Contract-based design, model checking, and model-based safety assessment
|
|
|
- Mercy Garrison
- 6 years ago
- Views:
Transcription
1 Contract-based design, model checking, and model-based safety assessment An integrated view Alessandro Cimatti Fondazione Bruno Kessler, Trento, Italy
2 Take away message Beyond model checking: new generation of verification techniques Tools integrated into structured flow May provide novel support for CPSoS design challenges From model checking to Contract-based design architectural decomposition + refinement of requirements Safety analysis Extend nominal model to include faulty behaviours Fault Tree construction: detect all fault combinations causing loss of desirable property October 6, 2015 Artemis Tech Conference, Torino, Italy 2
3 From architectural decomposition to contract-based design Hierarchical decomposition Component to subcomponents Implementation of leaf components Component associated with contracts Assumptions / guarantees Temporal logic Contracts refinement Contract ensured by contract of subcomponents Correct implementations ensure correctness of composition October 6, 2015 Artemis Tech Conference, Torino, Italy 3 D D B A E E C C
4 Model-based safety assessment Safety assessment Analyze behaviour of system under faults Artifacts: Fault Trees, FMEA tables Qualitative and quantitative arguments October 6, 2015 Model-based Safety Assessment Extend nominal model with faults Symbolic fault injection Valve stuck open, stuck closed, Analyze extended model Automated production of FT Artemis Tech Conference, Torino, Italy 4
5 Formal Verification, Validation, and Safety Assessment Model Checking Verification & Validation Safety Assessment October 6, 2015 Artemis Tech Conference, Torino, Italy 7
6 Formal Verification, Validation, and Safety Assessment Model Checking Fault Injection Verification & Validation Safety Assessment October 6, 2015 Artemis Tech Conference, Torino, Italy 8
7 Formal Verification, Validation, and Safety Assessment Model Checking Fault Injection Model-Based Safety Assessment Verification & Validation Safety Assessment October 6, 2015 Artemis Tech Conference, Torino, Italy 9
8 Monolithic Compositional Formal Verification, Validation, and Safety Assessment Model Checking Fault Injection Model-Based Safety Assessment Verification & Validation Safety Assessment October 6, 2015 Artemis Tech Conference, Torino, Italy 10
9 Monolithic Compositional Formal Verification, Validation, and Safety Contract-Based Design Assessment ABC AB C A B Model Checking Fault Injection Model-Based Safety Assessment Verification & Validation Safety Assessment October 6, 2015 Artemis Tech Conference, Torino, Italy 11
10 Monolithic Compositional Formal Verification, Validation, and Safety Assessment Contract-Based Design Contract-Based Fault Injection ABC ABC ABC AB C AB C AB C A B A B A B Model Checking Fault Injection Model-Based Safety Assessment Verification & Validation Safety Assessment October 6, 2015 Artemis Tech Conference, Torino, Italy 12
11 Monolithic Compositional Formal Verification, Validation, and Safety Assessment Contract-Based Design Contract-Based Fault Injection Contract-Based Safety Assessment ABC ABC ABC ABC Failure of ABC AB C AB C AB C AB C Failure of AB Failure of C A B A B A B A B Failure of A Failure of B Model Checking Fault Injection Model-Based Safety Assessment Verification & Validation Safety Assessment October 6, 2015 Artemis Tech Conference, Torino, Italy 13
12 Tool chain Infinite-state transition systems The OCRA tool for contract-based design The numv model checker The xsap platform for safety analysis Hybrid systems HyCOMP as a model checker October 6, 2015 Artemis Tech Conference, Torino, Italy 14
13 A Wheel Brake System Control brake for aircraft wheels Redundancy Multiple BCSU Hydraulic plants Functions Asymmetrical braking Antiskid Single wheel/coupled depending on control mode
14 Applications Joint project with Boeing on MBSA Formal Design and Safety Analysis of AIR6110 Wheel Brake System [CAV 15] Adopted in NASA project on analysis of NextGen Comparing Different Functional Allocations in Automated Air Traffic Control Design [FMCAD 15] The COMPASS tool chain AADL modeling language Several projects funded by the European Space Agency Specific design technique for FDIR October 6, 2015 Artemis Tech Conference, Torino, Italy 16
15 Automated Formal Analysis of Architectures for Reliability
