AMASS: A Large-Scale European Project to Improve the Assurance and Certification of Cyber-Physical Systems

Most safety-critical systems must undergo assurance and certification processes. The associated activities can be complex and labour-intensive, thus practitioners need suitable means to execute them. The activities are further becoming more challenging as a result of the evolution of the systems towards cyber-physical ones, as these systems have new assurance and certification needs. The AMASS project (Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems) tackled these issues by creating and consolidating the de-facto European-wide open tool platform, ecosystem, and self-sustainable community for assurance and certification of cyber-physical systems. The project defined a novel holistic approach for architecture-driven assurance, multi-concern assurance, seamless interoperability, and cross- and intra-domain reuse of assurance assets. AMASS results were applied in 11 industrial case studies to demonstrate the reduction of effort in assurance and certification, the reduction of (re)certification cost, the reduction of assurance and certification risks, and the increase in technology harmonisation and interoperability.The research leading to this paper has received funding from the AMASS project (H2020-ECSEL grant agreement no 692474; Spain’s MINECO ref. PCIN-2015-262; Sweden’s Vinnova) and the Ramon y Cajal Program (Spain’s MICINN ref. RYC-2017-22836; EC’s European Social Fund). We are also grateful to all the AMASS partners. Their work and results are summarised in this paper

Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems.

Unlike practices in electrical and mechanical equipment engineering, Cyber-Physical Systems (CPS) do not have a set of standardized and harmonized practices for assurance and certification that ensures safe, secure and reliable operation with typical software and hardware architectures. This paper presents a recent initiative called AMASS (Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems) to promote harmonization, reuse and automation of labour-intensive certification-oriented activities via using model-based approaches and incremental techniques. AMASS will develop an integrated and holistic approach, a supporting tool ecosystem and a self-sustainable community for assurance and certification of CPS. The approach will be driven by architectural decisions (fully compatible with standards, e.g. AUTOSAR and IMA), including multiple assurance concerns such as safety, security and reliability. AMASS will support seamless interoperability between assurance/certification and engineering activities along with third-party activities (external assessments, supplier assurance). The ultimate aim is to lower certification costs in face of rapidly changing product features and market needs.This project has received funding from the Electronic Component Systems for European Leadership Joint Undertaking under grant agreement No 692474. This Joint Undertaking receives support from the European Union’s Horizon 2020 research and innovation programme and Spain, Czech Republic, Germany, Sweden, Austria, Italy, United Kingdom, Franc

CONSTRUCCIÓN DE MODELOS DE REQUISITOS A PARTIR DE MODELOS ORGANIZACIONALES: UNA APROXIMACIÓN BASADA EN BPMN

RESUMENNo es posible considerar la tecnología de información (TI) como algo separado de la organización empresarial a la que le da soporte, y por tanto la ingeniería de requisitos (RE) debería considerar las necesidades de negocio de una organización. Aunque se reconoce que la ingeniería de requisitos es el puente natural que conecta el mundo empresarial y el mundo TI, la mayor parte de la investigación en RE continúa siendo orientada a la solución, evitando considerar los problemas reales del mundo empresarial. Las necesidades de negocio pueden ser descritas mediante el alineamiento de la TI con la estrategia del negocio, los procesos denegocio, las infraestructuras organizacionales y las metas organizacionales. Además una de las consecuencias del alineamiento entre negocio y sistemas de TI es el “mapeado” de las metas organizacionales y los procesos a la especificación del sistema. Este trabajo presenta una aproximación que utiliza una especificación (modelo de metas) enriquecida, con la idea de preservar muchas de las características de comportamiento descritas en un modelo de proceso. Nuestro modelo de metas cubre diferentes aspectos: funcionales, asociados con los servicios que se han de proporcionar, y no funcionales, asociados con la calidad de servicio como seguridad, adecuación, eficiencia y así sucesivamente. Proporcionando un mecanismo sencillo que permite capturar las características de comportamiento, creemos que la especificación será capaz de reflejar las metas del negocio (tal como aparecen en el modelo de proceso), y por consiguiente el sistema futuro podrá instanciar de manera más cercana este aspecto de las necesidades organizacionales. PALABRAS CLAVE Modelado organizacionalProceso de negocioBPMNRequisito softwareModelado basado en metasCaso de uso ABSTRACTIt is no longer possible to consider information technology (IT) as a separate matter from the business organization which it supports, and hence requirements engineering (RE) should directly address the business needs of an organization. Even though it is recognised that requirements engineering is the natural bridge that links the business world and the IT world,most of the RE research continues to be solution-oriented and avoids addressing the real-world business problems. Business needs can be described by means of the IT alignment with business strategy, business processes, organizational infrastructures and business goals. Moreover one of the consequences of aligning business and IT systems is the mapping of business goals and processes through to system specification. This work presents an approach which uses an enhanced (goal modelling) specification, in order to preserve many of the behavioural features depicted in a process model. Our goal model covers different types of concerns: functional concerns associated with the services to be provided, and non-functional concerns associated with quality of service such as security, accuracy, performance, and so forth. By providing a simple mechanism that let capture behavioural issues, we believe that specifications will be able to reflect the business goals (as depicted in the process model), and thus the future system may more closely match this aspect of the business needs. KEYWORDSEnterprise ModelingBusiness processBPMNSoftware requirementGoal-based modelingUse case

