Boeing Certification Techniques for Advanced Flight Critical Systems Challenge Problem Integration (CerTA FCS CPI) Briefing at the
|
|
- Ophelia Osborne
- 6 years ago
- Views:
Transcription
1 Boeing Certification Techniques for Advanced Flight Critical Systems Challenge Problem Integration (CerTA FCS CPI) Briefing at the AFRL Safe & Secure Systems & Software Symposium (S5) BOEING is a trademark of Boeing Management Company. 03 June 2009 Dayton, Ohio Approved for Public Release. Case Number: 88ABW
2 Outline CerTA FCS CPI Program Impact Program Approach and Program Tasks Measures of Merit and Key Performance Parameters Initial Effectiveness Analysis V&V Technologies Exercised on Program Technology Description Impact Summary 2
3 CerTA FCS CPI in Boeing Context HALE (High-Altitude Long Endurance) ScanEagle Boeing Development Cycle Flight Test / OA Day-in-the-Life i ca tio n nit e fi ali da tio na nd V er if - GVT - SMI h ic Ve lin de Mo le EOM ΣF=ma Design: Implement Requirements g Adaptive Control Margins (UIUC) Unit Testing -MATRIXx -DTE Code Generation Analysis - Stability - Performance - FQ s - Failures at ion,v Modeling and Simulation te gr d an ion H/W and S/W Integration & Test (HIL, SIL) In sd Vehicle Integration Testing Rqmts & ICDs SpecSafe Safety Analysis (EDAptive) ScanEagle Compressed Carriage System Verification Testing (SVT) V&V Managers (Boeing) Configuration Trade Studies nt me ire Flight Surfaces Deployed qu Re Integrator Phantom Ray CodeHawk Code Properties (Kestrel Technology) MORC Code EDICT Fault Generation (Boeing) Tolerance (WW Tech) X-48B 3
4 Closer Look at Boeing Development Cycle Day - in - the - Life Functional Qualification Test Flight Test / OA Configuration Management Configuration Trade Studies Problem Report Tracking Requirements Database System Verification Testing (SVT) Vehicle Integration Testing Rqmts & ICDs Modeling and Simulation Autocode -- **************************************************************** ************/ #include < stdio.h > #include < math.h > #include " sa_sys.h " #include " sa_defn.h " #include " sa_types.h " #include " sa_math.h " #include " sa_user.h " #include " sa_utils.h " #include " sa_time.h " #include " sa_fuzzy.h " /*** System Data ***/ Model - Based Design S y s t e m S y s t e m A B S y s t e m S y s t e m C D S y s t e m E F H/W and S/W Integration & Test (HIL, SIL) EOM Σ F=ma Design: Implement Requirements Unit Testing Code Analysis Generation - Stability - Performance - FQ s - Failures 4
5 Program Approach Boeing Program Experience Innovative CerTA FCS V&V Technologies The Boeing Team Expertise The Boeing CerTA FCS CPI Program Task 1 : Challenge Problem Definition Identify desired characteristics Evaluate candidates Acquire project metrics Review with AFRL Task 2: V&V Tech Identification and Integration Identify the key innovations Characterize their properties Integrate into CerTA- FCS-CPI V&V process Review with AFRL Task 3 : Develop Measures of Merit Analyze CP & tech innovations Collect extensive Boeing experience Select MoMs & KPPs Review with AFRL Challenge Set of MoMs & Innovative Problem KPPs to Quantify V&V Process Definition Improvements Task 4 : Initial Effectiveness Analysis Option - Task 5 : Challenge Problem Demonstration Apply historical data Apply CerTA FCS & experience with the CPI V&V process to CP technologies Assess in terms of MoMs & KPPs Review with AFRL Assess in terms of MoMs & KPPs Demonstrate for AFRL Transitions to Effectiveness of Improvements of V&V Innovations to Certification Emerging Programs Task 1 Challenge Problem Definition Task 2 V&V Technology Identification and Integration Task 3 Develop MoMs / KPPs Task 4 Initial Effectiveness Analysis 5
6 The Challenge DO-178B the gold standard of SW verification Based on defined processes and thorough testing We can t test our systems safe! Systems growing exponentially in size and complexity The test space is growing/exploding even faster The time has come for new approaches to assure system safety & security Software for Dependable Systems: Sufficient Evidence Also Internationally recognized 6
7 Solutions Identified Safety / Assurance Cases Analysis performed earlier in development process Formal Methods, Verification Conditions, other math techniques Mitigate some later testing Automation of the Development Process Certification aspects can be particularly labor intensive Evolutionary Humans will stay in the loop Today we automate a lot more than we used to 7
8 MOMs and KPPs Measures of Merit (MOMs) represent the top level goals and objectives of a program, platform, or process improvement effort. Time/Cost Assurance Expertise (to use/apply) Enhanced Vehicle Capability (Increases in software complexity providing advanced functionality) Key Performance Parameters represent the benefits of individual features, aspects, steps or technologies Benefit of investment in a development process step such as resulting in lower development cycle cost / lifecycle cost 8
9 The Big Picture Experimentation Parameter Analysis Tool Analysis Output KPP MOM 9
10 Initial Effectiveness Analysis Approach Evaluation of the MOMs and KPPs for each technology Benefits relative to a UAV development As quantifiable as possible Estimating cost / schedule impact of inserting tool into process Consideration of benefits (and potential costs) Cycle time reduction Defect (and re-work) avoidance Increased assurance and confidence Expertise needed to use tool 10
