Advanced information processing system: The Army fault tolerant architecture conceptual study. Volume 1: Army fault tolerant architecture overview

Digital computing systems needed for Army programs such as the Computer-Aided Low Altitude Helicopter Flight Program and the Armored Systems Modernization (ASM) vehicles may be characterized by high computational throughput and input/output bandwidth, hard real-time response, high reliability and availability, and maintainability, testability, and producibility requirements. In addition, such a system should be affordable to produce, procure, maintain, and upgrade. To address these needs, the Army Fault Tolerant Architecture (AFTA) is being designed and constructed under a three-year program comprised of a conceptual study, detailed design and fabrication, and demonstration and validation phases. Described here are the results of the conceptual study phase of the AFTA development. Given here is an introduction to the AFTA program, its objectives, and key elements of its technical approach. A format is designed for representing mission requirements in a manner suitable for first order AFTA sizing and analysis, followed by a discussion of the current state of mission requirements acquisition for the targeted Army missions. An overview is given of AFTA's architectural theory of operation

Shuttle Ground Operations Efficiencies/Technologies (SGOE/T) study. Volume 2: Ground Operations evaluation

The Ground Operations Evaluation describes the breath and depth of the various study elements selected as a result of an operational analysis conducted during the early part of the study. Analysis techniques used for the evaluation are described in detail. Elements selected for further evaluation are identified; the results of the analysis documented; and a follow-on course of action recommended. The background and rationale for developing recommendations for the current Shuttle or for future programs is presented

Design for validation: An approach to systems validation

Every complex system built is validated in some manner. Computer validation begins with review of the system design. As systems became too complicated for one person to review, validation began to rely on the application of adhoc methods by many individuals. As the cost of the changes mounted and the expense of failure increased, more organized procedures became essential. Attempts at devising and carrying out those procedures showed that validation is indeed a difficult technical problem. The successful transformation of the validation process into a systematic series of formally sound, integrated steps is necessary if the liability inherent in the future digita-system-based avionic and space systems is to be minimized. A suggested framework and timetable for the transformtion are presented. Basic working definitions of two pivotal ideas (validation and system life-cyle) are provided and show how the two concepts interact. Many examples are given of past and present validation activities by NASA and others. A conceptual framework is presented for the validation process. Finally, important areas are listed for ongoing development of the validation process at NASA Langley Research Center

7e Nederlandse testdag, Eindhoven, 8 November 2001 : proceedings

These are the proceedings of the seventh edition of the Nederlandse Testdag (a.k.a. Dutch Testing Day), held on November 8, 2001 in Eindhoven, The Netherlands. The increase in the complexity of software and hardware systems was the predominant concern in the software design of the last decades. This increase is still going on today. and mastering this complexity is possible, only by investigating, discussing and evaluating methods and techniques for testing such systems. The Nederlandse Testdag serves as a forum in which researchers from the industry and the academia discuss and present their latest experiences and theories in the area of testing. The initiative for organising the Nederlandse Testdag is, and has always been, the result of the combined efforts of the Dutch academia and the industry. The Nederlandse Testdag is an annual event which was first held in 1995. This year's edition again consists of one invited presentation by Jens Grabowski, on ITCN-3. and six regular presentations, both from the academia and from the industry. The presentations capture a broad field of the entire testing spectrum. In the presentation by Martin Gijsen (CMG), test automation for Graphical User Interface (GUI), dedicated and embedded systems according to the TestFrame methodology is explained. Klaas Mateboer (Collis) presents the test-tool Conclusion. René de Vries (University of Twente) reports on specification testing in practice and illustrates this by means of an example. In the presentation by Loe Feijs (Eindhoven University of Technology), testing is related to game-theory. Marcel Verhoef (Chess) and Bertil Oving (NLR) present their experiences using real-time simulation, UML and VDM to obtain more reliable spacecraft avionics. Finally, Ben van Buitenen (Baan), provides an insight in service pack testing: how to efficiently test customised software components and packages. The organisation of the Nederlandse Testdag is grateful for the sponsorship it received from the Eindhoven University of Technology, the Eindhoven Embedded Systems Institute, and the financial support from Dutch Research School IPA. We are very much indebted to CMG and Telelogic's willingness to sponsor this event financially. Over the years, both companies have profiled themselves as companies investing both time and resources in advancing the current state in testing. Finally, the organisation thanks Marcella de Rooij and EIize Russell for their organisational assistance

