Towards a Model-Based Safety Assessment Process of Safety Critical Embedded Systems. Peter Bunus petbu@ida.liu.se

Similar documents
asuresign Aero (NATEP Grant MA005)

ISO Introduction

Efficient and Faster PLC Software Development Process for Automotive industry. Demetrio Cortese IVECO Embedded Software Design

The SPES Methodology Modeling- and Analysis Techniques

Virtual Platforms Addressing challenges in telecom product development

Best Practices for Verification, Validation, and Test in Model- Based Design

Hardware in the Loop (HIL) Testing VU 2.0, , WS 2008/09

Reduce Medical Device Compliance Costs with Best Practices.

Ames Consolidated Information Technology Services (A-CITS) Statement of Work

WORKSHOP RC EVI Integração de Sistemas Junho de 2011 Eng. Nelson José Wilmers Júnior

Hardware Virtualization for Pre-Silicon Software Development in Automotive Electronics

Parameters for Efficient Software Certification

Functionality as a Service (FaaS) in VSAT networking. Revolutionary solution for emerging markets

Peter Mileff PhD SOFTWARE ENGINEERING. The Basics of Software Engineering. University of Miskolc Department of Information Technology

ENEA: THE PROVEN LEADER IN SAFETY CRITICAL AVIONICS SYSTEMS

ASSESSMENT OF THE ISO STANDARD, ROAD VEHICLES FUNCTIONAL SAFETY

Customer Experience. Silicon. Support & Professional Eng. Services. Freescale Provided SW & Solutions

Software in safety critical systems

Software Engineering. Software Processes. Based on Software Engineering, 7 th Edition by Ian Sommerville

Safety and security related features in AUTOSAR

ISO Functional Safety Draft International Standard for Road Vehicles: Background, Status, and Overview

Embedded Systems. introduction. Jan Madsen

Software Development with Real- Time Workshop Embedded Coder Nigel Holliday Thales Missile Electronics. Missile Electronics

Vehicle Electronics. Services and Solutions to Manage the Complexity

Validation & Verification of Safety Critical Systems in the Aerospace Domain.

Mimer SQL Real-Time Edition White Paper

Automated Acceptance Testing of High Capacity Network Gateway

How to Upgrade SPICE-Compliant Processes for Functional Safety

Lecture 3 - Model-based Control Engineering

Automotive Software Development Challenges Virtualisation and Embedded Security

Development of AUTOSAR Software Components within Model-Based Design

2. Analysis, Design and Implementation

Testing & Verification of Digital Circuits ECE/CS 5745/6745. Hardware Verification using Symbolic Computation

ATV Data Link Simulator: A Development based on a CCSDS Layers Framework

SAFE SOFTWARE FOR SPACE APPLICATIONS: BUILDING ON THE DO-178 EXPERIENCE. Cheryl A. Dorsey Digital Flight / Solutions cadorsey@df-solutions.

Information Systems Analysis and Design CSC340. I. Introduction

Software Engineering: Analysis and Design - CSE3308

Analytical Products and Solutions. Complete service and maintenance solutions for your analytical equipment. usa.siemens.com/analyticalproducts

Software Engineering. What is a system?

Laptops on 4 wheels. New service processes for the automotive industry. Marko Weiße ProSTEP ivip Symposium

Certification of a Scade 6 compiler

Module 1 - Hardware Acquisition and Installation TABLE OF CONTENTS. Version 3.0

QuickSpecs. Models. HP Dynamic Smart Array B320i Controller. Overview

Effective Application of Software Safety Techniques for Automotive Embedded Control Systems SAE TECHNICAL PAPER SERIES

QuickSpecs. Models HP Smart Array E200 Controller. Upgrade Options Cache Upgrade. Overview

Model Based System Engineering (MBSE) For Accelerating Software Development Cycle

SQMB '11 Automated Model Quality Rating of Embedded Systems

CS 451 Software Engineering Winter 2009

How To Develop Software

Agile Model-Based Systems Engineering (ambse)

2. Analysis, Design and Implementation

Certified Software Quality Engineer (CSQE) Body of Knowledge

Software Engineering Reference Framework

Requirements-driven Verification Methodology for Standards Compliance

System-on-Chip Design Verification: Challenges and State-of-the-art

Network Configuration Management

Freescale Semiconductor, I

Software Asset Management (SAM) and ITIL Service Management - together driving efficiency

CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules

Software Module Test for an Electronic Steering Lock

Software Engineering Introduction & Background. Complaints. General Problems. Department of Computer Science Kent State University

Rigorous Methods for Software Engineering (F21RS1) High Integrity Software Development

Requirement Traceability in Practice

OpenSPARC Program. David Weaver Principal Engineer, UltraSPARC Architecture Principal OpenSPARC Evangelist Sun Microsystems, Inc.