11 V&V Technologies Undergoing Experimentation Shown in Boeing Development Cycle context Day-in-the-Life Flight Test / OA Requirements Definition and Vehicle Modeling Configuration Trade Studies Rqmts & ICDs SpecSafe Safety Analysis (EDAptive) Modeling and Simulation EOM ΣF=ma Design: Implement Requirements Adaptive Control Margins (UIUC) V&V Managers (Boeing) Unit Testing -MATRIXx -DTE Code Generation Analysis - Stability - Performance - FQ s - Failures EDICT Fault Tolerance (WW Tech) H/W and S/W Integration & Test (HIL, SIL) MORC Code Generation (Boeing) System Verification Testing (SVT) Vehicle Integration Testing - GVT - SMI CodeHawk Code Properties (Kestrel Technology) Integration, Validation and Verification 11
12 Technologies and Application to a Challenge Problem V&V Technologies CodeHawk (Kestrel Technology) Stability and robustness margins (UIUC) SpecSafe (EDAptive Computing) MORC (Boeing) EDICT (WW Technology Group) V&V Managers (Boeing) Challenge Problem Aspects/Artifacts C source code Control laws with adaptation Matlab design portion of inner loop control design Considerations: properties to prove MORC converts control system models directly into object code. AADL model build from UAV requirements, design artifacts, including both H/W and S/W V&V artifacts, such as requirements, traceabilityrelated annotation of Matlab models, autogenerated source code. 12
13 CodeHawk Kestrel Technology Abstract Interpretation applied to source code Input: C source code Output: Errors, Warnings, Safe indications of each location in the source code relevant to the property Approach Parse code Produce conservative overapproximation of the reachable state space Check property against state space CodeHawk is actually a checker generator Define property Generate checker Automatically check property 13
14 Illustration of Abstract Interpretation M = 0 M M i = 0 i i i < 10? stop M 20,000 M = M M = M ,000 i++ 10 i 14
15 MOMs and Kestrel Technology CodeHawk Time/Cost without theoretically proving properties of the source code, additional testing and peer review would be required, and additional errors may escape the software coding phase leading to rework Assurance formal methods techniques provide more state space coverage than current methods Expertise (to use/apply) want to bring this to the level of the normal Software Engineer CerTA FCS CPI is helping us explore this dimension 15
16 Stability / Robustness Margins for Adaptive Systems University of Illinois at Urbana- Champaign (UIUC) Reference Model + - Adaptive Control Guidance Baseline Autopilot + + Airframe 16
17 Stability / Robustness Margins for Adaptive Systems V&V Challenge Verify control laws satisfy required robustness margins Challenge Problem Manifestation Adaptive control laws with non-linear behavior are difficult to verify V&V Technology Theoretically justified Adaptive Control Margins & L1 adaptive controller applied to challenge problem flight controller 17
18 MOMs and UIUC Adaptive Control Margins Time/Cost without theoretically justified robustness margins analysis, V&V of adaptive control would necessitate a very large set of simulation runs and analysis of results given today s processes Assurance robustness margins analysis aim to provide more state space coverage than current methods (i.e., numerous simulation runs) Expertise (to use/apply) want to bring this to the level of the normal Controls Engineer CerTA FCS CPI is helping with this transition Enhanced Vehicle Capability robustness margins techniques are aimed at enabling the fielding of flight platforms that benefit from adaptive control Better performance at challenging flight envelope conditions Better performance in various CG and outer mold line configurations (e.g., different load-outs) Better disturbance rejection Better performance in the face of vehicle and subsystem degradation and damage 18
19 SpecSafe EDAptive Computing, Inc. Theorem Proving applied to Control Models Input: Simulink diagram Output: Proven properties Approach Translate to internal form (Rosetta/Syscape) Automatically generate properties Prove automatically (PVS) Additional capability: Generate run-time monitors 19
20 SpecSafe Tool Flow Functional Test Vectors INPUT, Simulink Model FCS Specification Design (Rosetta) Equivalency Checking FCS Specification Design Model / Specification Conversion Automated Assistance PVS Proof Script Theorem Proving Proven FCS Specification Design Assertion Generation Run-Time Assertions Run-Time Assertions Conversion Output 1, Proven Lemmas FCS Specification with Run-Time Assertions Output 2, Simulink Model with Runtime Assertions STANDARD FLOW 1. A Simulink design is converted to Syscape 2. Equivalency Checking is performed: a. Structural Verification b. Boundary Verification c. Dynamic Verification 3. Syscape model is converted to PVS lemmas 4. The lemmas are Proven 5. Safety Properties are proven 6. Assertions may be translated to Simulink run-time monitors. 20
21 MOMs and EDAptive SpecSafe Time/Cost without theoretically proving properties of the controller, additional human-intensive simulationbased validation of the model would be required, and additional errors may escape the controller design phase leading to rework Assurance formal methods techniques provide more state space coverage than current methods Expertise (to use/apply) want to bring this to the level of the normal Controls Engineer CerTA FCS CPI is helping us explore this dimension 21
22 MORC (Model to Object Reversible Compiler) Boeing Go from model to verifiable assembly code Input: Simulink/MATRIXx Diagram Output: Assembly code Approach Generate code that preserves the structure of the model for easier traceability (and reversibility) Generate efficient embedded code Generate safe code Reduces V&V cost of safety critical systems (Level A) Guarantees object code matches the model Eliminates need for analysis of object code to show traceability Facilitates the reuse of test cases developed in simulation phase When used in conjunction with a COTS code generator, provides an independent thread of verification Additional capability: the generated code compiles to more efficient object code and boosts real-time performance 22
