Software Engineers' Information Seeking Behavior in Change Impact Analysis - An Interview Study

Software engineers working in large projects must navigate complex information landscapes. Change Impact Analysis (CIA) is a task that relies on engineers' successful information seeking in databases storing, e.g., source code, requirements, design descriptions, and test case specifications. Several previous approaches to support information seeking are task-specific, thus understanding engineers' seeking behavior in specific tasks is fundamental. We present an industrial case study on how engineers seek information in CIA, with a particular focus on traceability and development artifacts that are not source code. We show that engineers have different information seeking behavior, and that some do not consider traceability particularly useful when conducting CIA. Furthermore, we observe a tendency for engineers to prefer less rigid types of support rather than formal approaches, i.e., engineers value support that allows flexibility in how to practically conduct CIA. Finally, due to diverse information seeking behavior, we argue that future CIA support should embrace individual preferences to identify change impact by empowering several seeking alternatives, including searching, browsing, and tracing.Comment: Accepted for publication in the proceedings of the 25th International Conference on Program Comprehensio

STANDARDIZING FUNCTIONAL SAFETY ASSESSMENTS FOR OFF-THE-SHELF INSTRUMENTATION AND CONTROLS

It is typical for digital instrumentation and controls, used to manage significant risk, to undergo substantial amounts of scrutiny. The equipment must be proven to have the necessary level of design integrity. The details of the scrutiny vary based on the particular industry, but the ultimate goal is to provide sufficient evidence that the equipment will operate successfully when performing their required functions. To be able to stand up to the scrutiny and more importantly, successfully perform the required safety functions, the equipment must be designed to defend against random hardware failures and also to prevent systematic faults. These design activities must also have been documented in a manner that sufficiently proves their adequacy. The variability in the requirements of the different industries makes this task difficult for instrumentation and controls equipment manufacturers. To assist the manufacturers in dealing with these differences, a standardization of requirements is needed to facilitate clear communication of expectations. The IEC 61508 set of standards exists to fulfill this role, but it is not yet universally embraced. After that occurs, various industries, from nuclear power generation to oil & gas production, will benefit from the existence of a wider range of equipment that has been designed to perform in these critical roles and that also includes the evidence necessary to prove its integrity. The manufacturers will then be able to enjoy the benefit of having a larger customer base interested in their products. The use of IEC 61508 will also help industries avoid significant amounts of uncertainty when selecting commercial off-the-shelf equipment. It is currently understood that it cannot be assumed that a typical commercial manufacturer’s equipment designs and associated design activities will be adequate to allow for success in these high risk applications. In contrast, a manufacturer that seeks to comply with IEC 61508 and seeks to achieve certification by an independent third party can be assumed to be better suited for meeting the needs of these demanding situations. Use of these manufacturers help to avoid substantial uncertainty and risk

Safety lifecycle management in the process industries : the development of a qualitative safety related information analysis technique

XXII+189hlm.;24c

Remote and agile improvement of industrial control and safety systems processes

Digitalization and remote operations introduce new possibilities for continuous and agile improvements of products in operation by exploiting inherent possibilities in software which is easily changeable and deployable. This approach is driven by data analysis, customer expectations and the possibility of frequent deployment over the air of improved software. Adding functionality into software, combined with connectivity to products, opens possibilities for manufacturers and operators, enabling new features and new operational models. This has also become relevant for regulated environments like industrial control and safety systems used in critical infrastructures. Adapted agile processes like SafeScrum and DevOps may be used to achieve continuous improvement. They enable speed and a continuum between development, maintenance and operation. For instance, experience and data from operation on new cybersecurity threats, must be fed back to the maintenance process to be resolved fast. Hence, the DevOps concept, which is imperative in non-safety domains, is now highly relevant in regulated environments as well. The speed of this process is vital where in particular cybersecurity threats must be resolved fast to avoid safety threats. The Agile Safety Case is an enabler of ensuring structured proof of compliance of safety performance for the involved stakeholders. This paper proposes a solution for a safety case which may be applied for continuous product improvements during operation considering safety as well as security. The solution involves the relevant stakeholders and results in a shift in responsibilities.publishedVersio

Implementation of functional safety in a robotic manufacturing cell using iec 61508 standard and siemens technology

The past 50 years have seen a staggering amount of change in the technology and the business of process automation. The programmable logic controller (PLC) based control and monitoring system is a proven technology used to not only control processes but also to perform safety functions for processes in many industrial applications. There are many opportunities for improvements in any process or manufacturing system. One of the opportunities is achieving accurate safety function for measurement and process control to prevent human injury or death. The programmable electronic systems (PES) such as PLC systems are increasingly being used to perform safety functions as an integral part of the process or plant control system. A Robotic Manufacturing Cell is an example of a PES system and is used as an experimental setup for this work. The IEC 61508 standard defines various phases involved in the overall safety lifecycle for the PES system. This thesis study concentrates on such phases that include safety analysis methods, selection of an appropriate safety control system, implementation of safety as per the standard and safety validation. In this study four test cases are selected to perform safety analysis and implementation. It is verified how the conventional safety analysis method (FMEA) can be used to estimate the risk associated with each test case. As recommended by IEC 61508, a Risk-Graph method is used to calculate the Safety Integrity Level (SIL) requirement for each test case. A number of factors are required to be considered for selecting the appropriate safety control system architecture. After studying these factors and the safety analysis results, the Siemens safety PLC-based control system with SIL 3 configuration is selected for this application. IEC 61508 also recommends implementation of independent control systems for normal operation and safety. This study demonstrates how two independent PLC based control systems, one for normal operations and other for safety-related functions, are implemented to offer the most effective solution for this application. This is achieved by using PLCs from two different manufacturers, a non-safety PLC for normal operations and a Siemens safety PLC for safety-related functions. This study focuses on Machine Safety, and it can be used as a guideline for implementation of functional safety in real-life manufacturing environment

Multi-domain comparison of safety standards

International audienceThis paper presents an analysis of safety standards and their implementation in certification strategies from different domains such as aeronautics, automation, automotive, nuclear, railway and space. This work, performed in the context of the CG2E ("Club des Grandes Entreprises de l'Embarqué"), aims at identifying the main similarities and dissimilarities, for potential cross-domain harmonization. We strive to find the most comprehensive 'trans-sectorial' approach, within a large number of industrial domains. Exhibiting the 'true goals' of their numerous applicable standards, related to the safety of system and software, is a first important step towards harmonization, sharing common approaches, methods and tools whenever possible