Akhela nSC WP200 – Status of the activity

ARTEMIS-2010-1 pSafeCer Grant Agreement number 269265ARTEMIS-2011-1 nSafeCer Grant Agreement number 295373

Safety Certification of Software-intensive Systems with Reusable Components

Akhela

nSC WP200 – Status of the activityMassimiliano Turco (Akhela - [email protected] )

SafeCer P7 September 25-27, 2013 Riga

http://www.avl.com/

http://vif.tugraz.at/en/

http://www.adacore.com/

http://www.akhela.com/index.htm

27thof September 2013, Riga Page 2


Presentation outline

WP200 objectives and deliverables WP210 overview WP220 overview WP230 overview D211.1_ D212.1: status D221.1_ D222.1: status WP200 deliverables and corrective actions Forthcoming activities and potential risks



WP200 objectives The WP200 objective is to transform the pSafeCer prototype framework of tools in a project-ready tool framework with a smart integrated tool chain, reusable components and a framework for the design, implementation, testing, validation of safety certifiable embedded systems; in addition, the CAR will provide support and automation for configuration management activities.

WP200Implementation and

integration

WP210Integration of results of

pSafeCer

WP220Tools extensions

WP230Evaluation and

Validation of the safeCer platform



WP210Work package number nSC 210 Start date or starting event: Month 13 (April 2012)

Work package title Integration of results of pSafeCer

Work package leader FBK

WP210 will analyze the results of psafeCer in order to identify the enhancement necessary to use the tool framework in an

industrial certification project. In particular, will analyze:

The feedback of the pSafeCer instantiations to smooth the

customization of the Tool Framework and Certification Artifact Repository to

the specific domains.

The feedback of the pSafeCer demonstrator to improve the usability and

effectiveness of Tool Framework and Certification Artifact Repository along the

certification process.

The quality of the tools’ code and documentation.



D211.1 Prototype analysis document D212.1 Prototype enhancement specification Document

These deliverables are the output of the work package nSafeCer WP210 on “Integration of pSafeCer results”.

The main objective of WP210 is to integrate the results of pSafeCer by analyzing them and specifying which enhancements should be developed by nSafeCer.



It provides an analysis of the current status of the pSafeCer tool framework highlighting what is missing and what should be extended/integrated/implemented in nSafeCer.

It highlights the drawbacks of the framework to support the certification process proposed in pSafeCer and the demonstrators that will be carried out in nSafeCer.

One of the main concerns is the status of integration of the CTF and other tools with the CAR, which is seen as pivotal for the certification process.

Other concerns are related to the missing support for the preparation of certification material and safety argumentation. Moreover, each tool of the framework needs some extensions mostly related to the SafeCer process and component models, contract verification, and dependability and safety analysis.

It includes a high-level specification of what will be implemented in nSafeCer.



WP220

WP220 will implement extensions of the tools developed in the framework pSafeCer

CTF and CAR integration

design proposal

GPM integration design proposal

Improvement of existing tools and

new tools Mapping of Use Cases and tools

Facilities

Work package number 220 Start date or starting event:

Month 21 (Dicember 2012)

Work package title Tool extensionsWork package leader AKHELA



D221.1_ D222.1 – Requirements, Architecture and Design Document for Tool Framework

This deliverable includes information about the enhancement design for the Tool Framework.

CTF and CAR integration design analysis GPM integration design analysis Improvement of pSafeCer tools and new tools Mapping of Use Cases and tools Facilities



CTF and CAR integration design analysis [1]The integration of the CAR and CTF is interpreted as a mutual collaboration to implement the fundamentals tasks requested by the continuous certification objective: following the artefact evolution, regenerating the obsolete artefacts to keep the system certifiable and, maintaining artefact traceability information.



