Supporting the automated generation of modular product line safety cases

Abstract The effective reuse of design assets in safety-critical Software Product Lines (SPL) would require the reuse of safety analyses of those assets in the variant contexts of certification of products derived from the SPL. This in turn requires the traceability of SPL variation across design, including variation in safety analysis and safety cases. In this paper, we propose a method and tool to support the automatic generation of modular SPL safety case architectures from the information provided by SPL feature modeling and model-based safety analysis. The Goal Structuring Notation (GSN) safety case modeling notation and its modular extensions supported by the D-Case Editor were used to implement the method in an automated tool support. The tool was used to generate a modular safety case for an automotive Hybrid Braking System SPL

Modeling and Testing a Family of Surgical Robots: An Experience Report

Safety-critical applications often use dependability cases to validate that specified properties are invariant, or to demonstrate a counter example showing how that property might be violated. However, most dependability cases are written with a single product in mind. At the same time, software product lines (families of related software products) have been studied with the goal of modeling variability and commonality, and building family based techniques for both analysis and testing. However, there has been little work on building an end to end dependability case for a software product line (where a property is modeled, a counter example is found and then validated as a true positive via testing), and none that we know of in an emerging safety-critical domain, that of robotic surgery. In this paper, we study a family of surgical robots, that combine hardware and software, and are highly configurable, representing over 1300 unique robots. At the same time, they are considered safety-critical and should have associated dependability cases. We perform a case study to understand how we can bring together lightweight formal analysis, feature modeling, and testing to provide an end to end pipeline to find potential violations of important safety properties. In the process, we learned that there are some interesting and open challenges for the research community, which if solved will lead towards more dependable safety-critical cyber-physical systems

Understanding Variability-Aware Analysis in Low-Maturity Variant-Rich Systems

Context: Software systems often exist in many variants to support varying stakeholder requirements, such as specific market segments or hardware constraints. Systems with many variants (a.k.a. variant-rich systems) are highly complex due to the variability introduced to support customization. As such, assuring the quality of these systems is also challenging since traditional single-system analysis techniques do not scale when applied. To tackle this complexity, several variability-aware analysis techniques have been conceived in the last two decades to assure the quality of a branch of variant-rich systems called software product lines. Unfortunately, these techniques find little application in practice since many organizations do use product-line engineering techniques, but instead rely on low-maturity \clo~strategies to manage their software variants. For instance, to perform an analysis that checks that all possible variants that can be configured by customers (or vendors) in a car personalization system conform to specified performance requirements, an organization needs to explicitly model system variability. However, in low-maturity variant-rich systems, this and similar kinds of analyses are challenging to perform due to (i) immature architectures that do not systematically account for variability, (ii) redundancy that is not exploited to reduce analysis effort, and (iii) missing essential meta-information, such as relationships between features and their implementation in source code.Objective: The overarching goal of the PhD is to facilitate quality assurance in low-maturity variant-rich systems. Consequently, in the first part of the PhD (comprising this thesis) we focus on gaining a better understanding of quality assurance needs in such systems and of their properties.Method: Our objectives are met by means of (i) knowledge-seeking research through case studies of open-source systems as well as surveys and interviews with practitioners; and (ii) solution-seeking research through the implementation and systematic evaluation of a recommender system that supports recording the information necessary for quality assurance in low-maturity variant-rich systems. With the former, we investigate, among other things, industrial needs and practices for analyzing variant-rich systems; and with the latter, we seek to understand how to obtain information necessary to leverage variability-aware analyses.Results: Four main results emerge from this thesis: first, we present the state-of-practice in assuring the quality of variant-rich systems, second, we present our empirical understanding of features and their characteristics, including information sources for locating them; third, we present our understanding of how best developers\u27 proactive feature location activities can be supported during development; and lastly, we present our understanding of how features are used in the code of non-modular variant-rich systems, taking the case of feature scattering in the Linux kernel.Future work: In the second part of the PhD, we will focus on processes for adapting variability-aware analyses to low-maturity variant-rich systems.Keywords:\ua0Variant-rich Systems, Quality Assurance, Low Maturity Software Systems, Recommender Syste

The state of adoption and the challenges of systematic variability management in industry

Handling large-scale software variability is still a challenge for many organizations. After decades of research on variability management concepts, many industrial organizations have introduced techniques known from research, but still lament that pure textbook approaches are not applicable or efficient. For instance, software product line engineering—an approach to systematically develop portfolios of products—is difficult to adopt given the high upfront investments; and even when adopted, organizations are challenged by evolving their complex product lines. Consequently, the research community now mainly focuses on re-engineering and evolution techniques for product lines; yet, understanding the current state of adoption and the industrial challenges for organizations is necessary to conceive effective techniques. In this multiple-case study, we analyze the current adoption of variability management techniques in twelve medium- to large-scale industrial cases in domains such as automotive, aerospace or railway systems. We identify the current state of variability management, emphasizing the techniques and concepts they adopted. We elicit the needs and challenges expressed for these cases, triangulated with results from a literature review. We believe our results help to understand the current state of adoption and shed light on gaps to address in industrial practice.This work is supported by Vinnova Sweden, Fond Unique Interminist´eriel (FUI) France, and the Swedish Research Council. Open access funding provided by University of Gothenbur

Putting Teeth into Open Architectures: Infrastructure for Reducing the Need for Retesting

