Automatic instantiation of abstract tests on specific configurations for large critical control systems

Computer-based control systems have grown in size, complexity, distribution and criticality. In this paper a methodology is presented to perform an abstract testing of such large control systems in an efficient way: an abstract test is specified directly from system functional requirements and has to be instantiated in more test runs to cover a specific configuration, comprising any number of control entities (sensors, actuators and logic processes). Such a process is usually performed by hand for each installation of the control system, requiring a considerable time effort and being an error prone verification activity. To automate a safe passage from abstract tests, related to the so called generic software application, to any specific installation, an algorithm is provided, starting from a reference architecture and a state-based behavioural model of the control software. The presented approach has been applied to a railway interlocking system, demonstrating its feasibility and effectiveness in several years of testing experience

Automatic instantiation of abstract tests to specific configurations for large critical control systems

Computer-based control systems have grown in size, complexity, distribution and criticality. In this paper a methodology is presented to perform an ‘abstract testing’ of such large control systems in an efficient way: an abstract test is specified directly from system functional requirements and has to be instantiated in more test runs to cover a specific configuration, comprising any number of control entities (sensors, actuators and logic processes). Such a process is usually performed by hand for each installation of the control system, requiring a considerable time effort and being an error-prone verification activity. To automate a safe passage from abstract tests, related to the so-called generic software application, to any specific installation, an algorithm is provided, starting from a reference architecture and a statebased behavioural model of the control software. The presented approach has been applied to a railway interlocking system, demonstrating its feasibility and effectiveness in several years of testing experience

Modelling mobile health systems: an application of augmented MDA for the extended healthcare enterprise

Mobile health systems can extend the enterprise computing system of the healthcare provider by bringing services to the patient any time and anywhere. We propose a model-driven design and development methodology for the development of the m-health components in such extended enterprise computing systems. The methodology applies a model-driven design and development approach augmented with formal validation and verification to address quality and correctness and to support model transformation. Recent work on modelling applications from the healthcare domain is reported. One objective of this work is to explore and elaborate the proposed methodology. At the University of Twente we are developing m-health systems based on Body Area Networks (BANs). One specialization of the generic BAN is the health BAN, which incorporates a set of devices and associated software components to provide some set of health-related services. A patient will have a personalized instance of the health BAN customized to their current set of needs. A health professional interacts with their\ud patients¿ BANs via a BAN Professional System. The set of deployed BANs are supported by a server. We refer to this distributed system as the BAN System. The BAN system extends the enterprise computing system of the healthcare provider. Development of such systems requires a sound software engineering approach and this is what we explore with the new methodology. The methodology is illustrated with reference to recent modelling activities targeted at real implementations. In the context of the Awareness project BAN implementations will be trialled in a number of clinical settings including epilepsy management and management of chronic pain

The uses of process modeling : a framework for understanding modeling formalisms

There is wide-spread recognition of the urgent need to improve software processes in order to improve the performance of software organizations. Process models are essential in achieving understanding and visibility of processes and are important for other uses including the analysis of processes for improvement. It has been increasingly difficult to compare and evaluate the variety of process modeling formalisms that have appeared in recent years without a clear understanding of precisely for what they will be used. The contribution of this paper is to provide an understanding and a fairly comprehensive catalog of the applications of process modeling for which formalisms may be used. The primary mechanism for doing this is a guided tour of the literature on process modeling supplemented by recent industrial experience. In the paper, basic definitions concerning processes, process descriptions and process modeling are reviewed and then uses of process modeling are surveyed under the following headings: communication among process participants, construction of new processes, control of processes, process· analysis, and process support by automation. Comments are offered on paradigms for process modeling formalisms and directions for future work to permit evolution of a discipline of process engineering are given