CTF and CAR integration design analysis [2]

The CAR has to work out and store the reference to the CAR imported artifacts (location) and their traceability links and dependency links, calculated on the basis of the rules defined in the CAR input model, containing the most general relationship between the artifact classes involved in the certification process. As well, the CAR has to performs the impact analysis, which checks the artifact updated status and consequently detects the artifacts to be regenerated in order to make the artifact status consistent and the system still certifiable.

The CTF has to execute the tool chain, generating new artifacts or the old ones which need to be update.



GPM integration design analysis [1]

The interaction with the CTF is centered on identifying the “families” of tools required by a certification process such as: requirement management tools, modelling tools, IDE, compilers, static analysis tools and so on. SafeCer partners will be encouraged to integrated their own (or external) tools in the CTF, so as to develop an integrated tool chain covering most activities identified by the generic certification process.

The interaction with the CAR consist in a mechanism to manage the certification artefacts produced by the activities described by the generic process and its domain-specific instantiations. The core idea is to deduce an artefact-centric process model and use it to configure the CAR.





WP120 Process: the key research element of this work package will be the development of the co-certification process and associated techniques for certifying systems developed using a product-line engineering approach.

WP220: CTF, CAR and GPM interaction


Integration between WP100 (GPM) and WP200 (CAR and CTF)



Aimed to integrate the GPM with the Platform, in order to perform a specific certification process it’s key to determinate an xml as input to initialize the system (CAR/CTF and tools, sequence of tools and, consequently, artefacts to track)

Definition of interface with CAR/CTF possibly by September 2013

Which process elements should the process models contain? (e.g. Tools for CTF and artefacts for CAR)

Provision of the XML related to the processes, modeled in SPEM2.0/EPF


Integration between WP100 (GPM) and WP200 (CAR and CTF)



GPM integration design analysis [4] Portion of XML related to the ISO26262 process, modeled in SPEM2.0/EPF (MDH)

CTF is “in charge” of the tools, so it could extract the tools info from the input process xml file.

We have to discuss the details about the xml structure, involving also AdaCore and their CAR module.



New Specific tools [1]One of the goals of sub-WP220 is to develop new specific tools or their integration in the existent pSafecer Tool Framework. The tools will be categorized in the following categories providing languages and facilities that permit the interoperation of the following tool during the safety certification process:

Requirement ToolAnalysis and V&V ToolStructural Design ToolFunctional Design ToolIDETesting Tool

Furthermore, tools already presented in the Platform could be updated and or modified. Work-in-progress.



New Specific tools [2]At the moment of writing the discussion is still open regarding new tools.

UPM proposed the new tool PeabraiN

PeabraiN is composed of a collection of PIPE tool-compliant modules for performance estimation and resource optimization based on bounds computation for Stochastic Petri Nets (SPNs).



Mapping of Use Cases and tools [1] In the WP220 activity, an investigation has been performed regarding the planned Use Cases and the related tools indicated by the UC providers.

This has been done, under the point of view of the CTF, for:

1) better understanding the specific Use Case

2) better knowing and identifying the related tools

3) better understanding the sequence of tools and, most important,

4) how this impacts on the CTF and CAR, respect the integration and then automatization of a specific certification process



Mapping of Use Cases and tools [2] Use cases

Railway[pSC WP5.3] - Intelligent mobile device for safe braking SAFE-R (RTU)

[pSC WP5.3] - Snow Sensor for Point Heating Use Case SSPH (Algorego)

[pSC WP5.3] - Conception ”Train control and monitoring system: Doors Control” TCMS (CAF)

[nSC WP320] TCMS - Train Control Monitoring System: Doors Control (CAF)[nSC WP330] SCSLC - Safety Control System on Level Crossings (RTU)

[nSC WP340] Incremental certification based on a generic fault tolerant computing platform - TAS Control Platform (Thales Austria)

Aerospace[nSC WP420] Avionic On-Board Systems (TCS) [nSC WP430] Air Traffic Control – ARTAS demonstrator (Vitrociset) [nSC WP440] LOEO - Low-Orbit Earth Observation (TASE)

