Certification of a Scade 6 compiler

Size: px
Start display at page:

Download "Certification of a Scade 6 compiler"

Transcription

1 Certification of a Scade 6 compiler F-X Fornari Esterel Technologies 1

2 Introduction Topic : What does mean developping a certified software? In particular, using embedded sofware development rules! What are the constraints and the challenges? Presentation of DO-178B Context, and what it is How it was applied for KCG What is the process for a tool such as KCG What are the impacts / the choices 2

3 Esterel Technologies - Mission To provide critical embedded system and software developers a certified, domain optimized, modelbased development environment and associated services to reduce time-to-deployment, and as required, time-to-certification for: DO-178B Aerospace and Defense EN Rail Transportation IEC Industrial and Transportation IEC Nuclear 3 Esterel Technologies Copyright - An Esterel ISO 9001:2000 Technologies Certified - SYNCHRON Company Confidential Aussois & Proprietary

4 Who We Are Founded in 1999 ISO 9001:2000 Certified for Design and Sale of Critical Software Tools and Services Core competency: Critical embedded systems modeling and application development Worldwide presence Direct : USA/Canada/France/Gemany/UK/China Via channels: India/Israel/Italy/Japan/Korea/Russia/Spain/Turkey 4

5 Model-Based Development for Critical Embedded Systems and Software Existing Capabilities Control Engineering Embedded Software On-Board Embedded Graphics 5 Esterel Technologies Copyright - An Esterel ISO 9001:2000 Technologies Certified - SYNCHRON Company Confidential Aussois & Proprietary

6 The SCADE Certified Software Factory SYSTEM SPEC DESIGN VERIFY GENERATE SYSTEM TEST Debugging & Simulation Formal Verification SCADE Suite KCG Algorithm Design Capture Model Coverage Analysis Object Code Verification SCADE Suite/SCADE Display Integration RTOS Adaptors SCADE Display KCG Architecture Design Capture Graphical Animation Ergonomics Checking 6 Requirements Management Gateway Integrated Configuration Management Automatic Design Documentation Esterel Technologies Copyright - An Esterel ISO 9001:2000 Technologies Certified - SYNCHRON Company Confidential Aussois & Proprietary DO-178B IEC EN Qualification Kits, Certificates & Handbooks

7 What is Unique About SCADE? SCADE is being developed specifically to address critical embedded system and software applications SCADE is certified/qualified according to following international safety standards: DO-178B qualification up to Level A Aerospace & Defense IEC certification up to SIL 3 Transportation & Industry EN certification up to SIL 3/4 Rail Transportation IEC full compliance Nuclear industry 7 Esterel Technologies Copyright - An Esterel ISO 9001:2000 Technologies Certified - SYNCHRON Company Confidential Aussois & Proprietary

8 Certification In Avionics Avionic industry is the most regulated one 1st international conference in 1910! Everything is ruled: Conception, Transportation, Crew,.. Noise, Population health, Leisure Components must be conceived such that: Defects wrt flight security take-off or landing are EXTREMELY UNPROBABLE, and do not result from simple cause Any other defects are IMPROBABLE Failure Condition Classification Severy Matrix Degree of redundancy 1 (double fault) 0 (single fault) 2 (triple fault) Catastrophic A B C Hazardous B C D Major C D E Minor D E E No Safety Effect E E E 8

9 DO 178 B DO-178 B is a mean of conformity for embedded software It is in general not feasible to assess the number or kinds of software errors, if any,that may remain after the completion of system design, development, and test. DO- 178B/ED-12B, provides acceptable means for assessing and controlling the software used to program digital computer-based systems Based on 5 principles: Well-defined software engineering processes Everything must be always verified Independent authority assesses respect of objectives Norm must be agreed by every one Manufacturers are responsible of the means 9

10 Benefits of Using A Certified ACG Objective 1 Low-level requirements comply with high-level requirements. 2 Low-level requirements are accurate and consistent. Verification Not eliminated Automated 3 Low-level requirements are compatible with Lots verification activities target computer. Not eliminated 4 Low-level requirements are verifiable. Eliminated 5 Low-level requirements conform to standards. Automated 6 Low-levels Accuracy requirements of are requirements traceable to highlevel Not eliminated requirements. 7 Algorithms Accuracy are accurate. of algorithms Not eliminated 8 Software architecture is compatible with highlevel Not eliminated requirements. 9 Software Architecture architecture is consistent. Automated 10 Software architecture is compatible with target Not eliminated computer. 11 Software architecture is verifiable. Eliminated 12 Software architecture conforms to standards. Automated 13 Software partitioning integrity is confirmed. Not eliminated Source code versus requirements High-Level requirements = Low-level Requirements Objective Verification 1 Source Code complies with low-level requirements Eliminated 2 Source Code complies with software architecture Eliminated 3 Source Code is verifiable Eliminated 4 Source Code conforms to standards Eliminated 5 Source Code is traceable to low-level requirements Eliminated 6 Source Code is accurate and consistent Eliminated 7 Output of software integration process is complete Not eliminated and correct 10

11 Certification of KCG 6.0 Scade 6 + KCG Use of a formally defined language Use of a certified tool How? DO-178 B expects specific activities for embedded software Do the same for KCG, with proper arguments, since it runs on a PC Level of qualification is the same as targetted applications A Other norms (transport mainly) By equivalence when possible (most of the case) Or add specific activities 11

12 D0-178 B Implementation SW Planning Process Plans & standards Plans & standards SW Requirements Process Traceabilty HLR/LLR HLR SW Design Process Traceabilty LLR/Source code LLR & Architecture SW Coding Process Development processes Source code & object code Integration Process Integrated Executable code HLR, LLR & Architecture, source code & object code, integrated executable code Traceability Syst Req/HLR, HLR/LLR & LLR/Source code Verification/SCM/SQA Records SW Accomplishment Summary SW Verification Process SW Configuration Management Process SW Quality Assurance Process Certification Liaison Process Integral processes 12