Measuring Intangible Investment

Customers award top satisfaction scores to IBM System x x86 servers. August 2014 TBR T EC H N O LO G Y B U S I N ES S R ES EAR C H, I N C.

Software Engineering

Improving Quality and Yield Through Optimal+ Big Data Analytics

TDDC88 Lab 2 Unified Modeling Language (UML)

Model-Driven Software Development for Robotics: an overview

Introduction of ISO/DIS (ISO 26262) Parts of ISO ASIL Levels Part 6 : Product Development Software Level

Intrado Call Handling CPE. Standard Maintenance and Support Services ( MSS Terms )

CS314: Course Summary

CRAY GOLD SUPPORT SUPPORT OPERATIONS HANDBOOK. GOLD-SOHB Page 1 of 22

Trends in Embedded Software Development in Europe. Dr. Dirk Muthig

IEC Functional Safety Assessment. Project: K-TEK Corporation AT100, AT100S, AT200 Magnetostrictive Level Transmitter.

A Case Study of Application Development and Production Code Generation for a Telematics ECU with Full Unified Diagnostics Services

Quality in Aviation Software. Chris Hartgroves C.Eng. CQP Design Assurance SELEX Galileo

Propulsion Gas Path Health Management Task Overview. Donald L. Simon NASA Glenn Research Center

Test-Driven Approach for Safety-Critical Software Development

Plan-Driven Methodologies

International Software & Systems Engineering. Standards. Jim Moore The MITRE Corporation Chair, US TAG to ISO/IEC JTC1/SC7 James.W.Moore@ieee.

Software House Embedded Systems

HELP DESK SYSTEMS. Using CaseBased Reasoning

Testing of safety-critical software some principles

Alarm Clock USER GUIDE

Software Process for QA

About IER. HARDWARE MAINTENANCE and support services. PROFESSIONALISM and experience

IT and CRM A basic CRM model Data source & gathering system Database system Data warehouse Information delivery system Information users

Measuring Return on Investment of Model-Based Design

Transcription:

Towards a Model-Based Safety Assessment Process of Safety Critical Embedded Systems Peter Bunus petbu@ida.liu.se

Personal Presentation Peter Bunus Product and Technology Manager Responsible with the Technical Development of RODON, a model-based diagnostics system used by avionics and automotive industry peter.bunus@uptimeworld.com Part Time (15%) Assistant Professor at the Department of Computer and Information Science, Linköping University, SWEDEN Course Leader and Examiner for TDDB84 Design Patterns Research on modeling and simulation languages, model-based software development, program static analysis and verification, debugging, diagnosis Programming environments

How to Prevent Failures Todays lecture will be about how to prevent failures What is needed to be done during the design process What can be done after the system is deployed to minimize failure effects Picture from Radio Nederland Wereldomroep Picture from Radio Nederland Wereldomroep Picture taken by Janis Krums

Attributes of Dependability IFIP WG 10.4 definitions Safety: absence of harm to people and environment Availability: the readiness for correct service Integrity: absence of improper system alterations Reliability: continuity of correct service Maintainability: ability to undergo modifications and repairs

Maintainability

Models of After Sales Services Service priority Business model None Disposal Dispose of products when they fail or need to be upgraded Terms Example Product owner Razor blades Consumer Low Ad hoc Pay for support as needed TVs Consumer Med iu m-high Warranty Pay fixed price as need ed PCs Consu m er Medium-high Lease Pay fixed price for a fixed time; option to buy product H igh Cost-plu s Pay fixed price based on cost and pre-negotiated m argin Vehicles Constru ction Manu factu rer; leasing com pany Very high Performance based Pay based on product s perform ance Aircraft Cu stomer Very high Power by the hour Pay for services u sed Aircraft engines Cu stom er

Geographical Hierarchy Central repair facility, spare parts warehouse, and distribution center Regional repair facilities and spare parts distribution centers Field repair facilities and spare parts distribution centers Stocks of spare parts on-site with customers

After Sales Services

Houston We ve had a problem

Houston We ve had a problem

What do you think? Which kind of Services do we need to provide to the Apollo 13 crew members?

Model of the NASA ADAPT Satellite System

Model-Based Diagnosis Principles Corrections repair actions Observations Observed behavior Actual system Passenger seat system Diagnosis Predicted behavior Diagnostic Reasoner Simulation Model of the passenger seat system

The Diagnostic Problem Design Structural Description V=i*R Domain Knowledge Component Diagnostic Reasoner Diagnosis Repair Actions Replace servovalve Measurements/ Observations X=6V

Where the Model Comes From?

