Helping System Engineers Bridge the Peaks

In our experience at NASA, system engineers generally follow the Twin Peaks approach when developing safety-critical systems. However, iterations between the peaks require considerable manual, and in some cases duplicate, effort. A significant part of the manual effort stems from the fact that requirements are written in English natural language rather than a formal notation. In this work, we propose an approach that enables system engineers to leverage formal requirements and automated test generation to streamline iterations, effectively "bridging the peaks". The key to the approach is a formal language notation that a) system engineers are comfortable with, b) is supported by a family of automated V&V tools, and c) is semantically rich enough to describe the requirements of interest. We believe the combination of formalizing requirements and providing tool support to automate the iterations will lead to a more efficient Twin Peaks implementation at NASA

Evaluation of formal IDEs for human-machine interface design and analysis: the case of CIRCUS and PVSio-web

Critical human-machine interfaces are present in many systems including avionics systems and medical devices. Use error is a concern in these systems both in terms of hardware panels and input devices, and the software that drives the interfaces. Guaranteeing safe usability, in terms of buttons, knobs and displays is now a key element in the overall safety of the system. New integrated development environments (IDEs) based on formal methods technologies have been developed by the research community to support the design and analysis of high-confidence human-machine interfaces. To date, little work has focused on the comparison of these particular types of formal IDEs. This paper compares and evaluates two state-of-the-art toolkits: CIRCUS, a model-based development and analysis tool based on Petri net extensions, and PVSio-web, a prototyping toolkit based on the PVS theorem proving system.This work is partially supported by: Project NORTE-01-0145-FEDER-000016, financed by the North Portugal Regional Operational Programme (NORTE 2020), under the PORTUGAL 2020 Partnership Agreement, and through the European Regional Development Fund (ERDF); Conselho Nacional de Desenvolvimento Cientifico e Tecnologico (CNPq) PhD scholarship

ESAS Deliverable PS 1.1.2.3: Customer Survey on Code Generations in Safety-Critical Applications

Automated code generators (ACG) are tools that convert a (higher-level) model of a software (sub-)system into executable code without the necessity for a developer to actually implement the code. Although both commercially supported and in-house tools have been used in many industrial applications, little data exists on how these tools are used in safety-critical domains (e.g., spacecraft, aircraft, automotive, nuclear). The aims of the survey, therefore, were threefold: 1) to determine if code generation is primarily used as a tool for prototyping, including design exploration and simulation, or for fiight/production code; 2) to determine the verification issues with code generators relating, in particular, to qualification and certification in safety-critical domains; and 3) to determine perceived gaps in functionality of existing tools

The Early Assessment of System Performance in Distributed Real-time Systems

Distributed real-time process control systems are notoriously difficult to develop. They frequently overrun time schedules and break cost constraints. The problems are compounded where there are multiple development teams and stakeholders. Conventional model-driven development has been examined to see if it can be extended to resolve some of these problems. It may be possible to use early system design stages to identify performance issues which would otherwise not be identified until late in the development of the system. A functional model is proposed, in addition to those conventionally used for model-driven development, based on loosely coupled functional elements, to represent the behaviour of each system component. The model complements existing requirements and design specifications and addresses the combination of individual component abstractions to produce a complete system specification. The functional model enables the accurate prediction of system performance prior to the detailed design of each component. The thesis examines how performance can be calculated and modelled. An animator tool and associated code generator are used to predict system and component performance in a distributed aircraft navigation system. The use of the animator to support the system design prior to the generation of the component contract specifications and interface control documents provides a means of assessing performance which is accessible to domain experts and system designers alike. The model also enables the effects of requirements changes and component design issues on the system design to be assessed in terms of the system design to provide system wide solutions. This performance assessment model and animator compliments the existing 'fix-it-later' approach, reducing the chances of performance failure detected late during the system development process when they are most expensive to fix

Specification languages for embedded systems : a survey

Requirements specification is an important part of the software development process. Use of well developed techniques, tools, and languages during requirements specification is especially crucial for complex embedded software systems. Four langauges appropriate for the specification of software requirements for complex embedded systems (RSL, PAISLey, Statecharts, and SCR) are reviewed in detail here. In addition, other representation languages with features relevant to the embedded software systems domain are mentioned. Conclusions about the current status of embedded systems requirements specification and indications of further research are given

The COMPLEX reference framework for HW/SW co-design and power management supporting platform-based design-space exploration

n/

RICIS Symposium 1992: Mission and Safety Critical Systems Research and Applications

This conference deals with computer systems which control systems whose failure to operate correctly could produce the loss of life and or property, mission and safety critical systems. Topics covered are: the work of standards groups, computer systems design and architecture, software reliability, process control systems, knowledge based expert systems, and computer and telecommunication protocols

Measurement Technique to Evaluate Model- Based Tools for Safety Critical Embedded Systems

Abstract: Model-based systems engineering is a state of art engineering process being adopted by industry all over the world to develop a safe, reliable, maintainable and available system. Industry standards like IEC 61508, EN50128 and RTCA DO-178C recognize the capabilities of the model-based approach for an effective engineering process performance. There are number of model-based tools available in the market and the selection of an appropriate tool is very critical for the success of the project. Hence there should be benchmark to select the appropriate tool for the project. This paper provides a measurement technique for evaluating model-based tools based on the tool features like its applicability, portability, scalability, and compatibility, conformance to standards, versioning and reporting to name a few. The effectiveness of the techniques proposed is evaluated for a proven system as a case study. The outcome provides the metrics for the selection of appropriate tool for an application and probable combination of tools that can be used in various phases of the life cycle. The proposed technique helps in selection of the most appropriate tool for a particular application based on the project schedule, budget and safety requirements resulting into an effective process