23 MORC (Model to Object Reversible Compiler) Traditional Autocoder Approach Simulation Test Vectors Built-In Autocoder C/Ada Code Compiler/ Linker Simulation Test Results Model Embedded Compiler/ Linker Simulation on host Target Test Vectors Target processor Target Test Results 23
24 MORC (Model to Object Reversible Compiler) MORC Approach Test Vectors Built-In Autocoder C/Ada Code Compiler/ Linker Test Results =? Independent Model-to- Object Autocoder Model Assembly code for target Assembler/ Linker Simulation on host =? Model Reverser Target processor Test Results 24
25 MOMs and Boeing MORC Code Generation Time/Cost Translation from model-based design directly to object code skips the steps of source code generation, source code peer review, source code configuration management, and compilation Assurance Structure of generated code simplifies mapping of model to code, increasing confidence in the correctness of generated code Expertise (to use/apply) want to bring this to the level of the normal Software Engineer CerTA FCS CPI is helping us explore this dimension Enhanced Vehicle Capability Generated code is more efficient (smaller size, faster execution) 25
26 EDICT Fault Tolerance Analysis WW Technology Group SafeSuite EDICT Tool Suite Domain Tools Error Security Handling Safety SafeSpec Project Help Management Views Model Editors Analysis Core Tools SafePlace Team OSATE System Composer SOC System Analyzer Inter-Tool Interfaces V&V Challenge Verify that fault containment requirements are satisfied Measurement Effort to analyze the model, Effort to incorporate any identified changes Platform Run-Time Resource Services Eclipse Environment SW Component Library 26
27 EDICT Fault Tolerance Analysis 27
28 MOMs and WW Technology Group EDICT Time/Cost Reduced cost through earlier detection of fault containment errors and consequent avoided rework Assurance Automated analysis increases confidence that all cases are covered Expertise (to use/apply) want to bring this to the level of the normal Systems Engineer / Architect CerTA FCS CPI is helping us explore this dimension 28
29 V&V Managers (VVMs) Boeing Certification Artifacts created throughout process Manual production very expensive E.g., every G&C requirement is implemented in the modelbased design VVMs automate this collection (n-1) Dev. Step VVM (n-1) Meta-data about implementation n th Dev. Step Executes on VVM n Results Certification Artifacts 29
30 MOMs and Boeing V&V Managers Time/Cost Reduced cost through Automation of V&V data collection Automation of V&V data package preparation V&V efficiencies with standardization of evidence packages Assurance Higher certification authority confidence in collected, assessed, and presented certification data Expertise (to use/apply) will enhance the effectiveness of Software and Quality Engineers 30
31 Summary CerTA FCS CPI has allowed for relevant experimentation Promising V&V technologies On a real UAV challenge problem design (Requirements, Model-Based Design, Autocode and Hand Code) The tools/technologies we are working with are showing promise of benefits to the development process for flight critical software subject to airworthiness certification Our evaluations are being fed back to the V&V tool development teams Scaling Usability Relevance to our domain Effectiveness analysis providing an initial look at value 31
32 Copyright Boeing. All rights reserved. 32
Complexity-Reducing Design Patterns for Cyber-Physical Systems. DARPA META Project. AADL Standards Meeting January 2011 Steven P.
Complexity-Reducing Design Patterns for Cyber-Physical Systems DARPA META Project AADL Standards Meeting 24-27 January 2011 Steven P. Miller Delivered to the Government in Accordance with Contract FA8650-10-C-7081
More informationSafety Assurance in Software Systems From Airplanes to Atoms
Safety Assurance in Software Systems From Airplanes to Atoms MDEP Conference on New Reactor Design Activities Session Digital I&C: Current & Emerging Technical Challenges September 07 Dr. Darren Cofer
More informationSimulation-based Test Management and Automation Sang-Ho Yoon Senior Application Engineer
1 Simulation-based Test Management and Automation Sang-Ho Yoon Senior Application Engineer 2016 The MathWorks, Inc. 2 Today s Agenda Verification Activities in MBD Simulation-Based Test Manage and Automate
More informationWHITE PAPER. 10 Reasons to Use Static Analysis for Embedded Software Development
WHITE PAPER 10 Reasons to Use Static Analysis for Embedded Software Development Overview Software is in everything. And in many embedded systems like flight control, medical devices, and powertrains, quality
More informationA Model-Based Reference Workflow for the Development of Safety-Related Software
A Model-Based Reference Workflow for the Development of Safety-Related Software 2010-01-2338 Published 10/19/2010 Michael Beine dspace GmbH Dirk Fleischer dspace Inc. Copyright 2010 SAE International ABSTRACT
More informationVerification, Validation, and Test with Model-Based Design
2008-01-2709 Verification, Validation, and Test with Model-Based Design Copyright 2008 The MathWorks, Inc Tom Erkkinen The MathWorks, Inc. Mirko Conrad The MathWorks, Inc. ABSTRACT Model-Based Design with
More informationTest and Evaluation of Autonomous Systems in a Model Based Engineering Context
Test and Evaluation of Autonomous Systems in a Model Based Engineering Context Raytheon Michael Nolan USAF AFRL Aaron Fifarek Jonathan Hoffman 3 March 2016 Copyright 2016. Unpublished Work. Raytheon Company.
