Invariant Learning , 1995, Neural Computation.

[277] Christoph Schmittner,et al. Using SAE J3061 for Automotive Security Requirement Engineering , 2016, SAFECOMP Workshops.

[278] Amina Adadi,et al. Peeking Inside the Black-Box: A Survey on Explainable Artificial Intelligence (XAI) , 2018, IEEE Access.

[279] Zbigniew T. Kalbarczyk,et al. Data Integrity Threats and Countermeasures in Railway Spot Transmission Systems , 2017, ACM Trans. Cyber Phys. Syst..

[280] Xin Chen,et al. Flow*: An Analyzer for Non-linear Hybrid Systems , 2013, CAV.

[281] Kevin I-Kai Wang,et al. Digital Twin-driven smart manufacturing: Connotation, reference model, applications and research issues , 2020, Robotics Comput. Integr. Manuf..

[282] Sanjai Rayadurgam,et al. Structuring simulink models for verification and reuse , 2014, MiSE 2014.

[283] Christian Haase-Schuetz,et al. Estimating Labeling Quality with Deep Object Detectors , 2019, 2019 IEEE Intelligent Vehicles Symposium (IV).

[284] Rick Salay,et al. Bayesian Uncertainty Quantification with Synthetic Data , 2019, SAFECOMP Workshops.

[285] Michael Kläs,et al. Uncertainty Wrappers for Data-Driven Models - Increase the Transparency of AI/ML-Based Models Through Enrichment with Dependable Situation-Aware Uncertainty Estimates , 2019, SAFECOMP Workshops.

[286] Himabindu Lakkaraju,et al. "How do I fool you?": Manipulating User Trust via Misleading Black Box Explanations , 2019, AIES.

[287] Hongfei Jiang,et al. Digital twin-based opti-state control method for a synchronized production operation system , 2020, Robotics Comput. Integr. Manuf..

[288] Sebastian Nowozin,et al. Can You Trust Your Model's Uncertainty? Evaluating Predictive Uncertainty Under Dataset Shift , 2019, NeurIPS.

[289] Rick Salay,et al. An Analysis of ISO 26262: Using Machine Learning Safely in Automotive Software , 2017, ArXiv.

[290] Siti-Farhana Lokman,et al. Intrusion detection system for automotive Controller Area Network (CAN) bus system: a review , 2019, EURASIP J. Wirel. Commun. Netw..

[291] Elena Troubitsyna,et al. Refinement of Fault Tolerant Control Systems in B , 2004, SAFECOMP.

[292] Ewen Denney,et al. Safety considerations for UAS ground-based detect and avoid , 2016, 2016 IEEE/AIAA 35th Digital Avionics Systems Conference (DASC).

[293] William J. Clancey,et al. Explanation in Human-AI Systems: A Literature Meta-Review, Synopsis of Key Ideas and Publications, and Bibliography for Explainable AI , 2019, ArXiv.

[294] Philip Koopman,et al. Autonomous Vehicles Meet the Physical World: RSS, Variability, Uncertainty, and Proving Safety , 2019, SAFECOMP.

[295] Christoph Schmittner,et al. Towards Integrated Quantitative Security and Safety Risk Assessment , 2019, SAFECOMP Workshops.

[296] Jay Lee,et al. A comprehensive framework of factory-to-factory dynamic fleet-level prognostics and operation management for geographically distributed assets , 2015, 2015 IEEE International Conference on Automation Science and Engineering (CASE).

[297] Devu Manikantan Shila,et al. I can detect you: Using intrusion checkers to resist malicious firmware attacks , 2016, 2016 IEEE Symposium on Technologies for Homeland Security (HST).

[298] Joan Bruna,et al. Intriguing properties of neural networks , 2013, ICLR.

[299] Haim Sompolinsky,et al. Separability and geometry of object manifolds in deep neural networks , 2019, Nature Communications.

[300] Ludovic Piètre-Cambacédès,et al. Safety and Security Interactions Modeling Using the BDMP Formalism: Case Study of a Pipeline , 2014, SAFECOMP.

[301] Alex Kendall,et al. What Uncertainties Do We Need in Bayesian Deep Learning for Computer Vision? , 2017, NIPS.

[302] Pai Zheng,et al. A generic tri-model-based approach for product-level digital twin development in a smart manufacturing environment , 2020, Robotics Comput. Integr. Manuf..

[303] Lars Mathiassen,et al. Agility in a small software firm: a sense-and-respond analysis , 2008, Int. J. Bus. Inf. Syst..

[304] Tero Kokkonen,et al. Pedagogical Aspects of Cyber Security Exercises , 2019, 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW).

