Migrating from proprietary tools to open-source software for EAST-ADL metamodel generation and evolution

Open-source software has numerous advantages over proprietary commercial-off-The-shelf (COTS) software. However, there are modeling languages, tool chains, and tool frameworks that are developed and maintained in an open-source manner but still incorporate COTS tools. Such an incorporation of COTS tools into an overall open-source approach completely annihilates the actual open-source advantages and goals. In this tool paper, we demonstrate how we eliminated a COTS tool from the otherwise open-source-based generation and evolution workflow of the domain-specific modeling language East-Adl, used in the automotive industry to describe a variety of interdisciplinary aspects of vehicle systems. By switching to a pure open-source solution, East-Adl becomes easier to inspect, evolve, and develop a community around. We compare both the mixed COTS/open-source and the open-source-only workflows, outline the advantages of the open-source-only solution, and show that we achieve equivalent tooling features compared to the original approach

Plasma-Induced Heating Effects on Platinum Nanoparticle Size during Sputter Deposition Synthesis in Polymer and Ionic Liquid Substrates

Nanoparticle catalyst materials are becoming ever more important in a sustainable future. Specifically, platinum (Pt) nanoparticles have relevance in catalysis, in particular, fuel cell technologies. Sputter deposition into liquid substrates has been shown to produce nanoparticles without the presence of air and other contaminants and the need for precursors. Here, we produce Pt nanoparticles in three imidazolium-based ionic liquids and PEG 600. All Pt nanoparticles are crystalline and around 2 nm in diameter. We show that while temperature has an effect on particle size for Pt, it is not as great as for other materials. Sputtering power, time, and postheat treatment all show slight influence on the particle size, indicating the importance of temperature during sputtering. The temperature of the liquid substrate is measured and reaches over 150 \ub0C during deposition which is found to increase the particle size by less than 20%, which is small compared to the effect of temperature on Au nanoparticles presented in the literature. High temperatures during Pt sputtering are beneficial for increasing Pt nanoparticle size beyond 2 nm. Better temperature control would allow for more control over the particle size in the future

Synchronization and Communication Results in Safety-Critical Real-Time Systems

A growing number of industrial control applications employ computer control to provide enhanced functionality and reduced cost. Many of these applications are safety-critical and require fault-tolerant techniques to provide an adequate level of safety. The increasing complexity and manufacturing requirements give rise to control needs that necessitate the use of distributed, real-time approaches. A cost effective approach to building such systems is to use a time-slotted broadcast bus (Time Division Multiple Access, TDMA). In this research, the communication functionality of this type of architecture is described, and efficient, low-cost algorithms for membership agreement and atomic multicast are proposed. TDMA requires system synchronization. To avoid separate control channels, both data and synchronization can share the same communication channel; it is also desirable to avoid separate synchronization signals or messages. For TDMA communication, a new initialization algorithm is proposed, which provides initial synchronization using ordinary data messages. The correctness of the initialization algorithm is established using both theoretical analysis and symbolic model checking. Also presented is a new fault-tolerant clock synchronization algorithm which exploits the special characteristics of broadcast channels to provide improved synchronization precision when low accuracy oscillators are used. The proposed algorithms are compared with existing methods by using the results of simulated fault injection experiments in which random transient faults are injected onto the bus. Both proposed algorithms performed better than existing methods for system availability and precision of synchronization. An investigation of design issues in distributed systems is also part of this thesis work. The beneficial impact of clock synchronization on control performance and scheduling policy implementation was studied. The context was a distributed control loop executed by a simple two-node system using a broadcast bus. Three parameters relevant for control performance were examined: input and output jitter and control delay variation. Also, the communication rate expected for a typical automotive application was compared for three pairs of design parameters: logically distributed vs. logically central systems; the use of duplex fail-silent computers vs. using single fault-tolerant nodes; and, allowing variable message lengths vs. identical messages for all nodes

