1 di Base tesi di laurea magistrale Model Driven Engineering of railway control systems with the openetcs process Anno Accademico relatore Ch.mo Prof. Stefano Russo correlatori Ch.mo Dr. Domenico Di Leo Ch.mo Ing. Baseliyos Jacob candidato Giovanni Trotta Matr. M63 / 0307
2 1/15 di Base This thesis is in part the result of a 6-mounts (January June 2014) research internship at Deutsche Bahn AG (Munich) which is the national railway company of Germany Involved into an ITEA2 European Project called OpenETCS: openproof Approach for Railway Safety System for CENELEC EN50128 Safety Case Partners involved in the project:
3 2/15 di Base Context European Rail Traffic Management System / European Train Control System (ERTMS/ETCS ) The ETCS standard is composed mainly by two parts: the ETCS Track-Side equipment and the ETCS On-Board Unit equipment Track-Side equipment: EuroBalise - EuroRadio - EuroLoop Levels in the ETCS environment interface different way of signaling and control between train and track Develop an Onboard unit software that interact with several signaling system Improve the interoperability for the railway sector
4 3/15 di Base Contributions A study by applying a Model Driven approach and CENELEC constraints to a safety process using OpenETCS toolchain. Requirements Analysis - Modeling - Code Generation -Testing Compare the weaknesses and strengths of the used Model Driven Engineering process and more specifically inside OpenETCS. Evaluation and benchmarking showing the significant issues of any software to support the development process.
5 4/15 di Base Fundamentals 1/3 CENELEC EN50128 Railway industry requirements are defined by CENELEC, the European Committee for Electrotechnical Standardization. Railway software applications based on communication, signalling and processing system Safety Integrity Level SIL Probability of a dangerous failure / hour Organizations, roles and responsibilities are strictly defined for each SIL
6 5/15 di Base Model Driven Architecture Standard Model: a collection of information representing some aspect of a system based on a specific set of concerns represents and supports every step from requirements to the technology implementations. provides an approach for deriving value from models and architecture in support of the full life cycle of organization. A system can be organized around a set of models by imposing a series of transformations between models CIM: Computation Independent Model PIM: Platform Independent Model PSM: Platform Specific Model ISM: Implementation Specific Model Fundamentals 2/3
7 6/15 di Base Fundamentals 3/3 Modeling Language The Object Management Group s OMG SysML is a general-purpose graphical modeling language for representing systems that may include combinations of hardware and software Derived from UML, extended to support general-purpose system modeling Relevant Diagrams: Block Definition Diagram (BDD): represents structural elements called blocks, and their composition and classification (UML Class Diagram). It is composed of Blocks, Internal Block Diagram (IBD): represents interconnection and interfaces between the parts of the block (UML composite structure diagram) UML/SysML
8 7/15 di Base OpenETCS 1/3 The purpose of the OpenETCS project is to develop an integrated modeling, development, validation and testing framework for leveraging the cost-efficient and reliable ETCS. The framework will provide a holistic tool chain across the whole development process of ETCS software. The tool chain will support the formal specification and verification of the ETCS system requirements, the automatic and ETCS compliant code generation and validation, and the modelbased test case generation and execution.
9 8/15 di Base OpenETCS Methods Transformation of textual specification into formal specification Transformation of formal requirement specifications into formal software and software module design and architecture descriptions Source code generation Verification of the models and source code Validation Creation of documentation and Traceability Terminology management / Intelligent Glossary OpenETCS 2/3
10 9/15 di Base OpenETCS Process OpenETCS 3/3 The OpenETCS process is strictly based on validation of safety design. In order to minimize the number of different models, which can be reused by railway users at the end of the project, the process shall take into account the safety concepts from the first step. Two processes: Non-safety process that does not include the formalization activity Safety process is based on CENELEC constraints and formalization
11 10/15 di Base Case Study: The ETCS EuroBalise Case Study 1/2 Development of an Onboard unit ETCS subsystem: Determine EuroBalise Group Orientation The aim is to determine the orientation of the running train from the EuroBalises s received information on the Track
12 11/15 di Base Case Study 2/2 PIM PSM ISM C Code Generation
13 12/15 di Base Model Driven Engineering Evaluation Significant time reduction on maintenance in each phase: perfective, corrective, preventive and adaptive Custom UML profile has several additional benefits: the UML profile can be adapted to the needs, developers do not have to lear a design vocabulary and existing knowledge A reference architecture is a set of reusable structures, used in the development process that can change over time, it may induct into several versioning problems that can be solved: adopting a new architecture with all the improvements and where the changes are reflected into the UML stereotypes and in the code generation templates using an appropriate process with a configuration management supports requirements changing or new requirements MDA has an high dependency on the Tool Chain Evaluation 1/2
14 13/15 di Base Process, Languages and tools evaluation Evaluation 2/2 Adopt the best practice in order to improve the quality of the processes in use, and therefore achieve targets relating to time, budget and quality Two main types of evaluation methodology: Quantitative evaluations: to establish measurable effects of using a method/tool Qualitative evaluations: to establish methods and/or tools appropriateness for example how well a method/tool fits the needs and culture of an organization Organizing an evaluation technique: formal experiment where it is requested to perform a task using different methods or tools under investigation. It can be investigated using standard statistical techniques. case study where it is tried out on a real project using the standard project development procedures survey where organizations or engineers skilled in specific methods or tools are asked to provide information about the same
15 14/15 di Base OpenETCS Improvements Tool Benchmarking 1/2 OpenETCS toolchain possible improvements: plug-in that generates retroactive link from model to requirements, to improve understandability of the System under development plug-in to make the toolchain able to share data from the Eclipse toolchain to SCADE automatically Analyze and keep track of dependency chain of each tool Reduce framework fragmentations using different tools (ModelicaML or Polarsys) instead of SCADE Manage directly one safety and consistent process OpenETCS should have no-vendor lock-in, support migration strategy of the ERTMS, innovate concurrently with the European Union railway market An agreement between different tools of exchanged data fixs all the heterogeneity problems Promotion and acceleration of innovation development with an adequate safety, reliability and quality of service will reduce the lifecycle cost and enhance the security for software.
