ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265 ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373 Safety Certification of Software- intensive Systems with Reusable Components Akhela nSC WP200 – Status of the activity Massimiliano Turco (Akhela - [email protected] ) SafeCer P7 September 25-27, 2013 Riga
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
Safety Certification of Software-intensive Systems with Reusable Components
Akhela
nSC WP200 – Status of the activityMassimiliano Turco (Akhela - [email protected] )
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
Presentation outline
WP200 objectives and deliverables WP210 overview WP220 overview WP230 overview D211.1_ D212.1: status D221.1_ D222.1: status WP200 deliverables and corrective actions Forthcoming activities and potential risks
27thof September 2013, Riga Page 3
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
WP200 objectives The WP200 objective is to transform the pSafeCer prototype framework of tools in a project-ready tool framework with a smart integrated tool chain, reusable components and a framework for the design, implementation, testing, validation of safety certifiable embedded systems; in addition, the CAR will provide support and automation for configuration management activities.
WP200Implementation and
integration
WP210Integration of results of
pSafeCer
WP220Tools extensions
WP230Evaluation and
Validation of the safeCer platform
27thof September 2013, Riga Page 4
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
WP210Work package number nSC 210 Start date or starting event: Month 13 (April 2012)
Work package title Integration of results of pSafeCer
Work package leader FBK
WP210 will analyze the results of psafeCer in order to identify the enhancement necessary to use the tool framework in an
industrial certification project. In particular, will analyze:
The feedback of the pSafeCer instantiations to smooth the
customization of the Tool Framework and Certification Artifact Repository to
the specific domains.
The feedback of the pSafeCer demonstrator to improve the usability and
effectiveness of Tool Framework and Certification Artifact Repository along the
certification process.
The quality of the tools’ code and documentation.
27thof September 2013, Riga Page 5
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
These deliverables are the output of the work package nSafeCer WP210 on “Integration of pSafeCer results”.
The main objective of WP210 is to integrate the results of pSafeCer by analyzing them and specifying which enhancements should be developed by nSafeCer.
27thof September 2013, Riga Page 6
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
It provides an analysis of the current status of the pSafeCer tool framework highlighting what is missing and what should be extended/integrated/implemented in nSafeCer.
It highlights the drawbacks of the framework to support the certification process proposed in pSafeCer and the demonstrators that will be carried out in nSafeCer.
One of the main concerns is the status of integration of the CTF and other tools with the CAR, which is seen as pivotal for the certification process.
Other concerns are related to the missing support for the preparation of certification material and safety argumentation. Moreover, each tool of the framework needs some extensions mostly related to the SafeCer process and component models, contract verification, and dependability and safety analysis.
It includes a high-level specification of what will be implemented in nSafeCer.
27thof September 2013, Riga Page 7
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
WP220
WP220 will implement extensions of the tools developed in the framework pSafeCer
CTF and CAR integration
design proposal
GPM integration design proposal
Improvement of existing tools and
new tools Mapping of Use Cases and tools
Facilities
Work package number 220 Start date or starting event:
Month 21 (Dicember 2012)
Work package title Tool extensionsWork package leader AKHELA
27thof September 2013, Riga Page 8
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
D221.1_ D222.1 – Requirements, Architecture and Design Document for Tool Framework
This deliverable includes information about the enhancement design for the Tool Framework.
CTF and CAR integration design analysis GPM integration design analysis Improvement of pSafeCer tools and new tools Mapping of Use Cases and tools Facilities
27thof September 2013, Riga Page 9
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
CTF and CAR integration design analysis [1]The integration of the CAR and CTF is interpreted as a mutual collaboration to implement the fundamentals tasks requested by the continuous certification objective: following the artefact evolution, regenerating the obsolete artefacts to keep the system certifiable and, maintaining artefact traceability information.
27thof September 2013, Riga Page 10
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
CTF and CAR integration design analysis [2]
The CAR has to work out and store the reference to the CAR imported artifacts (location) and their traceability links and dependency links, calculated on the basis of the rules defined in the CAR input model, containing the most general relationship between the artifact classes involved in the certification process. As well, the CAR has to performs the impact analysis, which checks the artifact updated status and consequently detects the artifacts to be regenerated in order to make the artifact status consistent and the system still certifiable.
The CTF has to execute the tool chain, generating new artifacts or the old ones which need to be update.
27thof September 2013, Riga Page 11
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
GPM integration design analysis [1]
The interaction with the CTF is centered on identifying the “families” of tools required by a certification process such as: requirement management tools, modelling tools, IDE, compilers, static analysis tools and so on. SafeCer partners will be encouraged to integrated their own (or external) tools in the CTF, so as to develop an integrated tool chain covering most activities identified by the generic certification process.
The interaction with the CAR consist in a mechanism to manage the certification artefacts produced by the activities described by the generic process and its domain-specific instantiations. The core idea is to deduce an artefact-centric process model and use it to configure the CAR.
27thof September 2013, Riga Page 12
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
27thof September 2013, Riga Page 13
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
WP120 Process: the key research element of this work package will be the development of the co-certification process and associated techniques for certifying systems developed using a product-line engineering approach.