13 Initial Phase Assessment of the new Scade 6 language Done in collaboration with Verimag, LIP6 Also inspired from Esterel SyncCharts implemented with a prototype Project starts, with Planning Phase Tool Qualification Plan Development & environment (tools, methodologies, CM, ) Standards (specs, design, coding, tests) All these documents must be reviewed and accepted. This will be the case for any docs. 13

14 Use Of Caml Caml was very natural for R&D It is very-well suited for compilers (ACG..) Prototype already in caml But: DO-178 B: Use the best language for a given project Domain is very conservative : Use C (or possibly instantiated C++) Need to: Demonstrate the compatibility between DO-178 B and caml Ex: analysis of ocaml bug list Find means to assess that generated code is under control! This generated various activities detailed later 14

15 Specifications Scade 6 language : powerfull but understandable Safe State Machines à la Esterel, but simplified Arrays, with controlled dynamic indexation Iterators (map, fold, ) Better control blocks: activation blocks Specifications: Opportunity to formalize the language Opportunity to rewritte the specification of the tool itself Need to take into account GUI needs, so we got A textual language Its enriched equivalent in XML for graphical purposes 15

16 High-Level Requirements x = pre(y) Textual Scade Textual Scade KCG C Code XML Scade other <Equation> <lefts> <VariableRef name="_l21"/> </lefts> <right> <!-- pre (_L18) --> <PreOp> <flow> <ListExpression> <items> <IdExpression> <path> <ConstVarRef name="_l18"/> </path> </IdExpression> </items> </ListExpression> </flow> </PreOp> </right> <pragmas> <ed:equation oid="win_19e/5348/624/3c3ef06e/4fae"/> </pragmas> </Equation> 16

17 Design 2 Levels: 1 - Architecture of the software: the binaries, and the global flows 2a- Detailed design : functions specifications must be very closed to code. 2b- Derived requirements : not related to high-level requirements libraries, runtime Main difficulties: High-level requirements must be linked to Low-level requirements Hierarchy is theoritically possible, rarely in pratice Data coupling & control coupling Check of all data ranges => how for a compiler? Use of an integrated approach to eliminate that point 17

18 Coding Use of caml Without objects, nor experimental features For all 3 binaries: kcg (toplevel), x2s, and s2c Libraries Fully documented, and unit tested Runtime Partially rewritten, in particular GC simple stop&copy. Memory increase is done by steps. 18

19 Verification Covers various activities Major part in DO-178 B Validation = testing Unit testing, HLR testing Verification Respect of standards (Specs, Design, Coding, Tests) Of phases outputs (Plans, Specs, Design, Coding, Tests) Done in extenso by the team, with independency Done by sampling by quality engineer All activities are traced Possible Deviations or Request for improvements In Tool Accomplishment Summary/Safety Case documents 19

20 Specific Verifications Check of generated object code Check that the output of C / caml compilers are traceable to source, or can be justified Based on significant samples for C, and specific study for caml (Paris VII) Justification of system/libraries calls Demonstration of safety 100% MC/DC expected Done on C and ML. Also done on generated code from tests Safety analysis Required for EIC 61508/EN Impact of environment: user, system (Windows!), on tool behavior 20

21 Verification Tools Concept (DO-178 B) A tool that can automatize verification activities, without introducing errors Must be qualified as verification tool Qualification is: A plan, requirements on specific usage, tests, results & verifications. Should be done for anything that is used for automation Tools used: RTRT (IBM), Reqtify (Geensys), kcgsim, mlcov, diff 21

22 mlcov Mlcov Joint work with Paris VII provides structural & MC/DC coverage for caml Best technical paper PADL 08. Available on Esterel Tech. Web site. 22

23 Mlcov reports 23

24 Summary Developping a tool level A (or SIL3/4) Impact on Scade 6 definition (user context in mind) Formal semantics of the language: new kind of requirements Use of caml New approach in that domain Required justification, new GC, specific analysis Development of a specific MC/DC tool grey box testing: A way to fulfill DO-178 B requirements, while being manageable Got a certified KCG tool, BUT. 24

25 KCG 6.0.1: Context of use SCADE Scade model Certified Is that OK on disk? KCG C Code Is there any problem? Target comp 25 Binary

26 KCG 6.0.1: Context of use SCADE Scade model Certified Reporter KCG Verification tool Is there any problem? C Code Target comp 26 Binary

27 KCG 6.0.1: Context of use SCADE Scade model Certified Reporter KCG Verification tool CVK C Code Target comp 27 Test Suite Binary

28 28

SCADE SUITE SOFTWARE VERIFICATION PLAN FOR DO-178B LEVEL A & B

SCADE SUITE SOFTWARE VERIFICATION PLAN FOR DO-178B LEVEL A & B SCADE SUITE SOFTWARE VERIFICATION PLAN FOR DO-78B LEVEL A & B TABLE OF CONTENTS. INTRODUCTION..... PURPOSE..... RELATED DOCUMENTS..... GLOSSARY... 9.. CONVENTIONS..... RELATION WITH OTHER PLANS....6. MODIFICATION

More information

Technical Data Sheet SCADE R17 Solutions for ARINC 661 Compliant Systems Design Environment for Aircraft Manufacturers, CDS and UA Suppliers

Technical Data Sheet SCADE R17 Solutions for ARINC 661 Compliant Systems Design Environment for Aircraft Manufacturers, CDS and UA Suppliers 661 Solutions for ARINC 661 Compliant Systems SCADE R17 Solutions for ARINC 661 Compliant Systems Design Environment for Aircraft Manufacturers, CDS and UA Suppliers SCADE Solutions for ARINC 661 Compliant

More information

F-22 Raptor. Agenda. 1. Motivation

F-22 Raptor. Agenda. 1. Motivation Model-Based Software Development and Automated Code Generation for Safety-Critical Systems F-22 Raptor for the Seminar Advanced Topics in Software Engineering for Safety-Critical Systems Cause: Bug in

More information

Certification Authorities Software Team (CAST) Position Paper CAST-13

Certification Authorities Software Team (CAST) Position Paper CAST-13 Certification Authorities Software Team (CAST) Position Paper CAST-13 Automatic Code Generation Tools Development Assurance Completed June 2002 NOTE: This position paper has been coordinated among the

More information

SAFE SOFTWARE FOR SPACE APPLICATIONS: BUILDING ON THE DO-178 EXPERIENCE. Cheryl A. Dorsey Digital Flight / Solutions cadorsey@df-solutions.