16 15/15 di Base Tool Benchmarking 2/2 These two tables show the tools that support each criteria for both: OpenETCS and CENELEC EN At the moment tools open source such as ModelicaML and Polarsys can support just the nonsafety process. To have a certified code SCADE is highly recommended.
Date: 7 th October 2010 Author: Guillaume FINANCE, Objet Direct Analyst & Consultant UML, the standard modelling language used in the field of software engineering, has been tailored to define a modelling
Joint UNECE/Eurostat/OECD Work Session on Statistical Metadata (METIS) Generic Statistical Business Process Model Version 4.0 April 2009 Prepared by the UNECE Secretariat 1 I. Background 1. The Joint UNECE
Introduction to OpenUP (Open Unified Process) Different projects have different process needs. Typical factors dictate the needs for a more formal or agile process, such as team size and location, architecture
Cloud Service Level Agreement Standardisation Guidelines Brussels 24/06/2014 1 Table of Contents Preamble... 4 1. Principles for the development of Service Level Agreement Standards for Cloud Computing...
Methods for Software Sizing How to Decide which Method to Use 1 Why Measure Software Size? Software is the output product from the software development and/or enhancement activity that is delivered and/or
IT Project Management Practices Guide Introduction The IT Project Management Practices Guide (Guide) contains a repeatable, institutionwide approach for the management of application development and/or
General Principles of Software Validation; Final Guidance for Industry and FDA Staff Document issued on: January 11, 2002 This document supersedes the draft document, "General Principles of Software Validation,
Appendix 3 (normative) High level structure, identical core text, common terms and core definitions NOTE In the Identical text proposals, XXX = an MSS discipline specific qualifier (e.g. energy, road traffic
Problem Management Contents Introduction Overview Goal of Problem Management Components of Problem Management Challenges to Effective Problem Management Difference between Problem and Incident Management
An introduction to Service Integration and Management and ITIL Kevin Holland AXELOS.com White Paper January 2015 Contents Foreword 3 Introduction 4 Models for SIAM 7 Principles and considerations 9 The
ADVANCED CAD PLM INTEGRATION IN A NAVAL SHIPBUILDING ENVIRONMENT F. Alonso, SENER Ingeniería y Sistemas S.A., Spain C. Gonzalez, SENER Ingeniería y Sistemas S.A., Spain R. Perez, SENER Ingeniería y Sistemas
CMMI for Development, Version 1.3 CMMI-DEV, V1.3 CMMI Product Team Improving processes for developing better products and services November 2010 TECHNICAL REPORT CMU/SEI-2010-TR-033 ESC-TR-2010-033 Software
Model-based Testing of Automotive Systems Eckard Bringmann, Andreas Krämer PikeTec GmbH, Germany Eckard.Bringmann@PikeTec.com, Andreas.Kraemer@PikeTec.com Abstract In recent years the development of automotive
With regard to the supply of products, the current issue of the following document is applicable: The General Terms of Delivery for Products and Services of the Electrical Industry, published by the Central
A guide to evaluating Council Services using quality indicators Securing the future... l Improving services l Enhancing quality of life l Making the best use of public resources Foreword Perth & Kinross
25 January 2006 Guidelines on the Application of the Supervisory Review Process under Pillar 2 (CP03 revised) Table of contents Executive Summary...2 Chapter 1: Introduction...4 Chapter 2. Guidance for
METADATA STANDARDS AND METADATA REGISTRIES: AN OVERVIEW Bruce E. Bargmeyer, Environmental Protection Agency, and Daniel W. Gillman, Bureau of Labor Statistics Daniel W. Gillman, Bureau of Labor Statistics,
A Template for Documenting Software and Firmware Architectures Version 1.3, 15-Mar-00 Michael A. Ogush, Derek Coleman, Dorothea Beringer Hewlett-Packard Product Generation Solutions firstname.lastname@example.org email@example.com
Practice Guide Reliance by Internal Audit on Other Assurance Providers DECEMBER 2011 Table of Contents Executive Summary... 1 Introduction... 1 Principles for Relying on the Work of Internal or External
2008 by Bundesamt für Sicherheit in der Informationstechnik (BSI) Godesberger Allee 185-189, 53175 Bonn Contents Contents 1 Introduction 1.1 Version History 1.2 Objective 1.3 Target group 1.4 Application
RISK MANAGEMENT GUIDE FOR DOD ACQUISITION Sixth Edition (Version 1.0) August, 2006 Department of Defense Preface The Department of Defense (DoD) recognizes that risk management is critical to acquisition