More informationAutomating Best Practices to Improve Design Quality
Automating Best Practices to Improve Design Quality Adam Whitmill, Senior Application Engineer 2015 The MathWorks, Inc. 1 Growing Complexity of Embedded Systems Emergency Braking Body Control Module Voice
More information!"#$"%"& When can a UAV get smart with its operator, and say 'NO!'? Jerry Ding**, Jonathan Sprinkle*, Claire J. Tomlin**, S.
Arizona s First University. When can a UAV get smart with its operator, and say 'NO!'? Jerry Ding**, Jonathan Sprinkle*, Claire J. Tomlin**, S. Shankar Sastry**!"#$"%"&!"#"$"%"&"'"("$")"*""+",""-"."/"$","+"'"#"$".!"#"$"%"&"'"("$")"*""+",""-"."/"$","+"'"#"$".
More informationVerification and Validation of High-Integrity Systems
Verification and Validation of High-Integrity Systems Chethan CU, MathWorks Vaishnavi HR, MathWorks 2015 The MathWorks, Inc. 1 Growing Complexity of Embedded Systems Emergency Braking Body Control Module
More informationCertification Authorities Software Team (CAST) Position Paper CAST-25
Certification Authorities Software Team (CAST) Position Paper CAST-25 CONSIDERATIONS WHEN USING A QUALIFIABLE DEVELOPMENT ENVIRONMENT (QDE) IN CERTIFICATION PROJECTS COMPLETED SEPTEMBER 2005 (Rev 0) NOTE:
More informationVerification and Test with Model-Based Design
Verification and Test with Model-Based Design Flight Software Workshop 2015 Jay Abraham 2015 The MathWorks, Inc. 1 The software development process Develop, iterate and specify requirements Create high
More informationArchitecture-driven development of Climate Control Software LMS Imagine.Lab Embedded Software Designer Siemens DF PL
Architecture-driven development of Climate Control Software LMS Imagine.Lab Embedded Software Designer Siemens DF PL Restricted Siemens AG 2017 Realize innovation. Content 1 Overview 3 2 LMS Imagine.Lab
More informationGAIO. Solution. Corporate Profile / Product Catalog. Contact Information
GAIO Solution Corporate Profile / Product Catalog Contact Information GAIO TECHNOLOGY Headquarters Tennouzu First Tower 25F 2-2-4 Higashi-Shinagawa, Shinagawa-ku, Tokyo 140-0002 Japan Tel: +81-3-4455-4767
More informationComplex Signal Processing Verification under DO-254 Constraints by François Cerisier, AEDVICES Consulting
Complex Signal Processing Verification under DO-254 Constraints by François Cerisier, AEDVICES Consulting Building a complex signal processing function requires a deep understanding of the signal characteristics
More informationSoftware Verification and Validation (VIMMD052) Introduction. Istvan Majzik Budapest University of Technology and Economics
Software Verification and Validation (VIMMD052) Introduction Istvan Majzik majzik@mit.bme.hu Budapest University of Technology and Economics Dept. of Measurement and Information s Budapest University of
More informationFormal Methods and their role in Software and System Development. Riccardo Sisto, Politecnico di Torino
Formal Methods and their role in Software and System Development Riccardo Sisto, Politecnico di Torino What are Formal Methods? Rigorous (mathematical) methods for modelling and analysing (computer-based)
More informationModel-Based Design for High Integrity Software Development Mike Anthony Senior Application Engineer The MathWorks, Inc.
Model-Based Design for High Integrity Software Development Mike Anthony Senior Application Engineer The MathWorks, Inc. Tucson, AZ USA 2009 The MathWorks, Inc. Model-Based Design for High Integrity Software
More informationVerification and Validation
Verification and Validation Assuring that a software system meets a user's needs Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 19 Slide 1 Objectives To introduce software verification
More informationMixed Critical Architecture Requirements (MCAR)
Superior Products Through Innovation Approved for Public Release; distribution is unlimited. (PIRA AER200905019) Mixed Critical Architecture Requirements (MCAR) Copyright 2009 Lockheed Martin Corporation
More informationUNCLASSIFIED. R-1 Program Element (Number/Name) PE D8Z / Software Engineering Institute (SEI) Applied Research. Prior Years FY 2013 FY 2014
Exhibit R-2, RDT&E Budget Item Justification: PB 2015 Office of Secretary Of Defense Date: March 2014 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: COST ($ in Millions) Prior Years
More informationDon t Be the Developer Whose Rocket Crashes on Lift off LDRA Ltd
Don t Be the Developer Whose Rocket Crashes on Lift off 2015 LDRA Ltd Cost of Software Defects Consider the European Space Agency s Ariane 5 flight 501 on Tuesday, June 4 1996 Due to an error in the software
More informationChanging the way the world does software
Changing the way the world does software Automated Certification from Soup to Nuts Nick Tudor njt@drisq.com Introducing D-RisQ D-RisQ is a SME based in Malvern, UK. All personnel have a background in mathematics,
More informationLeveraging Formal Methods Based Software Verification to Prove Code Quality & Achieve MISRA compliance
Leveraging Formal Methods Based Software Verification to Prove Code Quality & Achieve MISRA compliance Prashant Mathapati Senior Application Engineer MATLAB EXPO 2013 The MathWorks, Inc. 1 The problem
More informationAutomatización de Métodos y Procesos para Mejorar la Calidad del Diseño
Automatización de Métodos y Procesos para Mejorar la Calidad del Diseño Luis López 2015 The MathWorks, Inc. 1 Growing Complexity of Embedded Systems Emergency Braking Body Control Module Voice Recognition
More informationMASP Chapter on Safety and Security
MASP Chapter on Safety and Security Daniel Watzenig Graz, Austria https://artemis.eu MASP Chapter on Safety & Security Daniel Watzenig daniel.watzenig@v2c2.at Francois Tuot francois.tuot@gemalto.com Antonio
More informationDevelopment and Deployment of ECU based Control Systems through MBD. Imperative role of Model based design in System Engineering
Development and Deployment of ECU based Control Systems through MBD Imperative role of Model based design in System Engineering Outline Scope of Work Problem Definition Solution System Engineering Model
More informationBy V-cubed Solutions, Inc. Page1. All rights reserved by V-cubed Solutions, Inc.