Traditional Design Flow Traditional Design Flow Characterized by a sequential flow, iteration is expensive Manual code development, paper intensive, error prone, resistant to change Projects get complex to manage by the end of integration process REQUIREMENTS ANALYSIS DESIGN IMPLEMENTATION INTEGRATION & TESTING VALIDATION Documentation Documentation Documentation & Code and Hardware Documentation & Testing Documentation & Testing on Target

Model-Based Design REQUIREMENTS ANALYSIS DESIGN IMPLEMENTATION INTEGRATION & TESTING VALIDATION Documentation Requirements & Algorithm Spec & Architecture Spec Executable Specification Executable Specification & Generated Code Simulation & Testing Simulation & Testing on Target Model-Based Design Flow Build explicit architectures of predictable systems Go seamlessly from abstraction to realizations Capitalize on verification activities early and all along the development flow

ARP 4754 Safety Assessment Diagram SAE ARP 4754 "Certification Considerations for Highly-Integrated or Complex Aircraft Systems

Frequency of Faults

Traditional Model Development Technology expert Technology expertise Platform expertise Platform expert Domain analysts, Modelers, Designers, Developers Traditional Development Tools Application Domain expertise Domain experts

MDA-Based Modeling and Development Application Developers Technology expert Technology expertise Implementation expertise Platform expertise Platform expert Domain expertise MDA Tools Application Domain experts

Model-Based Approach to Safety Assessment SAE ARP 4754 "Certification Considerations for Highly-Integrated or Complex Aircraft Systems

Flexibility in Supporting the Process

Vehicle Verification Stage Requirement Identification System Requirement Identification Item Requirement Identification Item Design Implementation Item Verification System Verification Vehicle Verification FHA Prel Arch Req FE & P Budget Update Update FMEA To Other Systems Prel Arch Req FE & P Budget Update FMEA To Other Systems Prel FMEA FMEA Arch Req FE Lambda budget HW Level SW Level HW SW FM Lambda FE

The Diagnosis Problem

Traditional Service Process

Tutorial Demo Exterior Lighting

Model-Based Diagnostics in Practice

Diagnostic Rules Generated by systematic computation Contains virtually all Root cause <=> symptom relationships Applicable in Real Time systems Finds single & multiple faults Interfaces exist to various embedded systems exist Resources Diagnostic Engine: 16 Bit μ-processor, 25 Mhz 118 KB Flash memory Resources Diagnostic Application: Compiled model < 2KB Some 20 msec time

Requirement Identification Item & System Verification Stage System Requirement Identification Item Requirement Identification Item Design Implementation Item Verification System Verification Vehicle Verification FHA Prel Arch Req FE & P Budget Update Update FMEA To Other Systems Prel Arch Req FE & P Budget Update FMEA To Other Systems Prel FMEA FMEA Arch Req FE Lambda budget HW Level SW Level HW SW FM Lambda FE

The FMEA Process Engineering R&D FMEA Design and CAD Information FMEA MB FM modeling Func decomp Reusable Failure Data Effect modeling Traditional FMEA Process. Based on documents and manual reasoning Model Based FMEA provide systematic and quicker feedback to engineering automatically

Tutorial Demo Model and Generated FMEA

Failure Impact on Functions (detected and undetected) RODON based FMEA detects recognized and unrecognized failures

Requirement Identification Item Design Implementation Stage System Requirement Identification Item Requirement Identification Item Design Implementation Item Verification System Verification Vehicle Verification FHA Prel Arch Req FE & P Budget Update Update FMEA To Other Systems Prel Arch Req FE & P Budget Update FMEA To Other Systems Prel FMEA FMEA Arch Req FE Lambda budget HW Level SW Level HW SW FM Lambda FE

Train Electrical Door System

Diagnostics Results Decision Trees

Requirement Identification Requirements Identification Stage System Requirement Identification Item Requirement Identification Item Design Implementation Item Verification System Verification Vehicle Verification FHA Prel Arch Req FE & P Budget Update Update FMEA To Other Systems Prel Arch Req FE & P Budget Update FMEA To Other Systems Prel FMEA FMEA Arch Req FE Lambda budget HW Level SW Level HW SW FM Lambda FE

Early Function Failure Analysis

Early test strategies

Testability and Test Coverage

Models for Reliability Prediction

Model-Based Safety Assessment The biggest disadvantage of every model-based approach is the model itself Building models takes time Finding the right level of abstraction is difficult Model Reusability can be achieved by development of generic model libraries

Communication with other Systems RELEX ISOGRAPH C

Modeling Challenge Failure Tree Analysis Function Architecture System Architecture

Conclusions The Safety Assessment community should look closer on integrations issues as well Common modeling formalism and model-based approach for safety assessment process is important.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information