Dependable and Certifiable Real-World Systems – Issue of Software Engineering Education

Embedded software and dedicated hardware are vital elements of the modern world, from personal electronics to transportation, from communication to aerospace, from military to gaming, from medical systems to banking. Combinations of even minor hardware or software defects in a complex system may lead to violation of safety with or even without evident system failure, a major problem that the computing profession faces is the lack of a universal approach to unite the dissimilar viewpoints presented by computer science, with its discrete and mathematical underpinnings, and by computer engineering, which focuses on building real systems and considering spatial and material constraints of space, energy, and time. Modern embedded systems include both viewpoints: microprocessors running software and programmable electronic hardware created with an extensive use of software. The gap between science and engineering approaches is clearly visible in engineering education. This survey paper focuses on exploring the commonalities between building software and building hardware in an attempt to establish a new framework for rejuvenating computing education, specifically software engineering for dependable systems. We present here a perspective on software/hardware relationship, aviation system certification, role of software engineering education, and future directions in computing

Hardware Certification for Real-time Safety-critical Systems: State of the Art

This paper discusses issues related to the RTCA document DO-254 Design Assurance Guidance for Airborne Electronic Hardware and its consequences for hardware certification. In particular, problems related to circuits’ compliance with DO-254 in avionics and other industries are considered. Extensive literature review of the subject is given, including current views on and experiences of chip manufacturers and EDA industry with qualification of hardware design tools, including formal approaches to hardware verification. Some results of the authors’ own study on tool qualification are presented

Keeping the Skies Safe

Professors Massood Towhidnejad and Andrew Kornecki shine a light on how their lab is helping government and the aviation industry to enhance the safety and security of software-intensive systems

AUTOMATED CODE GENERATION FOR SAFETY-RELATED APPLICATIONS: A CASE STUDY

This paper addresses issues relating to the suitability of using automated code generation(ACG) technologies for the development of real-time, safety-critical systems. This researchexplored the characteristics of model-based software development methodologies and the automatedcode generation tools that support them. Specifically, data related to the engineeringchallenges, skills, and effort associated with ACG practices and technologies were collectedas part of a case study. Characteristics such as the generated code’s organization, size, readability,traceability to model, real-time constructs, and exception handling were identified. Inaddition, the case study involved software engineering practices that incorporate integratedanalysis and design iterations throughout a model-based development process. The researchinvestigated both the static and dynamic characteristics of the selected techniques and tools,identified characteristics of ACG tools with potential impact on safety, and considered thesemantic consistency between representations

Graduate Curricula in Software Engineering and Software Assurance: Need and Recommendations

In discussions about the development and use of computer systems and software products, the term “professional software engineer” is used repeatedly. In the last two decades there has been significant effort devoted to enhancing and advancing the state of professional software engineering (SwE) – new software engineering processes, methods, tools, and practices; creation of a software engineering body of knowledge [1]; development of a code of ethics and professional conduct [2], and software certification and licensing programs [3] . In 1989 the Software Engineering Institute (SEI) of Carnegie Mellon University published a landmark report on graduate education in software engineering [4]. The guidelines in that report were used by several universities in establishing graduate software engineering degree programs that helped address the problem of improving professional software engineering. Since then, software’s scale, complexity, and criticality have accelerated; yet, until recently, no significant effort has been made to revisit and update the original SEI guidelines. This paper discusses two related efforts to provide guidance about improving professional software engineering through graduate education: a project which produced the Graduate Software Engineering 2009 (GSwE2009): Curriculum Guidelines for Graduate Degree Programs in Software Engineering [5] and a current SEI project which is developing a Master of Software Assurance Reference Curriculum (MSwA2010)

Measuring Security: A Challenge for the Generation

This paper presents an approach to measuring computer security understood as a system property, in the category of similar properties, such as safety, reliability, dependability, resilience, etc. First, a historical discussion of measurements is presented, beginning with views of Hermann von Helmholtz in his 19th century work “Zählen und Messen”. Then, contemporary approaches related to the principles of measuring software properties are discussed, with emphasis on statistical, physical and software models. A distinction between metrics and measures is made to clarify the concepts. A brief overview of inadequacies of methods and techniques to evaluate computer security is presented, followed by a proposal and discussion of a practical model to conduct experimental security measurements

Automated Code Generation For Safety-Related Applications: A Case Study

This paper addresses issues relating to the suitability of using automated code generation(ACG) technologies for the development of real-time, safety-critical systems. This researchexplored the characteristics of model-based software development methodologies and the automatedcode generation tools that support them. Specifically, data related to the engineeringchallenges, skills, and effort associated with ACG practices and technologies were collectedas part of a case study. Characteristics such as the generated code’s organization, size, readability,traceability to model, real-time constructs, and exception handling were identified. Inaddition, the case study involved software engineering practices that incorporate integratedanalysis and design iterations throughout a model-based development process. The researchinvestigated both the static and dynamic characteristics of the selected techniques and tools,identified characteristics of ACG tools with potential impact on safety, and considered thesemantic consistency between representations

Transatlantic Engineering Programs: an Experience in International Cooperation

Non

Organic Weed Control and Cover Crop Residue Integration Impacts on Weed Control, Quality, Yield and Economics in Conservation Tillage Tomato-A Case Study

The increased adoption of conservation tillage and organic weed control practices in vegetable production requires more information on the role of various cover crops in integrated weed control, tomato quality, and yield. Two conservation-tillage systems utilizing crimson clover and cereal rye as winter cover crops were compared to a conventional black polythene mulch system, with or without organic weed management options, for weed control, tomato yield, and profitability. All cover crops were terminated with a mechanical roller/crimper prior to planting. Organic weed control treatments included: 1) flaming utilizing a one burner hand torch, 2) PRE application of corn gluten, 3) PRE application of corn gluten followed by flaming, or 4) intermittent hand weeding as needed. A non-treated control and a standard herbicide program were included for comparison. The herbicide program consisting of a PRE application of S-metolachlor (1.87 kg a.i./ha) followed by an early POST metribuzin (0.56 kg a.i. /ha) application followed by a late POST application of clethodim (0.28 kg a.i./ha). In general, high-residue clover and cereal rye cover crops provided substantial suppression of Palmer amaranth, large crabgrass, and yellow nutsedge. Across systems, minimum input in high-residue systems provided the highest net returns above variable costs compared to organic herbicide treatments that are costly and provide marginal benefit

Development of a Master of Software Assurance Reference Curriculum

The Next Generation Air Traffic Management system (NextGen) is a blueprint of the future National Airspace System. Supporting NextGen is a nation-wide Aviation Simulation Network (ASN), which allows integration of a variety of real-time simulations to facilitate development and validation of the NextGen software by simulating a wide range of operational scenarios. The ASN system is an environment, including both simulated and human-in-the-loop real-life components (pilots and air traffic controllers).Real Time Distributed Simulation (RTDS) developed at Embry-Riddle Aeronautical University, a suite of applications providing low and medium fidelity en-route simulation capabilities, is one of the simulations contributing to the ASN. To support the interconnectivity with the ASN, we designed and implemented a dedicated gateway acting as an intermediary, providing logic for two-way communication and transfer messages between RTDS and ASN and storage for the exchanged data. It has been necessary to develop and analyze safety/security requirements for the gateway software based on analysis of system assets, hazards, threats and attacks related to ultimate real-life future implementation. Due to the nature of the system, the focus was placed on communication security and the related safety of the impacted aircraft in the simulation scenario. To support development of safety/security requirements, a well-established fault tree analysis technique was used. This fault tree model-based analysis, supported by a commercial tool, was a foundation to propose mitigations assuring the gateway system safety and security