Proceedings Paper (for Acquisition Research Program)The Navy is currently implementing the open-architecture framework for developing joint interoperable systems that adapt and exploit open-system design principles and architectures. This raises concerns about how to practically achieve dependability in software-intensive systems with many possible configurations when: 1) the actual configuration of the system is subject to frequent and possibly rapid change, and 2) the environment of typical reusable subsystems is variable and unpredictable. Our preliminary investigations indicate that current methods for achieving dependability in open architectures are insufficient. Conventional methods for testing are suited for stovepipe systems and depend strongly on the assumptions that the environment of a typical system is fixed and known in detail to the quality-assurance team at test and evaluation time. This paper outlines new approaches to quality assurance and testing that are better suited for providing affordable reliability in open architectures, and explains some of the additional technical features that an Open Architecture must have in order to become a Dependable Open Architecture.Naval Postgraduate School Acquisition Research ProgramApproved for public release; distribution is unlimited

Advanced manned space flight simulation and training: An investigation of simulation host computer system concepts

The findings of a preliminary investigation by Southwest Research Institute (SwRI) in simulation host computer concepts is presented. It is designed to aid NASA in evaluating simulation technologies for use in spaceflight training. The focus of the investigation is on the next generation of space simulation systems that will be utilized in training personnel for Space Station Freedom operations. SwRI concludes that NASA should pursue a distributed simulation host computer system architecture for the Space Station Training Facility (SSTF) rather than a centralized mainframe based arrangement. A distributed system offers many advantages and is seen by SwRI as the only architecture that will allow NASA to achieve established functional goals and operational objectives over the life of the Space Station Freedom program. Several distributed, parallel computing systems are available today that offer real-time capabilities for time critical, man-in-the-loop simulation. These systems are flexible in terms of connectivity and configurability, and are easily scaled to meet increasing demands for more computing power

PRODUCT LINE ARCHITECTURE FOR HADRONTHERAPY CONTROL SYSTEM: APPLICATIONS DEVELOPMENT AND CERTIFICATION

Hadrontherapy is the treatment of cancer with charged ion beams. As the charged ion beams used in hadrontherapy are required to be accelerated to very large energies, the particle accelerators used in this treatment are complex and composed of several sub-systems. As a result, control systems are employed for the supervision and control of these accelerators. Currently, The Italian National Hadrontherapy Facility (CNAO) has the objective of modernizing one of the software environments of its control system. Such a project would allow for the integration of new types of devices into the control system, such as mobile devices, as well as introducing newer technologies into the environment. In order to achieve this, this work began with the requirement analysis and definition of a product line architecture for applications of the upgraded control system environment. The product line architecture focuses on reliability, maintainability, and ease of compliance with medical software certification directives. This was followed by the design and development of several software services aimed at allowing the communication of the environments applications and other components of the control system, such as remote file access, relational data access, and OPC-UA. In addition, several libraries and tools have been developed to support the development of future control system applications, following the defined product line architecture. Lastly, a pilot application was created using the tools developed during this work, as well as the preliminary results of a cross-environment integration project. The approach followed in this work is later evaluated by comparing the developed tools to their legacy counterparts, as well as estimating the impact of future applications following the defined product line architecture.Hadrontherapy is the treatment of cancer with charged ion beams. As the charged ion beams used in hadrontherapy are required to be accelerated to very large energies, the particle accelerators used in this treatment are complex and composed of several sub-systems. As a result, control systems are employed for the supervision and control of these accelerators. Currently, The Italian National Hadrontherapy Facility (CNAO) has the objective of modernizing one of the software environments of its control system. Such a project would allow for the integration of new types of devices into the control system, such as mobile devices, as well as introducing newer technologies into the environment. In order to achieve this, this work began with the requirement analysis and definition of a product line architecture for applications of the upgraded control system environment. The product line architecture focuses on reliability, maintainability, and ease of compliance with medical software certification directives. This was followed by the design and development of several software services aimed at allowing the communication of the environments applications and other components of the control system, such as remote file access, relational data access, and OPC-UA. In addition, several libraries and tools have been developed to support the development of future control system applications, following the defined product line architecture. Lastly, a pilot application was created using the tools developed during this work, as well as the preliminary results of a cross-environment integration project. The approach followed in this work is later evaluated by comparing the developed tools to their legacy counterparts, as well as estimating the impact of future applications following the defined product line architecture

Real-Time Performance of Industrial IoT Communication Technologies: A Review

With the growing need for automation and the ongoing merge of OT and IT, industrial networks have to transport a high amount of heterogeneous data with mixed criticality such as control traffic, sensor data, and configuration messages. Current advances in IT technologies furthermore enable a new set of automation scenarios under the roof of Industry 4.0 and IIoT where industrial networks now have to meet new requirements in flexibility and reliability. The necessary real-time guarantees will place significant demands on the networks. In this paper, we identify IIoT use cases and infer real-time requirements along several axes before bridging the gap between real-time network technologies and the identified scenarios. We review real-time networking technologies and present peer-reviewed works from the past 5 years for industrial environments. We investigate how these can be applied to controllers, systems, and embedded devices. Finally, we discuss open challenges for real-time communication technologies to enable the identified scenarios. The review shows academic interest in the field of real-time communication technologies but also highlights a lack of a fixed set of standards important for trust in safety and reliability, especially where wireless technologies are concerned.Comment: IEEE Internet of Things Journal 2023 | Journal article DOI: 10.1109/JIOT.2023.333250