SAFE SOFTWARE FOR SPACE APPLICATIONS: BUILDING ON THE DO-178 EXPERIENCE. Cheryl A. Dorsey Digital Flight / Solutions cadorsey@df-solutions. SAFE SOFTWARE FOR SPACE APPLICATIONS: BUILDING ON THE DO-178 EXPERIENCE Cheryl A. Dorsey Digital Flight / Solutions cadorsey@df-solutions.com DIGITAL FLIGHT / SOLUTIONS Presentation Outline DO-178 Overview

More information

Certification Authorities Software Team (CAST) Position Paper CAST-26

Certification Authorities Software Team (CAST) Position Paper CAST-26 Certification Authorities Software Team (CAST) Position Paper CAST-26 VERIFICATION INDEPENDENCE COMPLETED January 2006 (Rev 0) NOTE: This position paper has been coordinated among the software specialists

More information

Introduction of ISO/DIS 26262 (ISO 26262) Parts of ISO 26262 ASIL Levels Part 6 : Product Development Software Level

Introduction of ISO/DIS 26262 (ISO 26262) Parts of ISO 26262 ASIL Levels Part 6 : Product Development Software Level ISO 26262 the Emerging Automotive Safety Standard Agenda Introduction of ISO/DIS 26262 (ISO 26262) Parts of ISO 26262 ASIL Levels Part 4 : Product Development System Level Part 6 : Product Development

More information

DO-178B compliance: turn an overhead expense into a competitive advantage

DO-178B compliance: turn an overhead expense into a competitive advantage IBM Software Rational Aerospace and Defense DO-178B compliance: turn an overhead expense into a competitive advantage 2 DO-178B compliance: turn an overhead expense into a competitive advantage Contents

More information

Technical Data Sheet SCADE Suite R16. Software Prototyping and Design. Technical Data Sheet SCADE Suite R16 1

Technical Data Sheet SCADE Suite R16. Software Prototyping and Design. Technical Data Sheet SCADE Suite R16 1 SCADE Suite R6 SCADE Suite is a product line of the ANSYS Embedded software family of products and solutions that empowers users with a Model-Based Development Environment for critical embedded software.

More information

SCADE TRAINING PROGRAM 2015

SCADE TRAINING PROGRAM 2015 SCADE TRAINING PROGRAM 2015 Esterel Technologies SAS - A wholly-owned subsidiary of ANSYS Inc. - An ISO 9001:2008 Certified Company 1 Register online! Model-Based Design Embedded Software Certified/Qualified

More information

Best practices for developing DO-178 compliant software using Model-Based Design

Best practices for developing DO-178 compliant software using Model-Based Design Best practices for developing DO-178 compliant software using Model-Based Design Raymond G. Estrada, Jr. 1 The MathWorks, Torrance, CA Eric Dillaber. 2 The MathWorks, Natick, MA Gen Sasaki 3 The MathWorks,

More information

Methodological Handbook. Efficient Development of Safe Avionics Software with DO-178B Objectives Using SCADE Suite

Methodological Handbook. Efficient Development of Safe Avionics Software with DO-178B Objectives Using SCADE Suite Efficient Development of Safe Avionics Software with DO-178B Objectives Using SCADE Suite CONTACTS Legal Contact Esterel Technologies SA Parc Euclide - 8, rue Blaise Pascal 78990 Elancourt FRANCE Phone:

More information

AC 20-148 REUSABLE SOFTWARE COMPONENTS

AC 20-148 REUSABLE SOFTWARE COMPONENTS AC 20-148 REUSABLE SOFTWARE COMPONENTS December 7, 2004 12/7/04 AC 20-148 CONTENTS Paragraph Title Page 1. Purpose....1 2. Motivation for this Guidance....1 3. Document Overview...1 4. General Guidelines

More information

Automating Code Reviews with Simulink Code Inspector

Automating Code Reviews with Simulink Code Inspector Automating Code Reviews with Simulink Code Inspector Mirko Conrad, Matt Englehart, Tom Erkkinen, Xiaocang Lin, Appa Rao Nirakh, Bill Potter, Jaya Shankar, Pete Szpak, Jun Yan, Jay Clark The MathWorks,

More information

IBM Rational Rhapsody

IBM Rational Rhapsody IBM Rational Rhapsody IBM Rational Rhapsody Reference Workflow Guide Version 1.9 License Agreement No part of this publication may be reproduced, transmitted, stored in a retrieval system, nor translated

More information

ANSYS SCADE Model-Based Development Solutions for Industrial Equipment and Energy. Critical Systems & Software Development Solutions

ANSYS SCADE Model-Based Development Solutions for Industrial Equipment and Energy. Critical Systems & Software Development Solutions ANSYS SCADE Model-Based Development Solutions for Industrial Equipment and Energy Critical Systems & Software Development Solutions Heavy Duty Industrial Equipment Applications Mechatronics Controls and

More information

SCADE Suite in Space Applications

SCADE Suite in Space Applications SCADE Suite in Space Applications at EADS David Lesens 09/10/2008 Overview Introduction Historical use of SCADE at EADS Astrium ST Why using SCADE? The Automatic Transfer Vehicle (ATV) M51 and Vega R&T

More information

TESSY Automated dynamic module/unit and. CTE Classification Tree Editor. integration testing of embedded applications. for test case specifications

TESSY Automated dynamic module/unit and. CTE Classification Tree Editor. integration testing of embedded applications. for test case specifications TESSY Automated dynamic module/unit and integration testing of embedded applications CTE Classification Tree Editor for test case specifications Automated module/unit testing and debugging at its best

