1,643 research outputs found

    Design-driven Development of Dependable Applications: A Case Study in Avionics

    Get PDF
    International audienceMaking an application dependable demands that its functional and non-functional requirements be stringently fulfilled throughout its development process. In this context, a design-driven development approach has the key advantage of enabling requirements to be traced from their high-level design forms to the resulting executable artifact. However, because such approaches are mostly general purpose, they provide little design guidance, if any. This situation makes unpredictable the coherence and the conformance of an application with respect to its requirements. To address this situation, we propose an approach that leverages a design-driven development process dedicated to a specific paradigm. This approach guides the verification of the coherence and conformance of an application throughout its development. We demonstrate the benefits of our approach by applying it to a realistic case study in the avionics domain

    Fully-deterministic execution of IEC-61499 models for Distributed Avionics Applications

    Get PDF
    © 2018 by the authors. The development of time-critical Distributed Avionics Applications (DAAs) pushes beyond the limit of existing modeling methodologies to design dependable systems. Aerospace and industrial automation entail high-integrity applications where execution time is essential for dependability. This tempts us to use modeling technologies from one domain in another. The challenge is to demonstrate that they can be effectively used across domains whilst assuring temporally dependable applications. This paper shows that an IEC61499-modeled DAA can satisfy temporal dependability requirements as to end-to-end flow latency when it is properly scheduled and realized in a fully deterministic avionics platform that entails Integrated Modular Avionics (IMA) computation along with Time-Triggered Protocol (TTP) communication. Outcomes from the execution design of an IEC61499-based DAA model for an IMA-TTP platform are used to check runtime correctness through DAA control stability. IEC 61499 is a modeling standard for industrial automation, and it is meant to facilitate distribution and reconfiguration of applications. The DAA case study is a Distributed Fluid Control System (DFCS) for the Airbus-A380 fuel system. Latency analysis results from timing metrics as well as closed-loop control simulation results are presented. Experimental outcomes suggest that an IEC61499-based DFCS model can achieve desired runtime latency for temporal dependability when executed in an IMA-TTP platform. Concluding remarks and future research direction are also discussed

    Developing a distributed electronic health-record store for India

    Get PDF
    The DIGHT project is addressing the problem of building a scalable and highly available information store for the Electronic Health Records (EHRs) of the over one billion citizens of India

    An Optimization Based Design for Integrated Dependable Real-Time Embedded Systems

    Get PDF
    Moving from the traditional federated design paradigm, integration of mixedcriticality software components onto common computing platforms is increasingly being adopted by automotive, avionics and the control industry. This method faces new challenges such as the integration of varied functionalities (dependability, responsiveness, power consumption, etc.) under platform resource constraints and the prevention of error propagation. Based on model driven architecture and platform based design’s principles, we present a systematic mapping process for such integration adhering a transformation based design methodology. Our aim is to convert/transform initial platform independent application specifications into post integration platform specific models. In this paper, a heuristic based resource allocation approach is depicted for the consolidated mapping of safety critical and non-safety critical applications onto a common computing platform meeting particularly dependability/fault-tolerance and real-time requirements. We develop a supporting tool suite for the proposed framework, where VIATRA (VIsual Automated model TRAnsformations) is used as a transformation tool at different design steps. We validate the process and provide experimental results to show the effectiveness, performance and robustness of the approach

    07241 Abstracts Collection -- Tools for the Model-based Development of Certifiable, Dependable Systems

    Get PDF
    From June 10th to June 15th 2007, the Dagstuhl Seminar 07241 ``Tools for the Model-based Development of Certifiable, Dependable Systems\u27\u27 was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available

