Architecture framework for software safety

Currently, an increasing number of systems are controlled by soft- ware and rely on the correct operation of software. In this context, a safety- critical system is defined as a system in which malfunctioning software could result in death, injury or damage to environment. To mitigate these serious risks, the architecture of safety-critical systems needs to be carefully designed and analyzed. A common practice for modeling software architecture is the adoption of software architecture viewpoints to model the architecture for par- ticular stakeholders and concerns. Existing architecture viewpoints tend to be general purpose and do not explicitly focus on safety concerns in particular. To provide a complementary and dedicated support for designing safety critical systems, we propose an architecture framework for software safety. The archi- tecture framework is based on a metamodel that has been developed after a tho- rough domain analysis. The framework includes three coherent viewpoints, each of which addressing an important concern. The application of the view- points is illustrated for an industrial case of safety-critical avionics control computer system. © Springer International Publishing Switzerland 2014

WiseMove: A Framework for Safe Deep Reinforcement Learning for Autonomous Driving

Machine learning can provide efficient solutions to the complex problems encountered in autonomous driving, but ensuring their safety remains a challenge. A number of authors have attempted to address this issue, but there are few publicly-available tools to adequately explore the trade-offs between functionality, scalability, and safety. We thus present WiseMove, a software framework to investigate safe deep reinforcement learning in the context of motion planning for autonomous driving. WiseMove adopts a modular learning architecture that suits our current research questions and can be adapted to new technologies and new questions. We present the details of WiseMove, demonstrate its use on a common traffic scenario, and describe how we use it in our ongoing safe learning research

Independent Configurable Architecture for Reliable Operation of Unmanned Systems with Distributed Onboard Services

This paper presents the development of ICAROUS-2 (Independent Configurable Architecture for Reliable Operation of Unmanned Systems with Distributed Onboard Services), the second generation of a software architecture that integrates several algorithms as distributed onboard services to enable robust autonomous UAS applications. In particular, the ICAROUS architecture defines a framework to perform detect and avoid, geofencing, path monitoring, path planning, and autonomous decision making to ensure safety and mission progress. Most of the core algorithms implemented in ICAROUS are formally verified using an interactive theorem prover. These algorithms are composed together using a plan execution engine, whose operational semantics is formally specified. A description of the integrated architecture, services currently available, and flight test results highlighting the capability of ICAROUS are presented

Model Based Functional Safety – How Functional Is It?

As the engineering world embraces Model Based System Engineering (MBSE), the system safety discipline should also enfold and support MBSE methodology and approaches. The need for Model Based Functional safety, as part of the established system safety and software safety process, is becoming apparent due to existing and developing system design complexity. This paper is intended to show how valuable Model Based Functional Safety approaches can be when evaluating safety signification functions of complex software-intensive integrated systems. Using models can improve the accuracy during the Functional Hazard Analysis (FHA) and can help validate Fault Tree Analyses (FTA) and subsequent system safety analysis (SSA) process and results because the model focuses on the architecture, the physical system, the computer system, as well as the applicable software/middleware/Programmable Logic Devices (PLDs). Model Based Functional Safety may utilize use cases, structural architecture models, activity diagrams, sequence diagrams, functional flow diagrams, and state/mode models to depict safety attributes and to influence explicit safety requirements. SysML may be used to depict critical functions, functional threads, safety features, and expected behavior. Such augmented models (safety models) can also be used to analyze potential off nominal failure conditions and system behavior for various scenarios when conducting FHAs and subsequently detailed system and software safety analyses. This paper will provide an example of the MBSE framework and concepts for tool use in the functional safety analysis and the utilization of attributed models and artifacts to supplement system safety documentation

Hierarchical video surveillance architecture: a chassis for video big data analytics and exploration

There is increasing reliance on video surveillance systems for systematic derivation, analysis and interpretation of the data needed for predicting, planning, evaluating and implementing public safety. This is evident from the massive number of surveillance cameras deployed across public locations. For example, in July 2013, the British Security Industry Association (BSIA) reported that over 4 million CCTV cameras had been installed in Britain alone. The BSIA also reveal that only 1.5% of these are state owned. In this paper, we propose a framework that allows access to data from privately owned cameras, with the aim of increasing the efficiency and accuracy of public safety planning, security activities, and decision support systems that are based on video integrated surveillance systems. The accuracy of results obtained from government-owned public safety infrastructure would improve greatly if privately owned surveillance systems ‘expose’ relevant video-generated metadata events, such as triggered alerts and also permit query of a metadata repository. Subsequently, a police officer, for example, with an appropriate level of system permission can query unified video systems across a large geographical area such as a city or a country to predict the location of an interesting entity, such as a pedestrian or a vehicle. This becomes possible with our proposed novel hierarchical architecture, the Fused Video Surveillance Architecture (FVSA). At the high level, FVSA comprises of a hardware framework that is supported by a multi-layer abstraction software interface. It presents video surveillance systems as an adapted computational grid of intelligent services, which is integration-enabled to communicate with other compatible systems in the Internet of Things (IoT)

A Reasoning Framework for Dependability in Software Architectures

The degree to which a software system possesses specified levels of software quality attributes, such as performance and modifiability, often have more influence on the success and failure of those systems than the functional requirements. One method of improving the level of a software quality that a product possesses is to reason about the structure of the software architecture in terms of how well the structure supports the quality. This is accomplished by reasoning through software quality attribute scenarios while designing the software architecture of the system. As society relies more heavily on software systems, the dependability of those systems becomes critical. In this study, a framework for reasoning about the dependability of a software system is presented. Dependability is a multi-faceted software quality attribute that encompasses reliability, availability, confidentiality, integrity, maintainability and safety. This makes dependability more complex to reason about than other quality attributes. The goal of this reasoning framework is to help software architects build dependable software systems by using quantitative and qualitative techniques to reason about dependability in software architectures

Simulation System for the Wendelstein 7-X Safety Control System

The Wendelstein 7-X (W7-X) Safety Instrumented System (SIS) ensures personal safety and investment protection. The development and implementation of the SIS are based on the international safety standard for the process industry sector, IEC 61511. The SIS exhibits a distributed and hierarchical organized architecture consisting of a central Safety System (cSS) on the top and many local Safety Systems (lSS) at the bottom. Each technical component or diagnostic system potentially hazardous for the staff or for the device is equipped with an lSS. The cSS is part of the central control system of W7-X. Whereas the lSSs are responsible for the safety of each individual component, the cSS ensures safety of the whole W7-X device. For every operation phase of the W7-X experiment hard- and software updates for the SIS are mandatory. New components with additional lSS functionality and additional safety signals have to be integrated. Already established safety functions must be adapted and new safety functions have to be integrated into the cSS. Finally, the safety programs of the central and local safety systems have to be verified for every development stage and validated against the safety requirement specification. This contribution focuses on the application of a model based simulation system for the whole SIS of W7-X. A brief introduction into the development process of the SIS and its technical realization will be give followed by a description of the design and implementation of the SIS simulation system using the framework SIMIT (Siemens). Finally, first application experiences of this simulation system for the preparation of the SIS for the upcoming operation phase OP 1.2b of W7-X will be discussed