More information

Parameters for Efficient Software Certification

Parameters for Efficient Software Certification Parameters for Efficient Software Certification Roland Wolfig, e0327070@student.tuwien.ac.at Vienna University of Technology, Real-Time Systems Group 1 Abstract Software certification is a common approach

More information

Meeting DO-178B Software Verification Guidelines with Coverity Integrity Center

Meeting DO-178B Software Verification Guidelines with Coverity Integrity Center Meeting DO-178B Software Verification Guidelines with Coverity Integrity Center May, 2009 Thomas Schultz Director of Product Strategy, Coverity, Inc. Executive Summary Development organizations that create

More information

Introduction to a Requirements Engineering Framework for Aeronautics

Introduction to a Requirements Engineering Framework for Aeronautics J. Software Engineering & Applications, 2010, 3, 894-900 doi:10.4236/jsea.2010.39105 Published Online September 2010 (http://www.scirp.org/journal/jsea) Introduction to a Requirements Engineering Framework

More information

Reduce Medical Device Compliance Costs with Best Practices. mark.pitchford@ldra.com

Reduce Medical Device Compliance Costs with Best Practices. mark.pitchford@ldra.com Reduce Medical Device Compliance Costs with Best Practices mark.pitchford@ldra.com 1 Agenda Medical Software Certification How new is Critical Software Certification? What do we need to do? What Best Practises

More information

SCADE System 17.0. Technical Data Sheet. System Requirements Analysis. Technical Data Sheet SCADE System 17.0 1

SCADE System 17.0. Technical Data Sheet. System Requirements Analysis. Technical Data Sheet SCADE System 17.0 1 SCADE System 17.0 SCADE System is the product line of the ANSYS Embedded software family of products and solutions that empowers users with a systems design environment for use on systems with high dependability

More information

Anwendung von Polyspace im Software Entwicklungsprozess nach IEC 60880. München, 19.05.2011, Dr.-Ing. Jörg Barrho

Anwendung von Polyspace im Software Entwicklungsprozess nach IEC 60880. München, 19.05.2011, Dr.-Ing. Jörg Barrho Anwendung von Polyspace im Software Entwicklungsprozess nach IEC 60880 München, 19.05.2011, Dr.-Ing. Jörg Barrho Agenda 01 Tognum and MTU Friedrichshafen 02 Background and project 03 Overview IEC 60880

More information

Certification Authorities Software Team (CAST) Position Paper CAST-15

Certification Authorities Software Team (CAST) Position Paper CAST-15 Certification Authorities Software Team (CAST) Position Paper CAST-15 Merging High-Level and Low-Level Requirements Completed February 2003 NOTE: This position paper has been coordinated among the software

More information

The Impact of RTCA DO-178C on Software Development

The Impact of RTCA DO-178C on Software Development Cognizant 20-20 Insights The Impact of RTCA DO-178C on Software Development By following DO-178C, organizations can implement aeronautical software with clear and consistent ties to existing systems and

More information

DO-178B/C Differences Tool

DO-178B/C Differences Tool FAA/AVS DO-178B/C Differences Tool Revision: 8 DATE: 9/16/213 Revision History Date Rev Change summary 7/21/213 Draft 1 Draft Release - prototype 7/22/213 Draft 2 Draft Release for review 7/23/213 Draft

More information

Software in safety critical systems

Software in safety critical systems Software in safety critical systems Software safety requirements Software safety integrity Budapest University of Technology and Economics Department of Measurement and Information Systems Definitions

More information

Complying with DO-178C and DO-331 using Model-Based Design

Complying with DO-178C and DO-331 using Model-Based Design 12AEAS-0090 Complying with DO-178C and DO-331 using Model-Based Design Bill Potter MathWorks, Inc. Copyright 2012 The MathWorks, Inc. ABSTRACT This paper addresses how recently published revisions of aircraft

More information

INDEPENDENT VERIFICATION AND VALIDATION OF EMBEDDED SOFTWARE

INDEPENDENT VERIFICATION AND VALIDATION OF EMBEDDED SOFTWARE PREFERRED RELIABILITY PRACTICES PRACTICE NO. PD-ED-1228 PAGE 1 OF 6 INDEPENDENT VERIFICATION AND VALIDATION OF EMBEDDED SOFTWARE Practice: To produce high quality, reliable software, use Independent Verification

More information

Real Time Developer Studio. Emmanuel Gaudin emmanuel.gaudin@pragmadev.com

Real Time Developer Studio. Emmanuel Gaudin emmanuel.gaudin@pragmadev.com Real Time Developer Studio Emmanuel Gaudin emmanuel.gaudin@pragmadev.com PragmaDev French SME, Beneficiary since 2006. Dedicated to the development of a modelling tool for the development of Event driven

More information

Abstract Interpretation-based Static Analysis Tools:

Abstract Interpretation-based Static Analysis Tools: Abstract Interpretation-based Static Analysis Tools: Proving the Absence of Runtime Errors and Safe Upper Bounds on the Worst-Case Execution Time and Safe Upper Bounds on the Stack Usage Christian Ferdinand

More information

Testing of safety-critical software some principles

Testing of safety-critical software some principles 1(60) Testing of safety-critical software some principles Emerging Trends in Software Testing: autumn 2012 Matti Vuori, Tampere University of Technology 27.11.2012 Contents 1/4 Topics of this lecture 6

More information

Quality Assurance of Models for Autocoding

Quality Assurance of Models for Autocoding Quality Assurance of Models for Autocoding Ann Cass, Pierre Castori S YNS PACE AG Hardstrasse 11 CH - 4052 Basel ac@synspace.com, pc@synspace.com Abstract: Automatic Code Generation is an emerging technology

More information

WIND RIVER RTCA DO-178 SOFTWARE CERTIFICATION SERVICES

WIND RIVER RTCA DO-178 SOFTWARE CERTIFICATION SERVICES WIND RIVER RTCA DO-178 SOFTWARE CERTIFICATION SERVICES Wind River Professional Services RTCA DO-178 Practice provides software certification services to help our customers address their demanding software