By V-cubed Solutions, Inc. Page1 Purpose of Document This document will demonstrate the efficacy of CODESCROLL CODE INSPECTOR, CONTROLLER TESTER, and QUALITYSCROLL COVER, which has been developed by V-cubed
More informationSimulink 모델과 C/C++ 코드에대한매스웍스의정형검증툴소개 The MathWorks, Inc. 1
Simulink 모델과 C/C++ 코드에대한매스웍스의정형검증툴소개 2012 The MathWorks, Inc. 1 Agenda Formal Verification Key concept Applications Verification of designs against (functional) requirements Design error detection Test
More informationWhat s New with the MATLAB and Simulink Product Families. Marta Wilczkowiak & Coorous Mohtadi Application Engineering Group
What s New with the MATLAB and Simulink Product Families Marta Wilczkowiak & Coorous Mohtadi Application Engineering Group 1 Area MATLAB Math, Statistics, and Optimization Application Deployment Parallel
More informationSimulink Verification and Validation
Simulink Verification and Validation Mark Walker MathWorks 7 th October 2014 2014 The MathWorks, Inc. 1 V Diagrams 3 When to Stop? A perfectly tested design would never be released Time spent on V&V is
More informationOntology Engineering for Product Development
Ontology Engineering for Product Development Henson Graves Lockheed Martin Aeronautics Company Fort Worth Texas, USA henson.graves@lmco.com Abstract. This analysis is to identify requirements for a Description
More informationComputer Science and Software Engineering University of Wisconsin - Platteville 9-Software Testing, Verification and Validation
Computer Science and Software Engineering University of Wisconsin - Platteville 9-Software Testing, Verification and Validation Yan Shi SE 2730 Lecture Notes Verification and Validation Verification: Are
More informationV&V: Model-based testing
V&V: Model-based testing Systems Engineering BSc Course Budapest University of Technology and Economics Department of Measurement and Information Systems Traceability Platform-based systems design Verification
More informationFault-Injection testing and code coverage measurement using Virtual Prototypes on the context of the ISO standard
Fault-Injection testing and code coverage measurement using Virtual Prototypes on the context of the ISO 26262 standard NMI Automotive Electronics Systems 2013 Event Victor Reyes Technical Marketing System
More informationDeriving safety requirements according to ISO for complex systems: How to avoid getting lost?
Deriving safety requirements according to ISO 26262 for complex systems: How to avoid getting lost? Thomas Frese, Ford-Werke GmbH, Köln; Denis Hatebur, ITESYS GmbH, Dortmund; Hans-Jörg Aryus, SystemA GmbH,
More informationVerification and Validation. Ian Sommerville 2004 Software Engineering, 7th edition. Chapter 22 Slide 1
Verification and Validation 1 Objectives To introduce software verification and validation and to discuss the distinction between them To describe the program inspection process and its role in V & V To
More informationModel-Based Design for Safety-Critical and Mission-Critical Applications Bill Potter Technical Marketing April 17, 2008
Model-Based Design for Safety-Critical and Mission-Critical Applications Bill Potter Technical Marketing April 17, 2008 2008 The MathWorks, Inc. Safety-Critical Model-Based Design Workflow Validate Trace:
More informationObjectives. Chapter 19. Verification vs. validation. Topics covered. Static and dynamic verification. The V&V process
Objectives Chapter 19 Verification and Validation Assuring that a software system meets a user s need are to introduce software verification and validation (V&V) and to discuss the distinction between
More informationTools for Formally Reasoning about Systems. June Prepared by Lucas Wagner
Tools for Formally Reasoning about Systems June 9 2015 Prepared by Lucas Wagner 2015 Rockwell 2015 Collins. Rockwell All Collins. rights reserved. All rights reserved. Complex systems are getting more
More informationBackground Project Purpose & Goals. SW Reliability Statistical Testing Model Based Specification and Testing
NDIA 8th Annual Systems Engineering Conference Automated Software Testing Increases Test Quality and Coverage Resulting in Improved Software Reliability. October 25, 2005 Frank Salvatore High Performance
More informationAF Life Cycle Management Center
AF Life Cycle Management Center AIRWORTHINESS & CORROSION PREVENTION & CONTROL 7 June 2017 Approved for public release; distribution is unlimited. Case Numbers: 88ABW-2016-5777 88ABW-2017-0851 88ABW-2017-2278
More informationautomatisiertensoftwaretests
FunktionaleSicherheitmit automatisiertensoftwaretests SOFTWARE CONSIDERATIONS IN AIRBORNE SYSTEMS AND EQUIPMENT CERTIFICAION RTCA DO-178B RTCA Dynamisch& Statisch 0 Agenda Übersicht über Sicherheitsstandards
More informationSystems Engineering and System Security Engineering Requirements Analysis and Trade-Off Roles and Responsibilities
Systems Engineering and System Security Engineering Requirements Analysis and Trade-Off Roles and Responsibilities Melinda Reed Office of the Deputy Assistant Secretary of Defense for Systems Engineering
More informationVolvo Car Group Jonn Lantz Agile by Models
Volvo Car Group Jonn Lantz Agile by Models Challenge Scaling agile model driven development of AUTOSAR embedded software. Lift the abstraction level of in-house development. Create reliable, automated
More informationTesting and Validation of Simulink Models with Reactis
Testing and Validation of Simulink Models with Reactis Build better embedded software faster. Generate tests from Simulink models. Detect runtime errors. Execute and debug Simulink models. Track coverage.