CONSTRUCCIÓN DE MODELOS DE REQUISITOS A PARTIR DE MODELOS ORGANIZACIONALES: UNA APROXIMACIÓN BASADA EN BPMN

RESUMENNo es posible considerar la tecnología de información (TI) como algo separado de la organización empresarial a la que le da soporte, y por tanto la ingeniería de requisitos (RE) debería considerar las necesidades de negocio de una organización. Aunque se reconoce que la ingeniería de requisitos es el puente natural que conecta el mundo empresarial y el mundo TI, la mayor parte de la investigación en RE continúa siendo orientada a la solución, evitando considerar los problemas reales del mundo empresarial. Las necesidades de negocio pueden ser descritas mediante el alineamiento de la TI con la estrategia del negocio, los procesos denegocio, las infraestructuras organizacionales y las metas organizacionales. Además una de las consecuencias del alineamiento entre negocio y sistemas de TI es el “mapeado” de las metas organizacionales y los procesos a la especificación del sistema. Este trabajo presenta una aproximación que utiliza una especificación (modelo de metas) enriquecida, con la idea de preservar muchas de las características de comportamiento descritas en un modelo de proceso. Nuestro modelo de metas cubre diferentes aspectos: funcionales, asociados con los servicios que se han de proporcionar, y no funcionales, asociados con la calidad de servicio como seguridad, adecuación, eficiencia y así sucesivamente. Proporcionando un mecanismo sencillo que permite capturar las características de comportamiento, creemos que la especificación será capaz de reflejar las metas del negocio (tal como aparecen en el modelo de proceso), y por consiguiente el sistema futuro podrá instanciar de manera más cercana este aspecto de las necesidades organizacionales. PALABRAS CLAVE Modelado organizacionalProceso de negocioBPMNRequisito softwareModelado basado en metasCaso de uso ABSTRACTIt is no longer possible to consider information technology (IT) as a separate matter from the business organization which it supports, and hence requirements engineering (RE) should directly address the business needs of an organization. Even though it is recognised that requirements engineering is the natural bridge that links the business world and the IT world,most of the RE research continues to be solution-oriented and avoids addressing the real-world business problems. Business needs can be described by means of the IT alignment with business strategy, business processes, organizational infrastructures and business goals. Moreover one of the consequences of aligning business and IT systems is the mapping of business goals and processes through to system specification. This work presents an approach which uses an enhanced (goal modelling) specification, in order to preserve many of the behavioural features depicted in a process model. Our goal model covers different types of concerns: functional concerns associated with the services to be provided, and non-functional concerns associated with quality of service such as security, accuracy, performance, and so forth. By providing a simple mechanism that let capture behavioural issues, we believe that specifications will be able to reflect the business goals (as depicted in the process model), and thus the future system may more closely match this aspect of the business needs. KEYWORDSEnterprise ModelingBusiness processBPMNSoftware requirementGoal-based modelingUse case

