In August 2021 the ISO 21434:2021 standard for Road vehicles—Cybersecurity Engineering has been p... more In August 2021 the ISO 21434:2021 standard for Road vehicles—Cybersecurity Engineering has been published. At the same time the blue book from VDA (Verein der Deutschen Automobilgesellschaft; German Automotive Association) for Automotive SPICE cybersecurity assessments has been released. In addition in the period September–December 2021 the training material for iNTACS (INTernational Assessor Certification Schema) certified Automotive SPICE for cybersecurity assessors has been developed. Since February 2022 the upgrade training of assessors worldwide has started. Beside the ASPICE (Automotive SPICE) for cybersecurity blue book also a red book from VDA has been published. The red book describes the questions to check in an ACSMS (Automotive CyberSecurity Management System) audit. This paper explains the main strategy and content for ASPICE for Cybersecurity assessments and how such assessments are integrated to the overall ACSMS strategy. Also, the paper outlines an example method and tool used in ASPICE for cybersecurity assessments and how such assessment results will look like.
Proceedings of the 24th European Conference on Pattern Languages of Programs
Uncertainty is an inherent property of all measurements, statistics, or generally all communicati... more Uncertainty is an inherent property of all measurements, statistics, or generally all communication involving numbers. Whenever numerical data is communicated, the uncertainty or confidence in this data should also be included. Neglecting it, or communicating it in an ambiguous way, leads to misinterpretation and misunderstandings. There are some well-known and proven patterns to avoid such problems. In this paper we present a collection of patterns for the communication of numerical uncertainty. These patterns revolve around three areas of applications: textual, numerical, and graphical. For numerical representations the pattern Numbers with Uncertainties is shown. For textual descriptions Words of Estimative Probability, Numeric Hedge Words and Quantitative Comparisons are explained, and for graphical visualization Error Indicator and Distribution Plots are described. The paper is targeted towards communicators, visualizers, reporters, as well as developers, engineers, and researchers of solutions for problems which involve uncertainty.
In August 2021 the ISO 21434:2021 standard for Road vehicles—Cybersecurity Engineering has been p... more In August 2021 the ISO 21434:2021 standard for Road vehicles—Cybersecurity Engineering has been published. At the same time the blue book from VDA (Verein der Deutschen Automobilgesellschaft; German Automotive Association) for Automotive SPICE cybersecurity assessments has been released. In addition in the period September–December 2021 the training material for iNTACS (INTernational Assessor Certification Schema) certified Automotive SPICE for cybersecurity assessors has been developed. Since February 2022 the upgrade training of assessors worldwide has started. Beside the ASPICE (Automotive SPICE) for cybersecurity blue book also a red book from VDA has been published. The red book describes the questions to check in an ACSMS (Automotive CyberSecurity Management System) audit. This paper explains the main strategy and content for ASPICE for Cybersecurity assessments and how such assessments are integrated to the overall ACSMS strategy. Also, the paper outlines an example method and tool used in ASPICE for cybersecurity assessments and how such assessment results will look like.
Proceedings of the 24th European Conference on Pattern Languages of Programs
Uncertainty is an inherent property of all measurements, statistics, or generally all communicati... more Uncertainty is an inherent property of all measurements, statistics, or generally all communication involving numbers. Whenever numerical data is communicated, the uncertainty or confidence in this data should also be included. Neglecting it, or communicating it in an ambiguous way, leads to misinterpretation and misunderstandings. There are some well-known and proven patterns to avoid such problems. In this paper we present a collection of patterns for the communication of numerical uncertainty. These patterns revolve around three areas of applications: textual, numerical, and graphical. For numerical representations the pattern Numbers with Uncertainties is shown. For textual descriptions Words of Estimative Probability, Numeric Hedge Words and Quantitative Comparisons are explained, and for graphical visualization Error Indicator and Distribution Plots are described. The paper is targeted towards communicators, visualizers, reporters, as well as developers, engineers, and researchers of solutions for problems which involve uncertainty.
Uploads
Papers by Georg Macher