Synchronization and Communication Results in Safety-Critical Real-Time Systems

A growing number of industrial control applications employ computer control to provide enhanced functionality and reduced cost. Many of these applications are safety-critical and require fault-tolerant techniques to provide an adequate level of safety. The increasing complexity and manufacturing requirements give rise to control needs that necessitate the use of distributed, real-time approaches. A cost effective approach to building such systems is to use a time-slotted broadcast bus (Time Division Multiple Access, TDMA). In this research, the communication functionality of this type of architecture is described, and efficient, low-cost algorithms for membership agreement and atomic multicast are proposed. TDMA requires system synchronization. To avoid separate control channels, both data and synchronization can share the same communication channel; it is also desirable to avoid separate synchronization signals or messages. For TDMA communication, a new initialization algorithm is proposed, which provides initial synchronization using ordinary data messages. The correctness of the initialization algorithm is established using both theoretical analysis and symbolic model checking. Also presented is a new fault-tolerant clock synchronization algorithm which exploits the special characteristics of broadcast channels to provide improved synchronization precision when low accuracy oscillators are used. The proposed algorithms are compared with existing methods by using the results of simulated fault injection experiments in which random transient faults are injected onto the bus. Both proposed algorithms performed better than existing methods for system availability and precision of synchronization. An investigation of design issues in distributed systems is also part of this thesis work. The beneficial impact of clock synchronization on control performance and scheduling policy implementation was studied. The context was a distributed control loop executed by a simple two-node system using a broadcast bus. Three parameters relevant for control performance were examined: input and output jitter and control delay variation. Also, the communication rate expected for a typical automotive application was compared for three pairs of design parameters: logically distributed vs. logically central systems; the use of duplex fail-silent computers vs. using single fault-tolerant nodes; and, allowing variable message lengths vs. identical messages for all nodes

Supporting an Automotive Safety Case through Systematic Model Based Development - the EAST-ADL2 Approach

Automotive electronic systems are becoming safety related causing a need for more systematic and stringent approaches for demonstrating the functional safety. The safety case consists of an argumentation, supported by evidence, of why the system is safe to operate in a given context. It is dependent on referencing and aggregating information which is part of the EAST-ADL2, an architecture description language for automotive embedded systems. This paper explores the possibilities of integrating the safety case metamodel with the EAST-ADL2, enabling safety case development in close connection to the system model. This is done by including a safety case object in EAST-ADL2, and defining the external and internal relations. Combined with the support for structured information management and systematic safety/reliability analysis, the EAST-ADL2’s ability to support a safety case is shown and further benefits, as high level of traceability between the safety case and the design information, are identified

Addressing Model Complexity in Automotive System Development - Selection of System Model Elements for Allocation of Requirements

Modern automotive embedded systems are developed by Original Equipment Manufacturers (OEM) together with multiple suppliers. A key problem for a supplier is to allocate an OEM\u27s requirements specification to their own subsystem design. This is a difficult manual task especially on complex systems and it requires expert knowledge about the system design. To address this problem, this paper presents a design science research to develop and evaluate a Requirements Allocation Assistant tool (RAA). The tool provides functionality to search through and filter requirements and system models to enable efficient requirements allocation even in the presence of complexity.RAA is built on top of the EATOP/Eclipse framework using EAST-ADL as system modelling language. The tool was evaluated and validated during a qualitative usability study with 17 engineers active in the Swedish automotive industry. Key findings are that searching is used to learn about a system, whereas filtering is used to narrow down a set of candidate elements of the system design. Engineers request further support in narrowing down a set of candidate elements and in checking that an allocation is correct

Supporting an Automotive Safety Case through Systematic Model Based Development - the EAST-ADL2 Approach

Automotive electronic systems are becoming safety related causing a need for more systematic and stringent approaches for demonstrating the functional safety. The safety case consists of an argumentation, supported by evidence, of why the system is safe to operate in a given context. It is dependent on referencing and aggregating information which is part of the EAST-ADL2, an architecture description language for automotive embedded systems. This paper explores the possibilities of integrating the safety case metamodel with the EAST-ADL2, enabling safety case development in close connection to the system model. This is done by including a safety case object in EAST-ADL2, and defining the external and internal relations. Combined with the support for structured information management and systematic safety/reliability analysis, the EAST-ADL2’s ability to support a safety case is shown and further benefits, as high level of traceability between the safety case and the design information, are identified

Modelling Support for Design of Safety-Critical Automotive Embedded Systems

This paper describes and demonstrates an approach that promises to bridge the gap between model-based systems engineering and the safety process of automotive embedded systems. The basis for this is the integration of safety analysis techniques, a method for developing and managing Safety Cases, and a systematic approach to model-based engineering – the EAST-ADL2 architecture description language. Three areas are highlighted: (1) System model development on different levels of abstraction. This enables fulfilling many requirements on software development as specified by ISO-CD-26262; (2) Safety Case development in close connection to the system model; (3) Analysis of mal-functional behaviour that may cause hazards, by modelling of errors and error propagation in a (complex and hierarchical) system model