More information

Know or Go Practical Quest for Reliable Software

Know or Go Practical Quest for Reliable Software Know or Go Practical Quest for Reliable Software Dr.-Ing. Jörg Barrho Dr.-Ing. Ulrich Wünsche AVACS Project meeting 25.09.2014 2014 Rolls-Royce Power Systems AG The information in this document is the

More information

New Challenges In Certification For Aircraft Software

New Challenges In Certification For Aircraft Software New Challenges In Certification For Aircraft Software John Rushby Computer Science Laboratory SRI International Menlo Park CA USA John Rushby, SR I Aircraft Software Certification 1 Overview The basics

More information

Software Development: The Waterfall Model

Software Development: The Waterfall Model Steven Zeil June 7, 2013 Contents 1 Software Development Process Models 2 1.1 Components of the Waterfall Model................................. 2 1.1.1 What is a requirement?. 2 1.1.2 Testing..........

More information

Notes and terms of conditions. Vendor shall note the following terms and conditions/ information before they submit their quote.

Notes and terms of conditions. Vendor shall note the following terms and conditions/ information before they submit their quote. Specifications for ARINC 653 compliant RTOS & Development Environment Notes and terms of conditions Vendor shall note the following terms and conditions/ information before they submit their quote. 1.

More information

Agile Model-Based Systems Engineering (ambse)

Agile Model-Based Systems Engineering (ambse) Agile Model-Based Systems Engineering (ambse) Bruce Powel Douglass, Ph.D. Chief Evangelist, Global Technology Ambassador IBM Rational Bruce.Douglass@us.ibm.com Twitter: @BruceDouglass Yahoo: tech.groups.yahoo.com/group/rt-uml/

More information

ANSYS SCADE Model-Based Development Solutions for RAIL TRANSPORTATION. Critical Systems & Software Development Solutions

ANSYS SCADE Model-Based Development Solutions for RAIL TRANSPORTATION. Critical Systems & Software Development Solutions ANSYS SCADE Model-Based Development Solutions for RAIL TRANSPORTATION Critical Systems & Software Development Solutions Rail Transportation Applications Automatic Train Control and Protection Systems:

More information

BENEFITS OF MODELING WITH A FORMAL LANGUAGE. Emmanuel Gaudin emmanuel.gaudin@pramadev.com

BENEFITS OF MODELING WITH A FORMAL LANGUAGE. Emmanuel Gaudin emmanuel.gaudin@pramadev.com BENEFITS OF MODELING WITH A FORMAL LANGUAGE Emmanuel Gaudin emmanuel.gaudin@pramadev.com PragmaDev French software editor based in Paris Dedicated to the development of RTDS: a modeling and testing tool

More information

Certification Authorities Software Team (CAST) Position Paper CAST-9

Certification Authorities Software Team (CAST) Position Paper CAST-9 Certification Authorities Software Team (CAST) Position Paper CAST-9 Considerations for Evaluating Safety Engineering Approaches to Software Assurance Completed January, 2002 NOTE: This position paper

More information

Software Life Cycle Process - DO-178B

Software Life Cycle Process - DO-178B 1(19) Cross reference tables for H ProgSäk (E) and DO-178B A comparison has been made between requirement areas covered by H ProgSäk (E) and DO-178B respectively. Tables for correspondences and differences

More information

WHITEPAPER: SOFTWARE APPS AS MEDICAL DEVICES THE REGULATORY LANDSCAPE

WHITEPAPER: SOFTWARE APPS AS MEDICAL DEVICES THE REGULATORY LANDSCAPE WHITEPAPER: SOFTWARE APPS AS MEDICAL DEVICES THE REGULATORY LANDSCAPE White paper produced by Maetrics For more information, please contact global sales +1 610 458 9312 +1 877 623 8742 globalsales@maetrics.com

More information

Development of AUTOSAR Software Components within Model-Based Design

Development of AUTOSAR Software Components within Model-Based Design 2008-01-0383 Development of AUTOSAR Software Components within Model-Based Design Copyright 2008 The MathWorks, Inc. Guido Sandmann Automotive Marketing Manager, EMEA The MathWorks Richard Thompson Senior

More information

We drive Aurix to success Aurix Services for Automotive & Industrial

We drive Aurix to success Aurix Services for Automotive & Industrial Building a safe and secure embedded world We drive Aurix to success Aurix Services for Automotive & Industrial > Services HITEX: An Preferred Design House (PDH) Questions about? Ask us Aurix Services for

More information

Montana Department of Transportation Information Services Division. System Development Life Cycle (SDLC) Guide

Montana Department of Transportation Information Services Division. System Development Life Cycle (SDLC) Guide Montana Department of Transportation Information Services Division System Development Life Cycle (SDLC) Guide Version 2 August 2, 2007 \mdt_sdlc_process\mdt_sdlc_v02.doc Table of Contents 1 Business Analysis...3

More information

Best Practices for Verification, Validation, and Test in Model- Based Design

Best Practices for Verification, Validation, and Test in Model- Based Design 2008-01-1469 Best Practices for Verification, Validation, and in Model- Based Design Copyright 2008 The MathWorks, Inc. Brett Murphy, Amory Wakefield, and Jon Friedman The MathWorks, Inc. ABSTRACT Model-Based

More information

ENEA: THE PROVEN LEADER IN SAFETY CRITICAL AVIONICS SYSTEMS

ENEA: THE PROVEN LEADER IN SAFETY CRITICAL AVIONICS SYSTEMS ENEA: THE PROVEN LEADER IN SAFETY CRITICAL AVIONICS SYSTEMS info@enea.com. www.enea.com For over 40 years, we have been one of the fastest growing avionics consulting companies in the world. Today our

More information

Model Based System Engineering (MBSE) For Accelerating Software Development Cycle

Model Based System Engineering (MBSE) For Accelerating Software Development Cycle Model Based System Engineering (MBSE) For Accelerating Software Development Cycle Manish Patil Sujith Annamaneni September 2015 1 Contents 1. Abstract... 3 2. MBSE Overview... 4 3. MBSE Development Cycle...

