Context: Exploratory Testing (ET) is a manual approach to software testing in which learning, test design and test execution occurs simultaneously. Still a developing topic of interest to academia, although as yet insufficiently investigated, most studies focus on the skills and experience of the individual tester. However, contextual factors such as project processes, test scope and organisational boundaries are also likely to affect the approach.

Objective: This study explores contextual differences between teams of testers at a MedTec firm developing safety-critical products to ascertain whether contextual factors can influence the outcomes of ET, and what associated implications can be drawn for test management.

Method: A development project was studied in two iterations, each consisting of a quantitative phase testing hypotheses concerning when ET would identify faults in comparison to other testing approaches and a qualitative phase involving interviews.

Results: Influence on ET is traced to how the scope of tests focus learning on different types of knowledge and imply an asymmetry in the strength and number of information flows to test teams.

Conclusions: While test specialisation can be attractive to software development organisations, results suggest changes to processes and organisational structures might be required to maintain test efficiency throughout projects: the responsibility for test cases might need to be rotated late in projects, and asymmetries in information flows might require management to actively strengthen the presence and connections of test teams throughout the firm. However, further research is needed to investigate whether these results also hold for non safety-critical faults.

The security and safety of Cyber-Physical Systems (CPS) often influence each other. Ensuring that this does not have negative implications might require a large and rigorous effort during the development of CPS. However, early in the lifecycle, quick feedback can be valuable helping security and safety engineers to understand how seemingly trivial design choices in their domain may have unacceptable implications in the other.

We propose the Cyber Risk Assessment Framework (CRAF) for this purpose. The CRAF is based on openly available and widely used taxonomies from the safety and security domains, and a unique mapping of where loss of data security may impact aspects of data with safety implications. This paper represents the first time these different elements have been brought together into a single framework with an associated process. Through examples from within our organisations we show how this framework can be put to good use.

Cyber-physical systems (CPS) are developed through the cooperation of several engineering disciplines. Powerful software tools are utilized by each individual discipline, but it remains challenging to connect these into tool chains for increased efficiency. To support this endeavour, the literature on interoperability assessment was surveyed to identify concepts valuable to transfer from the interoperability to the tool integration research field.

Implementation options, types of interoperability and domains described in interoperability assessment models were concepts identified as directly transferable. To avoid the problems with uptake that plague the models identified, visual analytics is suggested as a vehicle for the transfer. Furthermore, based on the use of non-functional properties as an underlying motivation for these models, cost, performance and sustainability are suggested as a common base for future research in both discourses.

Organizations in the automotive domain, which aim to transition into developing fully autonomous vehicles face many challenges. These range from organizational issues to engineering concerns. This paper builds on structured interviews with professionals from industry and academia to provide a deeper understanding of existing problems. Standards, safety analysis, legacy assumptions related to having a human driver, and increased complexity and complexity handling were raised as important concerns. The analysis of these concern leads us to consider the current relationship between academia and industry as too disconnected. There is a risk that new techniques developed by academia end up irrelevant to industry. This underlying problem, and others relevant to autonomy, might be solved by collaborative research between different automotive companies. However, there are experts that challenge the underlying need for such collaboration. Therefore, externally to automotive companies, new expert arenas might be required in order to facilitate an exchange of ideas that lead to new collaboration efforts. Internally to automotive companies, the changes brought on by autonomy will lead to organizational changes and the creation of new roles. These organizational changes will have to be managed, or otherwise unnecessary conflict might occur between new and old roles.

Machines are displaying a trend of increasing autonomy. This has a far reaching impact on the architectures of the embedded systems within the machine. The impact needs to be clearly understood and the main obstacles to autonomy need to be identified. The obstacles, especially from an industrial perspective, are not just technological butalso relate to system aspects like certification, development processes and product safety. In this paper, we identify and discuss some of the main obstacles to autonomy from the viewpoint of technical specialists working on advanced industrial product development. The identified obstacles cover topics like world modeling, user interaction, complexity and system safety.

