“Autonomous systems may seem straightforward but making them safe can quickly get very complicated” – Interview with Andrew Hawthorn, Chief Architect, High-Integrity Systems at Capgemini

Posted on September 09, 2025

The High Integrity Software Conference (HISC) – brought to you by AdaCore and Capgemini – is a unique gathering of software engineering practitioners from all safety critical domains.

With panels, exhibitions, and lightning talks from industry leaders, attendees will walk away with exclusive insights and important techniques applicable across industry sectors.

In this blog, Andrew Hawthorn, Chief Architect, High-Integrity Systems at Capgemini, shares his thoughts on the critical importance of software resilience and how the HISC fosters the strong collaboration our industry needs to achieve it.

What is the most disruptive trend shaping the future of high-integrity software today?

The stock answer would be Generative AI (Gen AI) but in the high-integrity world we need to be very cautious – so while lots of people are talking about Gen AI, there isn’t much use of it. Going forwards, I think the combination of Gen AI and formal methods will enable people working on high-integrity systems to use Gen AI with confidence.

How is society’s growing dependence on software changing the role of high integrity systems?

Everyone expects more automation and that leads to a greater dependence on software and, more importantly, highly dependable software. There is currently a lot of automation software that is written to lower standards to save money, but it requires a person in-the-loop to always monitor it (for example, driver assistance systems in your car). As systems get more complex and this monitoring becomes harder to achieve – and as we’re better able to develop highly dependable software more cost-effectively, with the aid of the combination of Gen AI and formal methods – I expect to see increasingly more high-integrity systems.

What’s one challenge in high-integrity software that keeps you up at night, and how are you tackling it?

The key challenge is getting the requirements for the software right. At first, autonomous systems may seem straightforward, but when you start thinking about the failure scenarios, the need to make sure they are safe, and how to harden them against cyber security attacks, the requirements for them can quickly get very complicated.

Capgemini uses an approach called REVEAL to ensure we understand the wider system context, elicit requirements from all stakeholders, use tools like SysML to model the system and formal methods to create executable models, and enable us to ask searching questions like “will X always be true?”.

What role will AI and machine learning play in the future of high integrity systems?

AI and Machine Learning are being actively developed to enable high-integrity systems to achieve more and operate in more scenarios than they currently can. The technologies will be used to optimise systems to ever greater extent – for example, fuel burn in a jet engine or flight paths over the UK. In this scenario the AI doesn’t need to be certified to a high integrity because guardrails can be put around them. However, there will be push from enterprises, particularly startups, to use AI to extend the scope of operation of autonomous systems in ways that traditional software systems cannot keep an eye on them.

What’s one piece of advice you’d give to the next generation of engineers entering this field?

Be prepared to learn new skills, quickly. The technology we use in this sector is going to evolve more rapidly than we’ve ever seen in the past.

How do you see the balance between safety and security evolving in high-integrity software?

Safety and security go hand-in-hand because you can’t be safe if you aren’t secure. The issue traditionally has been that we don’t want to update safety critical systems regularly because they are costly to re-certify, but to keep things secure, we need to ensure they are using the latest versions of commercial and open-source products. Advances in Continuous Integration/ Continuous Deployment (CI/CD) plus the combination of AI and formal methods will reduce the overheads of re-certification and enable us to balance better safety and security.

What’s one innovation or tool you believe will redefine how we build trustworthy systems?

I think it will be the combination of AI and formal methods.

What excites you most about the future of high-integrity software?

I think that one day we will be able to build high-integrity software so efficiently that all control and monitoring systems will be built using high-integrity techniques, not just those that are SIL2+.

Register now for the High Integrity Software Conference.

The HISC will take place on Thursday 13th November at the International Convention Centre (ICC) Wales.

In addition to sharing exclusive insights and opinions, cross-industry leaders will demonstrate state-of-the-art high assurance software throughout the conference exhibition space. Providing networking opportunities to form new collaborations and disseminate high integrity software-related research.

Register now to avoid disappointment.