More information

Quality in Aviation Software. Chris Hartgroves C.Eng. CQP Design Assurance SELEX Galileo

Quality in Aviation Software. Chris Hartgroves C.Eng. CQP Design Assurance SELEX Galileo Quality in Aviation Software Chris Hartgroves C.Eng. CQP Design Assurance SELEX Galileo CQI North London : October 13 th 2011 Contents Introduction Terminology Historical context Poor quality aerospace

More information

Muslah Systems Agile Development Process

Muslah Systems Agile Development Process Muslah Systems, Inc. Agile Development Process 1 Muslah Systems Agile Development Process Iterative Development Cycles Doug Lahti December 7, 2009 October 5, 2010 In consideration of controllable systems

More information

IBM Rational systems and software solutions for the medical device industry

IBM Rational systems and software solutions for the medical device industry IBM Software August 2011 IBM Rational systems and software solutions for the medical device industry Improve processes, manage IEC 61508 and IEC 62304 standards, develop quality products Highlights Manage

More information

Software Engineering for LabVIEW Applications. Elijah Kerry LabVIEW Product Manager

Software Engineering for LabVIEW Applications. Elijah Kerry LabVIEW Product Manager Software Engineering for LabVIEW Applications Elijah Kerry LabVIEW Product Manager 1 Ensuring Software Quality and Reliability Goals 1. Deliver a working product 2. Prove it works right 3. Mitigate risk

More information

Certification Report

Certification Report Certification Report EAL 2+ Evaluation of Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme 2008 Government of Canada, Communications

More information

CREDENTIALS & CERTIFICATIONS 2015

CREDENTIALS & CERTIFICATIONS 2015 THE COMMUNITY FOR TECHNOLOGY LEADERS www.computer.org CREDENTIALS & CERTIFICATIONS 2015 KEYS TO PROFESSIONAL SUCCESS CONTENTS SWEBOK KNOWLEDGE AREA CERTIFICATES Software Requirements 3 Software Design

More information

AP1000 European 18. Human Factors Engineering Design Control Document

AP1000 European 18. Human Factors Engineering Design Control Document 18.2 Human Factors Engineering Program Management The purpose of this section is to describe the goals of the AP1000 human factors engineering program, the technical program to accomplish these goals,

More information

SPAZIO IT. Spazio IT Open Source & AVIONICs. Open Source & Avionics. December 2014

SPAZIO IT. Spazio IT Open Source & AVIONICs. Open Source & Avionics. December 2014 Spazio IT Open Source & AVIONICs SPAZIO IT Open Source & Avionics Maurizio Martignano Spazio IT Soluzioni Informatiche s.a.s Via Manzoni 40 46030 San Giorgio di Mantova, Mantova http://www.spazioit.com

More information

ARINC 653. An Avionics Standard for Safe, Partitioned Systems

ARINC 653. An Avionics Standard for Safe, Partitioned Systems ARINC 653 An Avionics Standard for Safe, Partitioned Systems 1 Courtesy of Wind River Inc. 2008 IEEE-CS Seminar June 4 th, 2008 Agenda Aerospace Trends IMA vs. Federated ARINC 653 Main concepts Safety

More information

SOFTWARE VERIFICATION RESEARCH CENTRE SCHOOL OF INFORMATION TECHNOLOGY THE UNIVERSITY OF QUEENSLAND. Queensland 4072 Australia TECHNICAL REPORT

SOFTWARE VERIFICATION RESEARCH CENTRE SCHOOL OF INFORMATION TECHNOLOGY THE UNIVERSITY OF QUEENSLAND. Queensland 4072 Australia TECHNICAL REPORT SOFTWARE VERIFICATION RESEARCH CENTRE SCHOOL OF INFORMATION TECHNOLOGY THE UNIVERSITY OF QUEENSLAND Queensland 4072 Australia TECHNICAL REPORT No. 99-30 A Survey of International Safety Standards Axel

More information

Motivations 1. What is (or should be) the essential preoccupation of computer scientists?

Motivations 1. What is (or should be) the essential preoccupation of computer scientists? Improving Systems Quality Challenges and Trends An Abstract Interpretation Perspective Patrick COUSOT École Normale Supérieure 45 rue d Ulm, 75230 Paris cedex 05, France Patrick.Cousot@ens.fr www.di.ens.fr/

More information

Safety-Critical Systems: Processes, Standards and Certification

Safety-Critical Systems: Processes, Standards and Certification Fachbereich 17 - Mathematik/Informatik Arbeitsgruppe Softwaretechnik Warburger Straße 100 33098 Paderborn Safety-Critical Systems: Processes, Standards and Certification for the Seminar Analysis, Design

More information

VoiceXML Data Logging Overview

VoiceXML Data Logging Overview Data Logging Overview - Draft 0.3-20 August 2007 Page 1 Data Logging Overview Forum Tools Committee Draft 0.3-20 August 2007 Data Logging Overview - Draft 0.3-20 August 2007 Page 1 About the Forum: Founded

More information

Justifying the use of software of uncertain pedigree (SOUP) in safety related applications

Justifying the use of software of uncertain pedigree (SOUP) in safety related applications Justifying the use of software of uncertain pedigree (SOUP) in safety related applications Peter Bishop, Robin Bloomfield and Peter Froome Adelard Abstract This short paper is intended to serve as an introduction

More information

AIRBUS Avionics and Simulation Products Open Source modeling tools in embedded projects

AIRBUS Avionics and Simulation Products Open Source modeling tools in embedded projects AIRBUS Avionics and Simulation Products Open Source modeling tools in embedded projects A key factor in improving productivity and maintainability Presented by P. Gaufillet With the support of P. Farail