Leveraging on a comprehensive analysis of cyber-physical systems (CPSs) in Europe, this chapter presents overall findings focusing on (1) a characterization of CPS, (2) opportunities and challenges in representative CPS application domains, and (3) recommendations for action resulting from a cross-domain analysis. The characterization enables a high-level description of a CPS, or classes of CPS, according to their technical emphasis, cross-cutting aspects, level of automation, and life-cycle integration. We illustrate how these characteristics can be used to relate to design issues, systems, and related terms.The recommendations are to: (1) strengthen cross-disciplinary research collaboration, (2) foster CPS education and training, (3) stimulate public-private partnerships for CPS technology experimentation and to ensure dependable information and communication technology (ICT) infrastructure, (4) promote interoperability of CPS technology, (5) anticipate new business models and support open innovation, (6) ensure trustworthiness including safety and security, and (7) favor human-centered approaches to CPS. 

Complex-engineering projects include artefacts from several engineering disciplines such as mechanical, electrical, software components, processes and plans. While software tools can be powerful in each individual discipline, it is difficult to build integrated tool chains. Moreover, it is challenging to evaluate and update existing tool chains. At the same time, the field of visualization is getting mature and visual analytics promises an opportunity to develop knowledge, methods, technologies and practice for exploiting and combining the strengths of human and data. We consider this as a potential to evaluate current tool chains. This position paper discusses the visualization and visual analytics practices to assess existing tool chains performance.

A system-of-systems (SoS) is inherently open inconfiguration and evolutionary in lifecycle. For the nextgeneration of cooperative cyber-physical system-of-systems,safety and security constitute two key issues of public concernthat affect the deployment and acceptance. In engineering, theopenness and evolutionary nature also entail radical paradigmshifts. This paper presents one novel approach to thedevelopment of qualified cyber-physical system-of-systems, withCooperative Intelligent Transport Systems (C-ITS) as one target.The approach, referred to as knowledge-in-the-loop, aims toallow a synergy of well-managed lifecycles, formal qualityassurance, and smart system features. One research goal is toenable an evolutionary development with continuous andtraceable flows of system rationale from design-time to postdeploymenttime and back, supporting automated knowledgeinference and enrichment. Another research goal is to develop aformal approach to risk-aware dynamic treatment of safety andsecurity as a whole in the context of system-of-systems. Key basetechnologies include: (1) EAST-ADL for the consolidation ofsystem-wide concerns and for the creation of an ontology foradvanced run-time decisions, (2) Learning Based-Testing for runtimeand post-deployment model inference, safety monitoringand testing, (3) Provable Isolation for run-time attack detectionand enforcement of security in real-time operating systems.

The tool integration research area emerged in the 1980s. This survey focuses on those strands of tool integration research that discuss issues beyond technology.

We reveal a discourse centered around six frequently mentioned non-functional properties. These properties have been discussed in relation to technology and high level issues. However, while technical details have been covered, high level issues and, by extension, the contexts in which tool integration can be found, are treated indifferently. We conclude that this indifference needs to be challenged, and research on a larger set of stakeholders and contexts initiated.

An inventory of the use of classification schemes underlines the difficulty of evolving the classical classification scheme published by Wasserman. Two frequently mentioned redefinitions are highlighted to facilitate their wider use.

A closer look at the limited number of research methods and the poor attention to research design indicates a need for a changed set of research methods. We propose more critical case studies and method diversification through theory triangulation.

Additionally, among disparate discourses we highlight several focusing on standardization which are likely to contain relevant findings. This suggests that open communities employed in the context of (pre-)standardization could be especially important in furthering the targeted discourse.

High profile systemic safety standards for Cyber-Physical Systems (CPS) development within the transportation domain have commonalities with regard to their view of the safety-related implications of tool usage. Their guidelines on tool qualification favor a bottom-up approach in which tools are dealt with in isolation and mostly if they may directly introduce faults into end products. This guidance may ignore risk introduced by the integration of software tools, especially if these risks are related to low levels of automation - such as process notifications and improper graphical user interfaces. This paper presents a study that ties weaknesses in support environments to software faults. Based on the observed weaknesses guidelines for a top-down software tool chain qualification are suggested for inclusion in the next generation of safety standards. This has implications not only for the surveyed standards in the transportation domain, but also for other standards for safety-critical CPS development that do not include a broader view on risks related to tool usage. Furthermore, given the type of omission identified in the surveyed standards, it is suggested that researchers interested in the safety-related implications of tool integration should approach organizational research in search of possibilities to set up theory triangulation studies.