WP220: CTF, CAR and GPM interaction
GPM integration design analysis [2]
Integration between WP100 (GPM) and WP200 (CAR and CTF)
27thof September 2013, Riga Page 14
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
Aimed to integrate the GPM with the Platform, in order to perform a specific certification process it’s key to determinate an xml as input to initialize the system (CAR/CTF and tools, sequence of tools and, consequently, artefacts to track)
Definition of interface with CAR/CTF possibly by September 2013
Which process elements should the process models contain? (e.g. Tools for CTF and artefacts for CAR)
Provision of the XML related to the processes, modeled in SPEM2.0/EPF
GPM integration design analysis [3]
Integration between WP100 (GPM) and WP200 (CAR and CTF)
27thof September 2013, Riga Page 15
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
GPM integration design analysis [4] Portion of XML related to the ISO26262 process, modeled in SPEM2.0/EPF (MDH)
CTF is “in charge” of the tools, so it could extract the tools info from the input process xml file.
We have to discuss the details about the xml structure, involving also AdaCore and their CAR module.
27thof September 2013, Riga Page 16
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
New Specific tools [1]One of the goals of sub-WP220 is to develop new specific tools or their integration in the existent pSafecer Tool Framework. The tools will be categorized in the following categories providing languages and facilities that permit the interoperation of the following tool during the safety certification process:
Requirement ToolAnalysis and V&V ToolStructural Design ToolFunctional Design ToolIDETesting Tool
Furthermore, tools already presented in the Platform could be updated and or modified. Work-in-progress.
27thof September 2013, Riga Page 17
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
New Specific tools [2]At the moment of writing the discussion is still open regarding new tools.
UPM proposed the new tool PeabraiN
PeabraiN is composed of a collection of PIPE tool-compliant modules for performance estimation and resource optimization based on bounds computation for Stochastic Petri Nets (SPNs).
27thof September 2013, Riga Page 18
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
Mapping of Use Cases and tools [1] In the WP220 activity, an investigation has been performed regarding the planned Use Cases and the related tools indicated by the UC providers.
This has been done, under the point of view of the CTF, for:
1) better understanding the specific Use Case
2) better knowing and identifying the related tools
3) better understanding the sequence of tools and, most important,
4) how this impacts on the CTF and CAR, respect the integration and then automatization of a specific certification process
27thof September 2013, Riga Page 19
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
Mapping of Use Cases and tools [2] Use cases
Railway[pSC WP5.3] - Intelligent mobile device for safe braking SAFE-R (RTU)
[pSC WP5.3] - Snow Sensor for Point Heating Use Case SSPH (Algorego)
[pSC WP5.3] - Conception ”Train control and monitoring system: Doors Control” TCMS (CAF)
[nSC WP320] TCMS - Train Control Monitoring System: Doors Control (CAF)[nSC WP330] SCSLC - Safety Control System on Level Crossings (RTU)
[nSC WP340] Incremental certification based on a generic fault tolerant computing platform - TAS Control Platform (Thales Austria)
Aerospace[nSC WP420] Avionic On-Board Systems (TCS) [nSC WP430] Air Traffic Control – ARTAS demonstrator (Vitrociset) [nSC WP440] LOEO - Low-Orbit Earth Observation (TASE)
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
FacilitiesnSafeCer can add new wizards, templates and facilities that can be useful in the artifact lifecycle.
MS Word plug-in proposed by Resiltech
MS Word plug-in allows to import a list of requirements thanks to a document plug-in with an easy user interface. The interface should allow the user to highlight easily part of the text that is a requirements and the tool should populate a requirement DB from that.Output could be, for instance, in a format easily integrated into the CAR or in some format compatible with SQL DB.
27thof September 2013, Riga Page 21
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
WP230
WP230 will to evaluate and validate the use of the SafeCer framework in a real environment, making sure that the framework is ready for industrial use.
Support to the demonstrators for
instantiating the SafeCer framework
Collection of feedbacks from the demonstrators
Properly validate the SafeCer framework
Work package number nSC 230 Start date or starting event: Month 25 (April 2013)Work package title Evaluation and Validation of the SafeCer platformWork package leader ADACORE
27thof September 2013, Riga Page 22
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
nSC D232.1 Demonstrator feedback on the SafeCer framework ADACORE M42 (September 2014) Not yet started (starts M33)
nSC D233.1 SafeCer platform validation ADACORE M48 (march 2015) Not yet started (starts M43)
27thof September 2013, Riga Page 23
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
Work Package Action\Request Result DeadlineWP210 (FBK) Merge the deliverable “nSC
D211.1 Prototype analysis document” to the following one, “nSC D212.1 Prototype enhancement specification Document”
Single deliverable document
M25 (April 2013)
WP220 (Akhela)
Merge the deliverable “nSC D221.1 - Requirements Document forTool Framework” to the following one, “D222.1 - Architecture Document,Design Document for Tool Framework”
Single delivarable named: “nSC D221.1_ D222.1 – Requirements, Architecture and Design Document for Tool Framework"
M30 (September 2013)Same date scheduled for“D222.1 - Architecture Document,Design Document for ToolFramework”.
WP200 Corrective Actions
27thof September 2013, Riga Page 24
ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373
Forthcoming activities and potential risks Software phase following the design of new addition and enhancement of the
platform, as described above. Consequently, the D221.1_D222.1 should be labeled as a “living document” to be updated and aligned accordingly to the software developments.
Release of a intermediate software prototype able to perform a possible simplified certification process (GPM/CTF/CAR), possibly covering one of the planned UC (or part of it).
Risk: put in place a fully working integration with CTF/CAR & GPM.