More information

ELECTROTECHNIQUE IEC INTERNATIONALE 61508-3 INTERNATIONAL ELECTROTECHNICAL

ELECTROTECHNIQUE IEC INTERNATIONALE 61508-3 INTERNATIONAL ELECTROTECHNICAL 61508-3 ª IEC: 1997 1 Version 12.0 05/12/97 COMMISSION CEI ELECTROTECHNIQUE IEC INTERNATIONALE 61508-3 INTERNATIONAL ELECTROTECHNICAL COMMISSION Functional safety of electrical/electronic/ programmable

More information

Software Engineering for LabVIEW Applications

Software Engineering for LabVIEW Applications Software Engineering for LabVIEW s Topics Software Quality Standards ISO 9000, CMMI, DO-178B, FDA CFR Part 820 Software Engineering Process (SEP) Validation, -Based Testing, Debugging, Automated Software

More information

asuresign Aero (NATEP Grant MA005)

asuresign Aero (NATEP Grant MA005) asuresign Aero (NATEP Grant MA005) WP2 Workshop: Identification of Needs for Tool Support in Meeting Aircraft Avionics Systems, Hardware & Software Certification Standards Dr Chris Harper Systems & Safety

More information

Rotorcraft Health Management System (RHMS)

Rotorcraft Health Management System (RHMS) AIAC-11 Eleventh Australian International Aerospace Congress Rotorcraft Health Management System (RHMS) Robab Safa-Bakhsh 1, Dmitry Cherkassky 2 1 The Boeing Company, Phantom Works Philadelphia Center

More information

SOFTWARE DEVELOPMENT STANDARD FOR SPACECRAFT

SOFTWARE DEVELOPMENT STANDARD FOR SPACECRAFT SOFTWARE DEVELOPMENT STANDARD FOR SPACECRAFT Mar 31, 2014 Japan Aerospace Exploration Agency This is an English translation of JERG-2-610. Whenever there is anything ambiguous in this document, the original

More information

1. Software Engineering Overview

1. Software Engineering Overview 1. Overview 1. Overview...1 1.1 Total programme structure...1 1.2 Topics covered in module...2 1.3 Examples of SW eng. practice in some industrial sectors...4 1.3.1 European Space Agency (ESA), software

More information

Dependable (Safe/Reliable) Systems. ARO Reliability Workshop Software Intensive Systems

Dependable (Safe/Reliable) Systems. ARO Reliability Workshop Software Intensive Systems Dependable (Safe/Reliable) Systems Composing, Analyzing and Validating s to Assess / Develop / Validate Methods and Supporting Tools for the Creation of Dependable Systems ARO Reliability Workshop Intensive

More information

SPECIFICATION DATA. Safety System Software (S3) APPLICATION FEATURE DESCRIPTION

SPECIFICATION DATA. Safety System Software (S3) APPLICATION FEATURE DESCRIPTION SPECIFICATION DATA Safety System Software (S3) APPLICATION Safety System Software (S 3 ) is a robust, full featured configuration, diagnostic, programming and real-time monitoring package for integrators

More information

etamax space GmbH Company Presentation

etamax space GmbH Company Presentation etamax space GmbH Company Presentation Company Profile of etamax space Founded: 1997 in Braunschweig Legal form: GmbH Shareholders: ckc ag (49,5%), 2 managing directors Staff: 50 (06/2014) Turnover: >

More information

FROM SAFETY TO SECURITY SOFTWARE ASSESSMENTS AND GUARANTEES FLORENT KIRCHNER (LIST)

FROM SAFETY TO SECURITY SOFTWARE ASSESSMENTS AND GUARANTEES FLORENT KIRCHNER (LIST) FROM SAFETY TO SECURITY SOFTWARE ASSESSMENTS AND GUARANTEES FLORENT KIRCHNER (LIST) M loc 12 ONBOARD SOFTWARE SIZE 10 Volt (2011) F-35 (2012) 8 6 787 (2010) F-35 (2010) 4 2 F-22 (2005) 0 WHY DO WE TRUST

More information

Model Based Software Development for DDG 1000 Advanced Gun System

Model Based Software Development for DDG 1000 Advanced Gun System BAE Systems Land & Armaments Model Based Software Development for DDG 1000 Advanced Gun System Dirk Jungquist BAE Systems Land & Armaments 2012 Distribution Statement A: Approved for public release; distribution

More information

Software development for safetyrelated automotive systems the MISRA guidelines and ISO 26262

Software development for safetyrelated automotive systems the MISRA guidelines and ISO 26262 Software development for safetyrelated automotive systems the MISRA guidelines and ISO 26262 Dr David Ward General Manager Functional Safety MIRA Ltd 2010 Agenda Motivations and challenges for system safety

More information

Model-driven development solutions To support your business objectives. IBM Rational Rhapsody edition comparison matrix

Model-driven development solutions To support your business objectives. IBM Rational Rhapsody edition comparison matrix Model-driven development solutions To support your business objectives IBM Rhapsody edition comparison matrix IBM Rhapsody 7.5 edition: capabilities and comparisons The enclosed table compares the capabilities

More information

System Design in the Software Era. ni.com

System Design in the Software Era. ni.com System Design in the Software Era ni.com 2 3 The Cost of a Software Defect Development Phase Cost Ratio Requirements 1 Design 3-6x Implementation 10x Development Testing 15-40x Acceptance Testing 30-70x

More information

Design of automatic testing tool for railway signalling systems software safety assessment

Design of automatic testing tool for railway signalling systems software safety assessment Risk Analysis VI 513 Design of automatic testing tool for railway signalling systems software safety assessment J.-G. Hwang 1, H.-J. Jo 1 & H.-S. Kim 2 1 Train Control Research Team, Korea Railroad Research

More information

Tool Qualification Kit for NI TestStand Test Management Software

Tool Qualification Kit for NI TestStand Test Management Software www.certtech.com Tool Qualification Kit for NI TestStand Test Management Software CertTech, L.L.C. 14425 College Blvd. Suite 140 Lenexa, KS 66215 P (913-814-9770) F (913-817-0837) CertTech s TestStand

More information

Software Production. Industrialized integration and validation of TargetLink models for series production

