Architecture Patterns for Safe Design

The design, prototyping and analysis of complex systems architectures are often very difficult because of their important size. Our modelling experience of several aircraft systems in AltaRica allowed us to exhibit component assemblies whose aim is to ensure the safety of the architectures. The reuse of these assemblies, made generic, that we call Safety Architecture Patterns, simplifies these different tasks. In this paper, we report how SAP allow to obtain a more synthetic view of a system and to exhibit its satisfied properties on an A320like electrical system case study

Safety Assessment with Altarica - Lessons Learnt Based on Two Aircraft System Studies

Abstract: AIRBUS and ONERA used the AltaRica formal language and associated tools to perform safety assessments. Lessons learnt during the study of an electrical and hydraulic system are presented. Key words: dependability, aircraft, formal methods AIRBUS and ONERA were recently involved in the ESACS (Enhanced Safety Assessment for Complex Systems) European project. This project aimed at developing safety assessment techniques based on the use of formal specification languages and associated tools. We used the AltaRica (Arnold et al. 2000) formal language that is supported by Cecilia OCAS workshop developed by Dassault Aviation. Two case-studies based on AIRBUS aircraft electrical and hydraulic systems were used to validate the approach (Kehren et al. 2004b). In this paper we present lessons we learnt during ESACS. Lessons are sorted in three categories: Advantages are situations where the use of AltaRica was clearly positive, Difficulties are situations where the use of AltaRica was not directly positive but we found out how to circumvent the difficulties and the remaining situations are considered to be Limitations

ESACS: an integrated methodology for design and safety analysis of complex systems

The continuous increase of system complexity - stimulated by the higher complexity of the functionality provided by software-based embedded controllers and by the huge improvement in the computational power of hardware - requires a corresponding increase in the capability of design and safety engineers to maintain adequate safety and reliability levels. Emerging techniques, like formal methods, have the potential of dealing with the growing complexity of such systems and are increasingly being used for the development of critical systems (e.g., aircraft systems, nuclear plants, railways systems), where at stake are not only delays in delivering products and economical losses, but also environmental hazards and public confidence. However, the use of formal methods during certain critical system development phases, e.g. safety analysis, is still at an early stage. In this paper we propose a new methodology, based on these novel techniques and supported by commercial and state-of-the-art tools, whose goal is to improve the safety analysis practices carried out during the development and certification of complex systems. The key ingredient of our methodology is the use of formal methods during both system development and safety analysis. This allows for a tighter integration of safety assessment and system development activities, fast system prototyping, automated safety assessment since the early stages of development, and tool-supported verification and validatio