A Model-Driven Methodology for Critical Systems Engineering

Model-Driven Engineering (MDE) promises to enhance system development by reducing development time, and increasing productivity and quality. MDE is gaining popularity in several industry sectors, and is attractive also for critical systems where they can reduce efforts and costs for verification and validation (V&V), and can ease certification. This thesis proposes a novel model-driven life cycle that is tailored to the development of critical railway systems. It also integrates an original approach for model-driven system validation, based on a new model named Computation Independent Test model (CIT). Moreover, the process supports the Failure Modes and Effect Analysis (FMEA), with a novel approach to conduct Model-Driven FMEA, based on custom SysML Diagram, namely the FMEA Diagram, and Prolog. The approaches have been experimented in multiple real-world case studies, from railway and automative domains

Model-Based Software Engineering and Certification: Some Open Issues

Model-based software engineering methodologies, languages, standards, technologies, and tools are in place since many years. While they proved to be effective in several application sectors, e.g. for embedded systems, empirical studies show that their use in industries pursues a variety of goals and that often they are only partially applied, so it is still not clear to what extent they are actually adopted in the engineering practice and whether they achieve the claimed advantages. Notwithstanding this, model-based techniques are being increasingly advocated for use in critical systems engineering. As critical systems have to undergo certification, the question raised to what extent model-based engineering supports certification. While this is not a new issue, the literature is still at the beginning. We examine key aspects in this respect, and identify some open issues

Model-Driven Engineering of a Railway Interlocking System

Model-Driven Engineering (MDE) promises to enhance system development by reducing development time, and increasing productivity and quality. MDE is gaining popularity in several industry sectors, and is attractive also for critical systems where they can reduce efforts and costs for verication and validation (V&V), and can ease certication. Incorporating model-driven techniques into a legacy well-proven development cycle is not simply a matter of placing models and transformations in the design and implementation phases. We present the experience in the model-driven design and V&V of a safety-critical system in the railway domain, namely the Prolan Block, a railway interlocking system manufactured by the Hungarian company Prolan Co, required to be CENELEC SIL-4 compliant. The experience has been carried out in an industrial-academic partnership within the EU project CECRIS. We discuss the challenges and the lessons learnt in this pilot project of introducing MD design and testing techniques into the company's traditional V-model process

english

Model-Driven Engineering (MDE) promises to enhance system development by reducing development time, and increasing productivity and quality. MDE is gaining popularity in several industry sectors, and is attractive also for critical systems where they can reduce efforts and costs for verification and validation (V&V), and can ease certification. Incorporating model-driven techniques into a legacy well-proven development cycle is not simply a matter of placing models and transformations in the design and implementation phases. We present the experience in the model-driven design and V&V of a safety-critical system in the railway domain, namely the Prolan Block, a railway interlocking system manufactured by the Hungarian company Prolan Co., required to be CENELEC SIL-4 compliant. The experience has been carried out in an industrial-academic partnership within the EU project CECRIS. We discuss the challenges and the lessons learnt in this pilot project of introducing MD design and testing techniques into the company's traditional V-model process

Model-in-the-Loop Testing of a Railway Interlocking System

Model-driven techniques offer new solutions to support development and verification and validation (V&V) activities of software-intensive systems. As they can reduce costs, and ease the certification process as well, they are attractive also in safety-critical domains. We present an approach for Model-in-the-loop testing within an OMG-based model-driven process, aimed at supporting system V&V activities. The approach is based on the definition of a model of the system environment, named Computation Independent Test (CIT) model. The CIT enables various forms of system test, allowing early detection of design faults. We show the benefits of the approach with reference to a pilot project that is part of a railway interlocking system. The system, required to be CEN- ELEC SIL-4 compliant, has been provided by the Hungarian company Prolan Co. in the context of an industrial-academic partnership

SysML-based and Prolog-supported FMEA

Failure Mode and Effects Analysis (FMEA) is a well-known technique for evaluating the effects of potential failure modes of components of a system. It is a crucial reliability and safety engineering activity for critical systems requiring systematic inductive reasoning from postulated component failures. We present an approach based on SysML and Prolog to support the tasks of an FMEA analyst. SysML block diagrams of the system under analysis are annotated with valid and error states of components and of their input flows, as well as with the logical conditions that may determine erroneous outputs. From the annotated model, a Prolog knowledge base is automatically built, transparently to the analyst. This can then be queried, e.g., to obtain the flows’ and blocks’ states that lead to system failures, or to trace the propagation of faults. The approach is suited for integration in modern model-driven system design processes. We describe a proof-of-concept implementation based on the Papyrus modeling tool under Eclipse, and show a demo example

Integrating FMEA in a Model Driven Methodology

Failure Mode and Effects Analysis (FMEA) is a well known technique for evaluating the effects of potential failures of components of a system. FMEA demands for engineering methods and tools able to support the time-consuming tasks of the analyst. We propose to make FMEA part of the design of a critical system, by integration into a model-driven methodology. We show how to conduct the analysis of failure modes, propagation and effects from SysML design models, by means of custom diagrams, which we name FMEA Diagrams. They offer an additional view of the system, tailored to FMEA goals. The enriched model can then be exploited to automatically generate FMEA worksheet and to conduct qualitative and quantitative analyses. We present a case study from a real-world project

E2E-Loader: A Framework to Support Performance Testing of Web Applications

This package contains E2E-Loader, a Framework to Support Performance Testing of Web Applications. The tool leverages E2E functional test cases to automatically generate workloads for performance testing