Software Production. Industrialized integration and validation of TargetLink models for series production PAGE 24 EB AUTOMOTIVE Industrialized integration and validation of TargetLink models for series production Continuous Software Production The complexity of software systems in vehicles is increasing at

More information

Verification and Validation of Software Components and Component Based Software Systems

Verification and Validation of Software Components and Component Based Software Systems Chapter 5 29 Verification and Validation of Software Components and Component Based Christina Wallin Industrial Information Technology Software Engineering Processes ABB Corporate Research christina.wallin@mdh.se

More information

SHIM. Introduction. Software-Hardware Interface for Multi-many-core. Masaki Gondo Chair of SHIM Working Group Software CTO, esol. Multicore Tools SHIM

SHIM. Introduction. Software-Hardware Interface for Multi-many-core. Masaki Gondo Chair of SHIM Working Group Software CTO, esol. Multicore Tools SHIM Multicore Tools SHIM Multicore HW Software-Hardware Interface for Multi-many-core SHIM Introduction Masaki Gondo Chair of SHIM Working Group Software CTO, esol The Multicore Association Established in

More information

Software Engineering for Software-Intensive Systems: III The Development Life Cycle

Software Engineering for Software-Intensive Systems: III The Development Life Cycle Software Engineering for Software-Intensive Systems: III The Development Life Cycle Assistant Professor Dr. Room E 3.165 Tel. 60-3321 Email: hg@upb.de Outline I Introduction II Foundations III The Development

More information

b. We, the Federal Aviation Administration or FAA, wrote this AC to recognize the following RTCA, Inc. documents (RTCA DO):

b. We, the Federal Aviation Administration or FAA, wrote this AC to recognize the following RTCA, Inc. documents (RTCA DO): U.S. Department of Transportation Federal Aviation Administration Advisory Circular Subject: Airborne Software Assurance Date: mm/dd/yyyy Initiated by: AIR-120 AC : 20-115C Change: 1. Purpose of this Advisory

More information

DDC-I s SCORE Technology -including Integration with OSE RTOS

DDC-I s SCORE Technology -including Integration with OSE RTOS DDC-I s SCORE Technology -including Integration with OSE RTOS Reliable Experienced Proven p. 1 Presentation outline About DDC-I SCORE Technology Introduction Current target focus: PowerPC & Intel x86 Multi-language

More information

Outline. III The Development Life Cycle. Characteristics of Software Development Methodologies. The Prototyping Process

Outline. III The Development Life Cycle. Characteristics of Software Development Methodologies. The Prototyping Process Software Engineering for Software-tensive Systems: Assistant Professor Dr. Room E 3.165 Tel. 60-3321 Email: hg@upb.de line I troduction II Foundations IV Requirements V Analysis & Design VI Implementation

More information

Requirements Management John Hrastar

Requirements Management John Hrastar Requirements Management John Hrastar NASA Project Management Conference March 30-31, 2004 University of Maryland Conference Center Introduction Three aspects of requirements management Requirements in

More information

Fundamentals of Measurements

Fundamentals of Measurements Objective Software Project Measurements Slide 1 Fundamentals of Measurements Educational Objective: To review the fundamentals of software measurement, to illustrate that measurement plays a central role

More information

RTCA DO-178B/EUROCAE ED-12B

RTCA DO-178B/EUROCAE ED-12B 27 RTCA DO-178B/EUROCAE ED-12B Thomas K. Ferrell Ferrell and Associates Consulting Uma D. Ferrell Ferrell and Associates Consulting 27.1 Introduction Comparison with Other Software Standards Document Overview

More information

Medical Device Software - Software Life Cycle Processes

Medical Device Software - Software Life Cycle Processes 1 Medical Device Software - Software Life Cycle Processes IEC 62304 2 Credits John F. Murray Software Compliance Expert U.S. Food and Drug Administration Marcie R. Williams Medical Device Fellow Ph.D.

More information

Current standards situation and modifications. Olaf Winne Hans-Jürgen Altendorf. LAMTEC Meß- und Regeltechnik für Feuerungen GmbH & Co.

Current standards situation and modifications. Olaf Winne Hans-Jürgen Altendorf. LAMTEC Meß- und Regeltechnik für Feuerungen GmbH & Co. Current standards situation and modifications Olaf Winne Hans-Jürgen Altendorf LAMTEC Meß- und Regeltechnik für Feuerungen GmbH & Co. KG 1 Standard structure Standard task International status ISOstandard

More information

TÜ V Rheinland Industrie Service

TÜ V Rheinland Industrie Service TÜ V Rheinland Industrie Service Business Area: Automation / Functional Safety Contact Minsung Lee +82-2-860-9969 mailto : minsung.lee@kor.tuv.com Sales Account Manager for Functional Safety Fax +82-2-860-9862

More information

CERTIFICATION MEMORANDUM

CERTIFICATION MEMORANDUM EASA CM No.: EASA CM SWCEH 002 Issue: 01 EASA CERTIFICATION MEMORANDUM EASA CM No.: EASA CM - SWCEH 002 Issue: 01 Issue Date: 11 th of August 2011 Issued by: Software & Complex Electronic Hardware section

More information

Chapter 17 Software Testing Strategies Slide Set to accompany Software Engineering: A Practitioner s Approach, 7/e by Roger S. Pressman Slides copyright 1996, 2001, 2005, 2009 by Roger S. Pressman For

More information

Requirements Engineering Management Findings Report

Requirements Engineering Management Findings Report DOT/FAA/AR-08/34 Air Traffic Organization NextGen & Operations Planning Office of Research and Technology Development Washington, DC 20591 Requirements Engineering Management Findings Report May 2009 Final

More information

Introduction to Automated Testing

Introduction to Automated Testing Introduction to Automated Testing What is Software testing? Examination of a software unit, several integrated software units or an entire software package by running it. execution based on test cases

More information

Development Process Automation Experiences in Japan

Development Process Automation Experiences in Japan Development Process Automation Experiences in Japan Dr. Olaf Kath ikv ++ technologies ag Germany ikv++ technologies ag 2007 who we are core business optimization and automation of our customer s system

More information