Reuse of safety certification artefacts across standards and domains: A systematic approach

Reuse of systems and subsystem is a common practice in safety-critical systems engineering. Reuse can improve system development and assurance, and there are recommendations on reuse for some domains. Cross-domain reuse, in which a previously certified product typically needs to be assessed against different safety standards, has however received little attention. No guidance exists for this reuse scenario despite its relevance in industry, thus practitioners need new means to tackle it. This paper aims to fill this gap by presenting a systematic approach for reuse of safety certification artefacts across standards and domains. The approach is based on the analysis of the similarities and on the specification of maps between standards. These maps are used to determine the safety certification artefacts that can be reused from one domain to another and reuse consequences. The approach has been validated with practitioners in a case study on the reuse of an execution platform from railway to avionics. The results show that the approach can be effectively applied and that it can reduce the cost of safety certification across standards and domains. Therefore, the approach is a promising way of making cross-domain reuse more cost-effective in industry.European Commission's FP7 programm

Development of Safety-Critical Software Systems Using Open Source Software - A Systematic Map

The popularity of Open Source Software (OSS) has increased the interest in using it in safety critical applications. The aim of this study is to review research carried out on usage of open source code in development of safety-critical software and systems. We conducted a systematic mapping study through searches in library databases and manual identification of articles from open source conferences.We have identified 22 studies about using open source software, mainly in automotive, aerospace, medical and nuclear domains. Moreover, only a few studies present complete safety systems that are released as OSS in full. The most commonly used OSS functionalities are operating systems, imaging, control and data management. Finally most of the integrated OSS have mature code bases and a commit history of more than five years

El significado psicológico de ciudadano , PRI y FOX

El objetivo de la presente investigación fue conocer el significado psicológico de "ciudadano" entre universitarios. Se trabajó con una muestra de 60 sujetos, distribuidos equitativamente por sexo. Las aplicaciones fueron grupales, utilizando la técnica de las redes semánticas naturales (Figueroa, González y Solís, 1981; Valdez, 1998). Los resultados obtenidos permiten observar de manera general que la tendencia de los grupos, al definir al ciudadano, fue con base en muchos elementos que giran en torno de él, pero que no necesariamente hablan de sus derechos y obligaciones. Por tanto, lo encontrado difiere de las propuestas idealistas de algunos autores, como el pensar que el ciudadano vive en sociedad buscando ayudarse los unos a los otros, lo cual, al parecer, sigue siendo una utopía

Model-based specification of safety compliance needs for critical systems : A holistic generic metamodel

Abstract Context: Many critical systems must comply with safety standards as a way of providing assurance that they do not pose undue risks to people, property, or the environment. Safety compliance is a very demanding activity, as the standards can consist of hundreds of pages and practitioners typically have to show the fulfilment of thousands of safety-related criteria. Furthermore, the text of the standards can be ambiguous, inconsistent, and hard to understand, making it difficult to determine how to effectively structure and manage safety compliance information. These issues become even more challenging when a system is intended to be reused in another application domain with different applicable standards. Objective: This paper aims to resolve these issues by providing a metamodel for the specification of safety compliance needs for critical systems. Method: The metamodel is holistic and generic, and abstracts common concepts for demonstrating safety compliance from different standards and application domains. Its application results in the specification of “reference assurance frameworks” for safety-critical systems, which correspond to a model of the safety criteria of a given standard. For validating the metamodel with safety standards, parts of several standards have been modelled by both academic and industry personnel, and other standards have been analysed. We further augment this with feedback from practitioners, including feedback during a workshop. Results: The results from the validation show that the metamodel can be used to specify safety compliance needs for aerospace, automotive, avionics, defence, healthcare, machinery, maritime, oil and gas, process industry, railway, and robotics. Practitioners consider that the metamodel can meet their needs and find benefits in its use. Conclusion: The metamodel supports the specification of safety compliance needs for most critical computer-based and software-intensive systems. The resulting models can provide an effective means of structuring and managing safety compliance information