More informationFunctional Safety and Safety Standards: Challenges and Comparison of Solutions AA309
June 25th, 2007 Functional Safety and Safety Standards: Challenges and Comparison of Solutions AA309 Christopher Temple Automotive Systems Technology Manager Overview Functional Safety Basics Functional
More informationJay Abraham 1 MathWorks, Natick, MA, 01760
Jay Abraham 1 MathWorks, Natick, MA, 01760 Stringent performance requirements and shorter development cycles are driving the use of modeling and simulation. Model-Based Design core of this development
More informationDevelopment Guidance and Certification Considerations
Integrated Modular Avionics Development Guidance and Certification Considerations René L.C. Eveleens National Aerospace Laboratory NLR P.O. Box 90502 1006BM Amsterdam RTO SCI LS-176: Mission System Engineering
More informationLeveraging Formal Methods for Verifying Models and Embedded Code Prashant Mathapati Application Engineering Group
Leveraging Formal Methods for Verifying Models and Embedded Code Prashant Mathapati Application Engineering Group 2014 The MathWorks, Inc. 1 The Cost of Failure News reports: Recall Due to ECU software
More informationTesting! Prof. Leon Osterweil! CS 520/620! Spring 2013!
Testing Prof. Leon Osterweil CS 520/620 Spring 2013 Relations and Analysis A software product consists of A collection of (types of) artifacts Related to each other by myriad Relations The relations are
More informationAmerican Society for Quality
US Army BOSS Program Information Session American Society for Quality Choices and Challenges for the Future 10 September 2017 Certified Lean Six Sigma Black Belt Certified Change Management Advanced Practitioner
More informationCertified Software Quality Engineer Preparation On Demand, Web-Based Course Offered by The Westfall Team
Certified Software Quality Engineer (CSQE) Preparation course is an on demand, web-based course design to be a comprehensive, in-depth review of the topics in the ASQ s Certified Software Quality Engineer
More informationModel-based Architectural Verification & Validation
Model-based Architectural Verification & Validation Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Peter H Feiler Feb. 2009 2006 Carnegie Mellon University Outline Architecture-Centric
More informationAutomating Best Practices to Improve Design Quality
Automating Best Practices to Improve Design Quality 임베디드 SW 개발에서의품질확보방안 이제훈차장 2015 The MathWorks, Inc. 1 Key Takeaways Author, manage requirements in Simulink Early verification to find defects sooner
More informationSoftware Processes. Ian Sommerville 2006 Software Engineering, 8th edition. Chapter 4 Slide 1
Software Processes Ian Sommerville 2006 Software Engineering, 8th edition. Chapter 4 Slide 1 Objectives To introduce software process models To describe three generic process models and when they may be
More informationIntel Parallel Studio 2011
THE ULTIMATE ALL-IN-ONE PERFORMANCE TOOLKIT Studio 2011 Product Brief Studio 2011 Accelerate Development of Reliable, High-Performance Serial and Threaded Applications for Multicore Studio 2011 is a comprehensive
More informationJ2EE Application Development : Conversion and Beyond Osmond Ng
IBM Software Group J2EE Application Development : Conversion and Beyond Osmond Ng IBM Software Group Practitioner View Point IBM Rational Application Developer J2EE/EJB Tooling J2EE construction tools
More informationAir Force Materiel Command
Air Force Materiel Command Developing, Fielding, and Sustaining America s Aerospace Force High-Fidelity Physics- Based Modeling in Support of Test & Evaluation Dr. Ed Kraft AEDC/CZ NDIA M&S Conference
More informationTeam-Based Collaboration in Simulink
Team-Based Collaboration in Simulink Sonia Bridge 2015 The MathWorks, Inc. 1 Create tools that make it easy for teams to manage the full lifecycle of their Model-Based Design projects Collaborate Integrate
More informationVerification and Validation Introducing Simulink Design Verifier
Verification and Validation Introducing Simulink Design Verifier Goran Begic, Technical Marketing Goran.Begic@mathworks.com June 5, 2007 2007 The MathWorks, Inc. Agenda Verification and Validation in Model-Based
More informationImplementing a Modular Open Systems Approach (MOSA) to Achieve Acquisition Agility in Defense Acquisition Programs
Implementing a Modular Open Systems Approach (MOSA) to Achieve Acquisition Agility in Defense Acquisition Programs Philomena Zimmerman Office of the Deputy Assistant Secretary of Defense for Systems Engineering
More informationJust-In-Time Certification
Just-In-Time Certification John Rushby Computer Science Laboratory SRI International Menlo Park, California, USA John Rushby, SR I Just-In-Time Certification: 1 Certification Provides assurance that deploying
More informationSOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT
RSA ARCHER IT & SECURITY RISK MANAGEMENT INTRODUCTION Organizations battle growing security challenges by building layer upon layer of defenses: firewalls, antivirus, intrusion prevention systems, intrusion
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense Date: February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 2: COST ($ in Millions) Prior
More informationVirtual Hardware ECU How to Significantly Increase Your Testing Throughput!