7e Nederlandse testdag, Eindhoven, 8 November 2001 : proceedings

These are the proceedings of the seventh edition of the Nederlandse Testdag (a.k.a. Dutch Testing Day), held on November 8, 2001 in Eindhoven, The Netherlands. The increase in the complexity of software and hardware systems was the predominant concern in the software design of the last decades. This increase is still going on today. and mastering this complexity is possible, only by investigating, discussing and evaluating methods and techniques for testing such systems. The Nederlandse Testdag serves as a forum in which researchers from the industry and the academia discuss and present their latest experiences and theories in the area of testing. The initiative for organising the Nederlandse Testdag is, and has always been, the result of the combined efforts of the Dutch academia and the industry. The Nederlandse Testdag is an annual event which was first held in 1995. This year's edition again consists of one invited presentation by Jens Grabowski, on ITCN-3. and six regular presentations, both from the academia and from the industry. The presentations capture a broad field of the entire testing spectrum. In the presentation by Martin Gijsen (CMG), test automation for Graphical User Interface (GUI), dedicated and embedded systems according to the TestFrame methodology is explained. Klaas Mateboer (Collis) presents the test-tool Conclusion. René de Vries (University of Twente) reports on specification testing in practice and illustrates this by means of an example. In the presentation by Loe Feijs (Eindhoven University of Technology), testing is related to game-theory. Marcel Verhoef (Chess) and Bertil Oving (NLR) present their experiences using real-time simulation, UML and VDM to obtain more reliable spacecraft avionics. Finally, Ben van Buitenen (Baan), provides an insight in service pack testing: how to efficiently test customised software components and packages. The organisation of the Nederlandse Testdag is grateful for the sponsorship it received from the Eindhoven University of Technology, the Eindhoven Embedded Systems Institute, and the financial support from Dutch Research School IPA. We are very much indebted to CMG and Telelogic's willingness to sponsor this event financially. Over the years, both companies have profiled themselves as companies investing both time and resources in advancing the current state in testing. Finally, the organisation thanks Marcella de Rooij and EIize Russell for their organisational assistance

Assessment team report on flight-critical systems research at NASA Langley Research Center

The quality, coverage, and distribution of effort of the flight-critical systems research program at NASA Langley Research Center was assessed. Within the scope of the Assessment Team's review, the research program was found to be very sound. All tasks under the current research program were at least partially addressing the industry needs. General recommendations made were to expand the program resources to provide additional coverage of high priority industry needs, including operations and maintenance, and to focus the program on an actual hardware and software system that is under development

Autonomous spacecraft maintenance study group

A plan to incorporate autonomous spacecraft maintenance (ASM) capabilities into Air Force spacecraft by 1989 is outlined. It includes the successful operation of the spacecraft without ground operator intervention for extended periods of time. Mechanisms, along with a fault tolerant data processing system (including a nonvolatile backup memory) and an autonomous navigation capability, are needed to replace the routine servicing that is presently performed by the ground system. The state of the art fault handling capabilities of various spacecraft and computers are described, and a set conceptual design requirements needed to achieve ASM is established. Implementations for near term technology development needed for an ASM proof of concept demonstration by 1985, and a research agenda addressing long range academic research for an advanced ASM system for 1990s are established

Validation Methods for Fault-Tolerant avionics and control systems, working group meeting 1

The proceedings of the first working group meeting on validation methods for fault tolerant computer design are presented. The state of the art in fault tolerant computer validation was examined in order to provide a framework for future discussions concerning research issues for the validation of fault tolerant avionics and flight control systems. The development of positions concerning critical aspects of the validation process are given

Model-based specification of safety compliance needs for critical systems : A holistic generic metamodel

Abstract Context: Many critical systems must comply with safety standards as a way of providing assurance that they do not pose undue risks to people, property, or the environment. Safety compliance is a very demanding activity, as the standards can consist of hundreds of pages and practitioners typically have to show the fulfilment of thousands of safety-related criteria. Furthermore, the text of the standards can be ambiguous, inconsistent, and hard to understand, making it difficult to determine how to effectively structure and manage safety compliance information. These issues become even more challenging when a system is intended to be reused in another application domain with different applicable standards. Objective: This paper aims to resolve these issues by providing a metamodel for the specification of safety compliance needs for critical systems. Method: The metamodel is holistic and generic, and abstracts common concepts for demonstrating safety compliance from different standards and application domains. Its application results in the specification of “reference assurance frameworks” for safety-critical systems, which correspond to a model of the safety criteria of a given standard. For validating the metamodel with safety standards, parts of several standards have been modelled by both academic and industry personnel, and other standards have been analysed. We further augment this with feedback from practitioners, including feedback during a workshop. Results: The results from the validation show that the metamodel can be used to specify safety compliance needs for aerospace, automotive, avionics, defence, healthcare, machinery, maritime, oil and gas, process industry, railway, and robotics. Practitioners consider that the metamodel can meet their needs and find benefits in its use. Conclusion: The metamodel supports the specification of safety compliance needs for most critical computer-based and software-intensive systems. The resulting models can provide an effective means of structuring and managing safety compliance information