Model-connected safety cases

Regulatory authorities require justification that safety-critical systems exhibit acceptable levels of safety. Safety cases are traditionally documents which allow the exchange of information between stakeholders and communicate the rationale of how safety is achieved via a clear, convincing and comprehensive argument and its supporting evidence. In the automotive and aviation industries, safety cases have a critical role in the certification process and their maintenance is required throughout a system’s lifecycle. Safety-case-based certification is typically handled manually and the increase in scale and complexity of modern systems renders it impractical and error prone.Several contemporary safety standards have adopted a safety-related framework that revolves around a concept of generic safety requirements, known as Safety Integrity Levels (SILs). Following these guidelines, safety can be justified through satisfaction of SILs. Careful examination of these standards suggests that despite the noticeable differences, there are converging aspects. This thesis elicits the common elements found in safety standards and defines a pattern for the development of safety cases for cross-sector application. It also establishes a metamodel that connects parts of the safety case with the target system architecture and model-based safety analysis methods. This enables the semi- automatic construction and maintenance of safety arguments that help mitigate problems related to manual approaches. Specifically, the proposed metamodel incorporates system modelling, failure information, model-based safety analysis and optimisation techniques to allocate requirements in the form of SILs. The system architecture and the allocated requirements along with a user-defined safety argument pattern, which describes the target argument structure, enable the instantiation algorithm to automatically generate the corresponding safety argument. The idea behind model-connected safety cases stemmed from a critical literature review on safety standards and practices related to safety cases. The thesis presents the method, and implemented framework, in detail and showcases the different phases and outcomes via a simple example. It then applies the method on a case study based on the Boeing 787’s brake system and evaluates the resulting argument against certain criteria, such as scalability. Finally, contributions compared to traditional approaches are laid out

Towards design of prognostics and health management solutions for maritime assets

With increase in competition between OEMs of maritime assets and operators alike, the need to maximize the productivity of an equipment and increase operational efficiency and reliability is increasingly stringent and challenging. Also, with the adoption of availability contracts, maritime OEMs are becoming directly interested in understanding the health of their assets in order to maximize profits and to minimize the risk of a system's failure. The key to address these challenges and needs is performance optimization. For this to be possible it is important to understand that system failure can induce downtime which will increase the total cost of ownership, therefore it is important by all means to minimize unscheduled maintenance. If the state of health or condition of a system, subsystem or component is known, condition-based maintenance can be carried out and system design optimization can be achieved thereby reducing total cost of ownership. With the increasing competition with regards to the maritime industry, it is important that the state of health of a component/sub-system/system/asset is known before a vessel embarks on a mission. Any breakdown or malfunction in any part of any system or subsystem on board vessel during the operation offshore will lead to large economic losses and sometimes cause accidents. For example, damages to the fuel oil system of vessel's main engine can result in huge downtime as a result of the vessel not being in operation. This paper presents a prognostic and health management (PHM) development process applied on a fuel oil system powering diesel engines typically used in various cruise and fishing vessels, dredgers, pipe laying vessels and large oil tankers. This process will hopefully enable future PHM solutions for maritime assets to be designed in a more formal and systematic way

Eurostar E3000 Satellite On-Board Software Development of a product line towards multiple system needs

International audienceThe present paper describes how the on-board software for the telecommunication satellites family Eurostar E3000 contributes to the successful story of the product line. It encompasses a synthetic description of the platform and the on-board software functions and major requirements to support the different options and variants, how this generic software was efficiently developed and verified, how each instantiation for each new satellite program could benefit from the overall industrialization process

Automatically generating complex test cases from simple ones

While source code expresses and implements design considerations for software system, test cases capture and represent the domain knowledge of software developer, her assumptions on the implicit and explicit interaction protocols in the system, and the expected behavior of different modules of the system in normal and exceptional conditions. Moreover, test cases capture information about the environment and the data the system operates on. As such, together with the system source code, test cases integrate important system and domain knowledge. Besides being an important project artifact, test cases embody up to the half the overall software development cost and effort. Software projects produce many test cases of different kind and granularity to thoroughly check the system functionality, aiming to prevent, detect, and remove different types of faults. Simple test cases exercise small parts of the system aiming to detect faults in single modules. More complex integration and system test cases exercise larger parts of the system aiming to detect problems in module interactions and verify the functionality of the system as a whole. Not surprisingly, the test case complexity comes at a cost -- developing complex test cases is a laborious and expensive task that is hard to automate. Our intuition is that important information that is naturally present in test cases can be reused to reduce the effort in generation of new test cases. This thesis develops this intuition and investigates the phenomenon of information reuse among test cases. We first empirically investigated many test cases from real software projects and demonstrated that test cases of different granularity indeed share code fragments and build upon each other. Then we proposed an approach for automatically generating complex test cases by extracting and exploiting information in existing simple ones. In particular, our approach automatically generates integration test cases from unit ones. We implemented our approach in a prototype to evaluate its ability to generate new and useful test cases for real software systems. Our studies show that test cases generated with our approach reveal new interaction faults even in well tested applications. We evaluated the effectiveness of our approach by comparing it with the state of the art test generation techniques. The evaluation results show that our approach is effective, it finds relevant faults differently from other approaches that tend to find different and usually less relevant faults