[305] Sanjit A. Seshia,et al. Compositional Falsification of Cyber-Physical Systems with Machine Learning Components , 2017, NFM.

[306] Salvatore J. Bavuso,et al. Dynamic fault-tree models for fault-tolerant computer systems , 1992 .

[307] Elena Troubitsyna,et al. Co-engineering Safety and Security in Industrial Control Systems: A Formal Outlook , 2017, SERENE.

[308] Girish Keshav Palshikar. Temporal fault trees , 2002, Inf. Softw. Technol..

[309] Elena Troubitsyna,et al. Verifying Mode Consistency for On-Board Satellite Software , 2010, SAFECOMP.

[310] Nidhi Kalra,et al. Measuring Automated Vehicle Safety , 2018 .

[311] Christoph Schmittner,et al. Co-Engineering-in-the-Loop , 2018, SAFECOMP Workshops.

[312] Jeetendra Shenoy,et al. IOT in agriculture , 2016, 2016 3rd International Conference on Computing for Sustainable Global Development (INDIACom).

[313] Yuval Elovici,et al. Deriving a Cost-Effective Digital Twin of an ICS to Facilitate Security Evaluation , 2018, ESORICS.

[314] Ibrahim Habli,et al. An Assurance Case Pattern for the Interpretability of Machine Learning in Safety-Critical Systems , 2020, SAFECOMP Workshops.

[315] Guido Bologna,et al. A model for single and multiple knowledge based networks , 2003, Artif. Intell. Medicine.

[316] Volker Turau,et al. OpenDSME - a portable framework for reliable wireless sensor and actuator networks , 2017, 2017 International Conference on Networked Systems (NetSys).

[317] Jingyue Li,et al. Testing and verification of neural-network-based safety-critical control software: A systematic literature review , 2020, Inf. Softw. Technol..

[318] Sofie Pollin,et al. Chirp spread spectrum as a modulation technique for long range communication , 2016, 2016 Symposium on Communications and Vehicular Technologies (SCVT).

[319] Daniel Kroening,et al. Concolic Testing for Deep Neural Networks , 2018, 2018 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE).

[320] Michael Kläs,et al. Uncertainty in Machine Learning Applications: A Practice-Driven Classification of Uncertainty , 2018, SAFECOMP Workshops.

[321] Alwyn E. Goodloe,et al. Monitoring Distributed Real-Time Systems: A Survey and Future Directions , 2010 .

[322] Marion Lepmets,et al. Exploring the use of the cynefin framework to inform software development approach decisions , 2015, ICSSP.

[323] Jürgen Roßmann,et al. Simulation-based Verification with Experimentable Digital Twins in Virtual Testbeds , 2018 .

[324] Jim Woodcock,et al. Cyber-Physical Systems Design: Formal Foundations, Methods and Integrated Tool Chains , 2015, 2015 IEEE/ACM 3rd FME Workshop on Formal Methods in Software Engineering.

[325] Aleksander Madry,et al. Exploring the Landscape of Spatial Robustness , 2017, ICML.

[326] Hans D. Schotten,et al. Time is of the Essence: Machine Learning-Based Intrusion Detection in Industrial Time Series Data , 2018, 2018 IEEE International Conference on Data Mining Workshops (ICDMW).

[327] Sohag Kabir,et al. An overview of fault tree analysis and its application in model based dependability analysis , 2017, Expert Syst. Appl..

[328] Oliver Zendel,et al. CV-HAZOP: Introducing Test Data Validation for Computer Vision , 2015, 2015 IEEE International Conference on Computer Vision (ICCV).

[329] Dan Popescu,et al. Modeling for deployment techniques for intra-car wireless sensor networks , 2014, 2014 18th International Conference on System Theory, Control and Computing (ICSTCC).

[330] Ibrahim Habli,et al. Artificial intelligence in health care: accountability and safety , 2020, Bulletin of the World Health Organization.

[331] Elena Troubitsyna,et al. Towards Security-Explicit Formal Modelling of Safety-Critical Systems , 2016, SAFECOMP.

[332] Elena Troubitsyna,et al. Patterns for Refinement Automation , 2009, FMCO.

[333] Nils Ole Tippenhauer,et al. On Attacker Models and Profiles for Cyber-Physical Systems , 2016, ESORICS.

[334] Martin Schels,et al. A Survey on Methods for the Safety Assurance of Machine Learning Based Systems , 2020 .

[335] Germán Ros,et al. CARLA: An Open Urban Driving Simulator , 2017, CoRL.