Virtual Hardware ECU How to Significantly Increase Your Testing Throughput! Elektrobit Tech Day Jason Niatas Synopsys Inc. July 27, 2017 2017 Synopsys, Inc. 1 Agenda Automotive electronic evolution and
More informationSoftware Certification
1 What is certification? Why should we really need it? Who should carry out this activity? Where should we do such type of certification? Software Certification 2 Software Certification To whom should
More informationCMSC 435: Software Engineering Section 0201
CMSC 435: Software Engineering Section 0201 Atif M. Memon (atif@cs.umd.edu) 4115 A.V.Williams building Phone: 301-405-3071 Office hours Tu.Th. (11:00am-1:00pm) Don t wait, don t hesitate, do communicate!!
More informationDRYING CONTROL LOGIC DEVELOPMENT USING MODEL BASED DESIGN
DRYING CONTROL LOGIC DEVELOPMENT USING MODEL BASED DESIGN Problem Definition To generate and deploy automatic code for Drying Control Logics compatible with new SW architecture in 6 months using MBD, a
More informationGuidelines for deployment of MathWorks R2010a toolset within a DO-178B-compliant process
Guidelines for deployment of MathWorks R2010a toolset within a DO-178B-compliant process UK MathWorks Aerospace & Defence Industry Working Group Guidelines for deployment of MathWorks R2010a toolset within
More information3 August Software Safety and Security Best Practices A Case Study From Aerospace
3 August 2014 Software Safety and Security Best Practices A Case Study From Aerospace Agenda Introduction Why Aviation? ARINC 653 Real-time Linux on Xen (ARLX) Safety Artifacts for ARLX Security Artifacts
More informationVerification Planning to Functional Closure of Processor-Based SoCs 1 CADENCE DESIGN SYSTEMS, INC.
Verification Planning to Functional Closure of Processor-Based SoCs February 2006 DesignCon 2006 Andrew Piziali 1 CADENCE DESIGN SYSTEMS, INC. Overview Introduction The Design Under Verification Verification
More informationSimulator in the-loop Environment for Autocode Verification
dspace User Conference 2012 India Sept 14 th 2012 Simulator in the-loop Environment for Autocode Verification Girish Palan, Pavan K S, Rajani S R Electronics and Safety, Delphi Technical Centre, India
More informationIan Sommerville 2006 Software Engineering, 8th edition. Chapter 22 Slide 1
Verification and Validation Slide 1 Objectives To introduce software verification and validation and to discuss the distinction between them To describe the program inspection process and its role in V
More informationInvestigation of System Timing Concerns in Embedded Systems: Tool-based Analysis of AADL Models
Investigation of System Timing Concerns in Embedded Systems: Tool-based Analysis of AADL Models Peter Feiler Software Engineering Institute phf@sei.cmu.edu 412-268-7790 2004 by Carnegie Mellon University
More informationAccelerate Your Enterprise Private Cloud Initiative
Cisco Cloud Comprehensive, enterprise cloud enablement services help you realize a secure, agile, and highly automated infrastructure-as-a-service (IaaS) environment for cost-effective, rapid IT service
More informationAerospace Software Engineering
16.35 Aerospace Software Engineering Verification & Validation Prof. Kristina Lundqvist Dept. of Aero/Astro, MIT Would You...... trust a completely-automated nuclear power plant?... trust a completely-automated
More informationAutomatic Code Generation Technology Adoption Lessons Learned from Commercial Vehicle Case Studies
08AE-22 Automatic Code Generation Technology Adoption Lessons Learned from Commercial Vehicle Case Studies Copyright 2007 The MathWorks, Inc Tom Erkkinen The MathWorks, Inc. Scott Breiner John Deere ABSTRACT
More informationData Verification and Validation (V&V) for New Simulations
Data Verification and Validation (V&V) for New Simulations RPG Special Topic 9/15/06 1 Table of Contents Introduction 1 Data V&V Activities During M&S Development 1 Determine M&S Requirements Phase 2 V&V
More informationFUNCTIONAL SAFETY CERTIFICATE
FUNCTIONAL SAFETY CERTIFICATE This is to certify that the GSS (GSA******-*) Series Global Safety Limit Switch Manufactured by Honeywell International Inc. 315 East Stephenson Street, Freeport, Illinois,
More informationImplementation and Verification Daniel MARTINS Application Engineer MathWorks
Implementation and Verification Daniel MARTINS Application Engineer MathWorks Daniel.Martins@mathworks.fr 2014 The MathWorks, Inc. 1 Agenda Benefits of Model-Based Design Verification at Model level Code
More informationCertification Requirements for High Assurance Systems
for High Assurance Systems Gordon M. Uchenick Senior Mentor/Principal Engineer Objective Interface Systems, Inc. and W. Mark Vanfleet Senior Cryptologic Mathematician/ Senior INFOSEC Analyst National Security
More informationStackAnalyzer Proving the Absence of Stack Overflows
StackAnalyzer Proving the Absence of Stack Overflows AbsInt GmbH 2012 2 Functional Safety Demonstration of functional correctness Well-defined criteria Automated and/or model-based testing Formal techniques:
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Network Mapping The Network Mapping helps visualize the network and understand relationships and connectivity between
More informationAddressing Verification Bottlenecks of Fully Synthesized Processor Cores using Equivalence Checkers
Addressing Verification Bottlenecks of Fully Synthesized Processor Cores using Equivalence Checkers Subash Chandar G (g-chandar1@ti.com), Vaideeswaran S (vaidee@ti.com) DSP Design, Texas Instruments India
More informationDesign Process. Design : specify and enter the design intent. Verify: Implement: verify the correctness of design and implementation
Design Verification 1 Design Process Design : specify and enter the design intent Verify: verify the correctness of design and implementation Implement: refine the design through all phases Kurt Keutzer
More informationAdvanced Software Engineering: Software Testing
Advanced Software Engineering: Software Testing COMP 3705(L4) Sada Narayanappa Anneliese Andrews Thomas Thelin Carina Andersson Web: http://www.megadatasys.com Assisted with templates News & Project News
More informationDeveloping AUTOSAR Compliant Embedded Software Senior Application Engineer Sang-Ho Yoon
Developing AUTOSAR Compliant Embedded Software Senior Application Engineer Sang-Ho Yoon 2015 The MathWorks, Inc. 1 Agenda AUTOSAR Compliant Code Generation AUTOSAR Workflows Starting from Software Component
More informationFor presentation at the Fourth Software Engineering Institute (SEI) Software Architecture Technology User Network (SATURN) Workshop.
For presentation at the Fourth Software Engineering Institute (SEI) Software Architecture Technology User Network (SATURN) Workshop. The authors can be reached at cb@mitre.org or ioannis @Mitre.org. In
More informationWIND RIVER DIAB COMPILER
AN INTEL COMPANY WIND RIVER DIAB COMPILER Boost application performance, reduce memory footprint, and produce high-quality, standards-compliant object code for embedded systems with Wind River Diab Compiler.
More informationVerification Overview Testing Theory and Principles Testing in Practice. Verification. Miaoqing Huang University of Arkansas 1 / 80
1 / 80 Verification Miaoqing Huang University of Arkansas Outline 1 Verification Overview 2 Testing Theory and Principles Theoretical Foundations of Testing Empirical Testing Principles 3 Testing in Practice
More informationStatic Analysis in C/C++ code with Polyspace
1 Static Analysis in C/C++ code with Polyspace Yongchool Ryu Application Engineer gary.ryu@mathworks.com 2016 The MathWorks, Inc. 2 Agenda Efficient way to find problems in Software Category of Static
More informationTool Qualification Plan for Testwell CTC++
Tool Qualification Plan for Testwell CTC++ Version: 0.8 Date: 2014-11-17 Status: Author: File: Size: Generic / Adapted / Presented / Generated / Reviewed / Final Dr. Martin Wildmoser, Dr. Oscar Slotosch
More informationCoverity Static Analysis Support for MISRA Coding Standards
Coverity Static Analysis Support for MISRA Coding Standards Fully ensure the safety, reliability, and security of software written in C and C++ Overview Software is eating the world. Industries that have
More informationA Multi-Modal Composability Framework for Cyber-Physical Systems
S5 Symposium June 12, 2012 A Multi-Modal Composability Framework for Cyber-Physical Systems Linh Thi Xuan Phan Insup Lee PRECISE Center University of Pennsylvania Avionics, Automotive Medical Devices Cyber-physical
More informationReuse MATLAB Functions and Simulink Models in UVM Environments with Automatic SystemVerilog DPI Component Generation
Reuse MATLAB Functions and Simulink Models in UVM Environments with Automatic SystemVerilog DPI Component Generation by Tao Jia, HDL Verifier Development Lead, and Jack Erickson, HDL Product Marketing
More informationAddressing Future Challenges in the Development of Safe and Secure Software Components The MathWorks, Inc. 1
Addressing Future Challenges in the Development of Safe and Secure Software Components 2016 The MathWorks, Inc. 1 Cybersecurity Emerging Topic in the Auto Industry Vehicle-to-Infrastructure Wifi Hotspot
More informationSOFTWARE LIFE-CYCLE MODELS 2.1
SOFTWARE LIFE-CYCLE MODELS 2.1 Outline Software development in theory and practice Software life-cycle models Comparison of life-cycle models 2.2 Software Development in Theory Ideally, software is developed
More informationFinal Presentation AUTOCOGEQ GMV, 2017 Property of GMV All rights reserved UNCLASSIFIED INFORMATION
@ESTEC GMV, 2017 Property of GMV All rights reserved UNCLASSIFIED INFORMATION El presente documento está clasificado como "GMV-XXXX". Esta clasificación habilita a su receptor al uso de la información
More informationPart 5. Verification and Validation
Software Engineering Part 5. Verification and Validation - Verification and Validation - Software Testing Ver. 1.7 This lecture note is based on materials from Ian Sommerville 2006. Anyone can use this
More information