    Multi-core devices for safety-critical systems: a survey

    Get PDF
    Multi-core devices are envisioned to support the development of next-generation safety-critical systems, enabling the on-chip integration of functions of different criticality. This integration provides multiple system-level potential benefits such as cost, size, power, and weight reduction. However, safety certification becomes a challenge and several fundamental safety technical requirements must be addressed, such as temporal and spatial independence, reliability, and diagnostic coverage. This survey provides a categorization and overview at different device abstraction levels (nanoscale, component, and device) of selected key research contributions that support the compliance with these fundamental safety requirements.This work has been partially supported by the Spanish Ministry of Economy and Competitiveness under grant TIN2015-65316-P, Basque Government under grant KK-2019-00035 and the HiPEAC Network of Excellence. The Spanish Ministry of Economy and Competitiveness has also partially supported Jaume Abella under Ramon y Cajal postdoctoral fellowship (RYC-2013-14717).Peer ReviewedPostprint (author's final draft

    Adaptive architectures for future highly dependable, real time systems

    Get PDF
    Many present-day safety-critical or mission-critical military applications are deployed using intrinsically static architectures. Often these applications are real-time systems, where late responses may cause potentially catastrophic results. Static architectures allow system developers to certify with a high degree of confidence that their systems will provide correct functionality during operation, but a more adaptive approach could provide some clear benefits. In particular, the ability to dynamically reconfigure the system at run time would give increased flexibility and performance in response to unpredictable or unplanned operating scenarios. Many current dynamic architectural approaches provide little or no features to facilitate the highly dependable, real-time performance required by critical systems. The challenge is to provide the features and benefits of dynamic architectural approaches while still achieving the required level of performance and dependability. This paper describes the early results of an ongoing research programme, part funded by the Software Systems Engineering Initiative (SSEI), aimed at developing a more adaptive software architecture for future military systems. A range of architectures with adaptive features (including object-based, agent based and publish/subscribe) are reviewed against the desirable characteristics of highly dependable systems. A publish/subscribe architecture is proposed as a potential way forward and a discussion of its advantages and disadvantages for highly dependable, real-time systems is given

    Beyond Formal Methods for Critical Interactive Systems: Dealing with Faults at Runtime

    Get PDF
    International audienceFormal methods provide support for validation and verification of interactive systems by means of complete and unambiguous description of the envisioned system. They can also be used (for instance in the requirements/needs identification phase) to define precisely what the system should do and how it should meet user needs. If the entire development process in supported by formal methods (for instance as required by DO 178C [7] and its supplement 333 [8]) then classical formal method engineers would argue that the resulting software is defect free. However, events that are beyond the envelope of the specification may occur and trigger unexpected behaviors from the formally specified system resulting in failures. Sources of such failures can be permanent or transient hardware failures, due to (when such systems are deployed in the high atmosphere e.g. aircrafts or spacecrafts) natural faults triggered by alpha-particles from radioactive contaminants in the chips or neutron from cosmic radiation. This position paper proposes a complementary view to formal approaches first by presenting an overview of causes of unexpected events on the system side as well as on the human side and then by discussing approaches that could provide support for taking into account system faults and human errors at design time

    Advanced information processing system: The Army fault tolerant architecture conceptual study. Volume 1: Army fault tolerant architecture overview

    Get PDF
    Digital computing systems needed for Army programs such as the Computer-Aided Low Altitude Helicopter Flight Program and the Armored Systems Modernization (ASM) vehicles may be characterized by high computational throughput and input/output bandwidth, hard real-time response, high reliability and availability, and maintainability, testability, and producibility requirements. In addition, such a system should be affordable to produce, procure, maintain, and upgrade. To address these needs, the Army Fault Tolerant Architecture (AFTA) is being designed and constructed under a three-year program comprised of a conceptual study, detailed design and fabrication, and demonstration and validation phases. Described here are the results of the conceptual study phase of the AFTA development. Given here is an introduction to the AFTA program, its objectives, and key elements of its technical approach. A format is designed for representing mission requirements in a manner suitable for first order AFTA sizing and analysis, followed by a discussion of the current state of mission requirements acquisition for the targeted Army missions. An overview is given of AFTA's architectural theory of operation
    • …
    corecore