120 likes | 229 Views
pSCWP2: Technology & Process Deliverables Status Sasikumar Punnekkat MDH, Sweden. Objectives. to define a generic process model with generic activities and generic artifacts to take ad-vantage of the compositional approach for co-certification (pSafeCer WP2.1)
E N D
pSCWP2: Technology & Process Deliverables Status Sasikumar Punnekkat MDH, Sweden
Objectives • to define a generic process model with generic activities and generic artifacts to take ad-vantage of the compositional approach for co-certification (pSafeCer WP2.1) • to define languages to specify certification related properties and safety contracts and their integration into existing component models (pSafeCer WP2.2) • to provide a safety argument describing why the overall system is acceptably safe, and evidence to support claims made in the argument (pSafeCer WP2.3) • to adapt existing verification and validation techniques to aid the certification of compo-nents and their composition (pSafeCer WP2.4)
pSCWP2.1: Process Model • The EPF (Eclipse Process Framework) Composer project, with the overall life cycle for the IEC61508 standard as well as stubs for the DO178B, EN50126, ISO15998, and ISO26262 standards was made with • Generic Process model D2.1.1 (V1- M8 & V2-M12) • A highly improved version (V3) with a high level view using activity patterns, a safety process line approach and descriptions of applicable scenarios was released in M24 • Conducted a survey regarding the reuse patterns regarding platform components. • Initial study results included in D2.1.2 (Platform guidelines) (released during May2012) and a refined version and further research studies based on industrial interviews are under progress. • D2.1.3 & D2.1.5 were delayed These two deliverables are being combined and expected to be delivered M30. • D2.1.4 Guidelines with respect to life cycle models delivered M25
pSCWP2.2: Component Model • Certification Properties &Safety Contracts (CP&SC), which are relevant from the per-spective of WP2.3, were identified (D2.2.1– Delivered Feb 2012) • Relevant component models and related projects have been reviewed including AUTOSAR, lwCCM, CHESS, VERDE and CESAR (D 2.2.2 -Delivered in Feb 2012) • Requirements on a Unified component meta model have been formulated.(D2.2.1 - Feb 2012) • The original focus of the component model work in SafeCer has shifted a bit as a result of discussions (e.g., terminology telcos & Bokenas meeing). • Initially based on a CBSE perspective, focusing on defining a component model unifying existing component models used by the partners . It was felt that from the perspective of most SafeCer partners and WPs, an architectural modelling language is sufficient (not a component model in the CBSE sense). • In addition to compositional reasoning, we want to address the reuse aspect: “Assuming that we build a system from SW components, perform all certification activities for this system, and later want to reuse some of the components in a new system, we want to reuse some of the certification effort.” • If some parts of the evidence and the argumentation is valid for a component regardless of the context (or, rather, only based on well-defined assumptions about the context), these parts should be isolated and associated with the component. • What is a good balance between focusing on software components and recognizing the need of modelling on system level. • Some of the work in W2.2 will deal with concrete SW components in the CBSE sense, but as much as possible we want to generalize the concepts to apply to modelling of system entities in a more general/abstract sense. • WP2.2 thus focuses primarily on the relation between contracts/properties and concepts in the component model, rather than the definition of (yet another) unified component model
pSCWP2.3: Safety Argumentation • An extended list of activities and actions to be undertaken has been produced and is in the process of being agreed by the partners. • Performed state of the art study as well as release of a White paper and disseminated amongst the partners. Synchronisiation with partners in other WPs performed to ensure the expressiveness of the meta-models and contracts. • We have investigated safety contracts from the perspective of what must be in them. Other SafeCer work packages have investigated how contracts relate to the component metamodel and how some kinds of properties might be represented in con-tracts. Our work has focused on what safety contracts must contain to facilitate safety engineering and safety argumentation. Through an illustrative example, we have elabo-rated on how the content of the safety contract affects activities throughout the safety lifecycle, from component selection through system design, safety assessment, verifica-tion, and validation. • Our investigation has revealed challenges in representing both confidence (i.e. the de-gree to which evidence supports a claim in the contract) and properties that change over the course of development (e.g. from a rough indication of a component’s likely runtime that aids component selection to a budget for planning and allocation to a tight guarantee of a the performance of a component as compiled for and running on a par-ticular target).
pSCWP2.4: Verification & Validation • • Identification of meta-models and languages for certification properties and contracts. • • Identification of existing methods for certifying system based on the different contexts’ requirements. • • Development of a contract-based framework for the correct refinement of safety proper-ties based on temporal logics for embedded systems. • • Successfully delivered all the deliverables planned during first 30 months.
Publications • Stephan Baumgart, Joakim Fröberg, and Sasikumar Punnekkat , 'Towards Effi-cient Functional Safety Certification of Construction Machinery Using a Compo-nent-Based Approach', PLEASE workshop in ICSE, Zurich, June 2012 • B. Gallina, I. Sljivo, O. Jaradat. Towards a Safety-oriented Process Line for En-abling Reuse in Safety Critical Systems Development and Certification. Post-proceedings of the 35th IEEE Software Engineering Workshop (SEW-35), 2012. • Henrik Jonsson, Stig Larsson, Sasikumar Punnekkat, Agile Practices in Regu-lated Railway Software Development, WoSoCER, ISSRE, IEEE, Dallas, TX, USA, November, 2012 • Barbara Gallina, Karthik Raja Pitchai (external), Kristina Lundqvist, S-TunExSPEM: Towards an Extension of SPEM 2.0 to Model and Exchange Tuneable Safety-oriented Processes, 11th International Conference on Software Engineering Research, Management and Applications (SERA), Springer SCI, Prague, Czech Republic, August, 2013 • Rikard Land, Mikael Åkerholm, Jan Carlson , Efficient Software Component Re-use in Safety-Critical Systems - An Empirical Study, 31st Int'l Conf. on Computer Safety, Reliability, and Security (SAFECOMP 2012), Sept, 2012 • Fostering Reuse within Safety-critical Component-based Systems through Fine-grained Contracts"; Irfan Sljivo, Jan Carlson, Barbara Gallina, Hans Hansson; in International Workshop on Critical Software Component Reusability and Certifi-cation across Domains, Pisa, Italy, June 2013
Publications • S. Björnander, R. Land, P. Graydon and K. Lundqvist, P. Conmy, A Method to Formally Evaluate Safety Case: Arguments against a System Architecture Mod-el, IEEE 23rd International Symposium on Software Reliability Engineering Workshops (WoSoCER-ISSRE), Nov 2012 , Dallas (USA), 2012 • Raghad Dardar, Barbara Gallina, Andreas Johnsen, Kristina Lundqvist, Mattias Nyberg , Industrial Experiences of Building a Safety Case in Compliance with ISO 26262, Second Workshop on Software Certification (WoSoCER),ISSRE), IEEE, Dallas (Texas), USA, November, 2012 • Towards Automatic Verification of Safety Properties in AADL System Models; Stefan Björnander, Patrick Graydon, Rikard Land, ISSC (Best Paper Award), (http://issc2013.system-safety.org/), Boston, August 2013 • Verification of Timed Erlang Programs using McErlang. C. Benac Earle, L-A. Fredlund. Joint 14th IFIP WG 6.1 International Conference, FMOODS 2012 and 32nd IFIP WG 6.1 International Conference, FORTE 2012. Lecture Notes in Computer Science. June 2012. Springer. Berlin, Germany.. • Alessandro Cimatti, Stefano Tonetta: A Property-Based Proof System for Contract-Based Design. EUROMICRO-SEAA 2012: 21-28.