Automotive [nSC WP520] HEVP - Hybrid Electric Vehicle Powertrain (AVL/ViF)[nSC WP530] Autosar Basic Software Modules (SP)[nSC WP550] Construction Equipment Evaluation (VCE)

Cross Domain[nSC WP620] TTE - Time Triggered Ethernet Switch (TTTECH)[nSC WP630] FlexRay, BusScope on-line diagnosis (AIT)[nSC WP640] Automated External Defibrilator (Bexen Cardio/ Osatu)



FacilitiesnSafeCer can add new wizards, templates and facilities that can be useful in the artifact lifecycle.

MS Word plug-in proposed by Resiltech

MS Word plug-in allows to import a list of requirements thanks to a document plug-in with an easy user interface. The interface should allow the user to highlight easily part of the text that is a requirements and the tool should populate a requirement DB from that.Output could be, for instance, in a format easily integrated into the CAR or in some format compatible with SQL DB.



WP230

WP230 will to evaluate and validate the use of the SafeCer framework in a real environment, making sure that the framework is ready for industrial use.

Support to the demonstrators for

instantiating the SafeCer framework

Collection of feedbacks from the demonstrators

Properly validate the SafeCer framework

Work package number nSC 230 Start date or starting event: Month 25 (April 2013)Work package title Evaluation and Validation of the SafeCer platformWork package leader ADACORE



WP200 deliverablesDel. no Deliverable name Lead

beneficiary Delivery date Comments

nSC D211.1/ nSC D212.1

Prototype analysis document

------------------------------------------Prototype enhancement

specificationdocument

FBK M26 (May 2013) Released in April 2013 (M25)

nSC D221.1/ nSC D222.1

Extended requirement document for tool framework

-------------------------------------------

Architecture document, design document for tool framework

AKHELA M30 (September 2013)

Preliminary draft version released at the end of April 2013.

Deliverable released for internal review the 20th of September 2013,

as scheduled.

nSC D223.1 Enhanced software prototype AKHELA M42 (September 2014) Not yet started (M31)

nSC D224.1 Test cases and test results for tool framework AKHELA M48 (march 2015) Not yet started (M43)

nSCD231.1 SafeCer platform instantiation report ADACORE M42 (September 2014) On-going (started M25)

nSC D232.1 Demonstrator feedback on the SafeCer framework ADACORE M42 (September 2014) Not yet started (starts M33)

nSC D233.1 SafeCer platform validation ADACORE M48 (march 2015) Not yet started (starts M43)



Work Package Action\Request Result DeadlineWP210 (FBK) Merge the deliverable “nSC

D211.1 Prototype analysis document” to the following one, “nSC D212.1 Prototype enhancement specification Document”

Single deliverable document

M25 (April 2013)

WP220 (Akhela)

Merge the deliverable “nSC D221.1 - Requirements Document forTool Framework” to the following one, “D222.1 - Architecture Document,Design Document for Tool Framework”

Single delivarable named: “nSC D221.1_ D222.1 – Requirements, Architecture and Design Document for Tool Framework"

M30 (September 2013)Same date scheduled for“D222.1 - Architecture Document,Design Document for ToolFramework”.

WP200 Corrective Actions



Forthcoming activities and potential risks Software phase following the design of new addition and enhancement of the

platform, as described above. Consequently, the D221.1_D222.1 should be labeled as a “living document” to be updated and aligned accordingly to the software developments.

Release of a intermediate software prototype able to perform a possible simplified certification process (GPM/CTF/CAR), possibly covering one of the planned UC (or part of it).

Risk: put in place a fully working integration with CTF/CAR & GPM.

Akhela nSC WP200 – Status of the activity

Documents

rigapage n artemis

riga artemis

results of psafecer

psafecer tool framework

wp210work package number

nsafecer wp200 ramp

work package nsafecer

safety analysis