[336] Sebastian Sudholt,et al. Safety Concerns and Mitigation Approaches Regarding the Use of Deep Learning in Safety-Critical Perception Tasks , 2020, SAFECOMP Workshops.

[337] Rich Caruana,et al. Predicting good probabilities with supervised learning , 2005, ICML.

[338] Daniel Kroening,et al. Structural Test Coverage Criteria for Deep Neural Networks , 2019, 2019 IEEE/ACM 41st International Conference on Software Engineering: Companion Proceedings (ICSE-Companion).

[339] Milos Hauskrecht,et al. Obtaining Well Calibrated Probabilities Using Bayesian Binning , 2015, AAAI.

[340] Xiaoxing Ma,et al. DISSECTOR: Input Validation for Deep Learning Applications by Crossing-layer Dissection , 2020, 2020 IEEE/ACM 42nd International Conference on Software Engineering (ICSE).

[341] Abhishek Das,et al. Grad-CAM: Visual Explanations from Deep Networks via Gradient-Based Localization , 2016, 2017 IEEE International Conference on Computer Vision (ICCV).

[342] Vinton G. Cerf,et al. A comprehensive self-driving car test , 2018, Commun. ACM.

[343] Vladimir Cherkassky,et al. The Nature Of Statistical Learning Theory , 1997, IEEE Trans. Neural Networks.

[344] Tianjian Chen,et al. Federated Machine Learning: Concept and Applications , 2019 .

[345] Christoph Schmittner,et al. Assuring Compliance with Protection Profiles with ThreatGet , 2019, SAFECOMP Workshops.

[346] Oliver Zendel,et al. WildDash - Creating Hazard-Aware Benchmarks , 2018, ECCV.

[347] Massimiliano Albanese,et al. Measuring Trust in Big Data , 2013, ICA3PP.

[348] Ludovic Apvrille,et al. Harmonizing Safety, Security and Performance Requirements in Embedded Systems , 2019, Design, Automation and Test in Europe.

[349] Gabriela Limonta Marquez. Using Remote Attestation of Trust for Computer Forensics , 2018 .

[350] Jean-Rémy Falleri. Contributions à l'IDM : reconstruction et alignement de modèles de classes , 2009 .

[351] Tim Kelly,et al. Establishing Safety Criteria for Artificial Neural Networks , 2003, KES.

[352] Eduardo Tovar,et al. IEEE 802.15.4e in a Nutshell: Survey and Performance Evaluation , 2018, IEEE Communications Surveys & Tutorials.

[353] Stephen Dunlap,et al. An evaluation of modification attacks on programmable logic controllers , 2014, Int. J. Crit. Infrastructure Prot..

[354] Yoshua Bengio,et al. Gradient-based learning applied to document recognition , 1998, Proc. IEEE.

[355] Eduardo Tovar,et al. Worst-case bound analysis for the time-critical MAC behaviors of IEEE 802.15.4e , 2017, 2017 IEEE 13th International Workshop on Factory Communication Systems (WFCS).

[356] Dave Astels,et al. The RSpec Book: Behaviour Driven Development with RSpec, Cucumber, and Friends , 2010 .

[357] H. Tsukimoto,et al. Rule extraction from neural networks via decision tree induction , 2001, IJCNN'01. International Joint Conference on Neural Networks. Proceedings (Cat. No.01CH37222).

[358] Ozan K. Tonguz,et al. Feasibility of Safety Applications Based on Intra-Car Wireless Sensor Networks: A Case Study , 2011, 2011 IEEE Vehicular Technology Conference (VTC Fall).

[359] J. Zico Kolter,et al. Adversarial camera stickers: A physical camera-based attack on deep learning systems , 2019, ICML.

[360] Syed Taqi Ali,et al. A comparative survey of searchable encryption schemes , 2017, 2017 8th International Conference on Computing, Communication and Networking Technologies (ICCCNT).

[361] Knut Åkesson,et al. Supremica–An Efficient Tool for Large-Scale Discrete Event Systems , 2017 .

[362] Diego Gambetta. Can We Trust Trust , 2000 .

[363] Elena Troubitsyna,et al. Formal Derivation of a Distributed Program in Event B , 2011, ICFEM.

[364] Philip Koopman,et al. Safety Argument Considerations for Public Road Testing of Autonomous Vehicles , 2019, SAE Technical Paper Series.

[365] R. Srikant,et al. Principled Detection of Out-of-Distribution Examples in Neural Networks , 2017, ArXiv.

[366] Max Welling,et al. Group Equivariant Convolutional Networks , 2016, ICML.

[367] José M. del Álamo,et al. Organizing Design Patterns for Privacy: A Taxonomy of Types of Relationships , 2017, EuroPLoP.