16 Architectures for Reliability Power System Example in a perfect world in the real world + - System
17 In 1996 (PFC 777 Paper): Automated Analysis of Architectures for Reliability Current techniques: M. Hamamatsu, T. Tsuchiya, and T. Kikuno, On the reliability of cascaded TMR systems PRDC, 2010 T. Lanfang, T. Qingping, and L. Jianli, Specification and verification of the triple-modular redundancy fault tolerant system using CSP DEPEND 2011 M. Bozzano, A. Cimatti, and C. Mattarei Automated Analysis of Reliability Architectures, ICECCS 2013 M. Bozzano, A. Cimatti, and C. Mattarei Efficient Analysis of Reliability Architectures via Predicate Abstraction, HVC 2013
18 Automated Analysis of Architectures for Reliability Inputs Outputs Formal Model (of a Real Architecture) Faults
19 Automated Analysis of Architectures for Reliability Inputs Outputs Formal Model (of a Real Architecture) Faults Inputs Outputs Formal Model (of a Real Architecture) Faults
20 Automated Analysis of Architectures for Reliability Inputs Outputs Formal Model (Reference) Inputs FALSE Faults Outputs Formal Model (Faulty) Faults
21 Automated Analysis of Architectures for Reliability Inputs Outputs Formal Model (Reference) FALSE Outputs Formal Model (Faulty) Faults
22 Automated Analysis of Architectures for Reliability Inputs Formal Model (Reference) = Outputs FALSE = Formal Model (Faulty) = Faults
23 Automated Analysis of Architectures for Reliability Inputs Formal Model (Reference) = Outputs FALSE = Formal Model (Faulty) = Faults
24 Automated Analysis of Architectures for Reliability Inputs Formal Model (Reference) = Outputs FALSE = Formal Model (Faulty) = Faults Miter Composition
25 Miter composition: Formal Safety Assessment Inputs Outputs Formal Model (Miter composition) Faults?? All assignments to Faults such that At least one output = FALSE All but one output = FALSE At least two outputs = TRUE
26 Formal Safety Assessment: Possible Artifacts Fault Tree
27 Formal Safety Assessment: Possible Artifacts Fault Tree Reliability Function
28 Triple-Triple Redundant 777 PFC Y.C. (Bob) Yeh, AAC 1996
29 Conclusions and Perspective Conclusions New generation of verification techniques Tools integrated into comprehensive process Production of interesting artifacts from unique model Perspectives Support to design space exploration Design space as parameterized system Comparison based on safety artifacts More fine grained Analysis of reliability architectures October 6, 2015 Artemis Tech Conference, Torino, Italy 32
Scalable Safety and Reliability Analysis via Symbolic Model Checking: Theory and Applications. Cristian Mattarei
DEPARTMENT OF INFORMATION ENGINEERING AND COMPUTER SCIENCE ICT International Doctoral School Scalable Safety and Reliability Analysis via Symbolic Model Checking: Theory and Applications Cristian Mattarei
COMPASS GRAPHICAL MODELLER
COMPASS GRAPHICAL MODELLER Viet Yen Nguyen Software Modelling and Verification Group RWTH Aachen University Final Presentation Days, April 2012, ESTEC Christian Dehnert, Joost-Pieter Katoen, Thomas Noll
System-Software Co-Engineering: Dependability and Safety Perspective
System-Software Co-Engineering: Dependability and Safety Perspective Y. Yushtein, M. Bozzano, A. Cimatti, J.-P. Katoen, V.Y. Nguyen, Th. Noll, X. Olive, M. Roveri Systems, Software & Technology Department,
FAME PROCESS: A DEDICATED DEVELOPMENT AND V&V PROCESS FOR FDIR
FAME PROCESS: A DEDICATED DEVELOPMENT AND V&V PROCESS FOR FDIR Andrea Guiotto (1), Regis De Ferluc (2), Marco Bozzano (3), Alessandro Cimatti (3), Marco Gario (3) Yuri Yushtein (4) (1) Thales Alenia Space
Formal Verification and Validation of AADL Models
Formal Verification and Validation of AADL Models M. Bozzano 2, R. Cavada 2, A. Cimatti 2, J.-P. Katoen 1, V.Y. Nguyen 1, T. Noll 1, X. Olive 3 1 Software Modeling and Verification Group, RWTH Aachen University,
AUTOMATED GENERATION OF FDIR FOR THE COMPASS INTEGRATED TOOLSET (AUTOGEF)
AUTOMATED GENERATION OF FDIR FOR THE COMPASS INTEGRATED TOOLSET (AUTOGEF) (1) Elena Alaña, Héctor Naranjo, (2) Yuri Yushtein, (3) Marco Bozzano, Alessandro Cimatti, Marco Gario, (4) Régis de Ferluc, Gérard
COMPASS. COMPASS Tutorial. Correctness, Modeling, and Performance of Aerospace Systems. Version 3.0
COMPASS Correctness, Modeling, and Performance of Aerospace Systems COMPASS Tutorial Version 3.0 Prepared by Fondazione Bruno Kessler RWTH Aachen University Contents 1 Introduction 3 2 Terminology 4 3
Test and Evaluation of Autonomous Systems in a Model Based Engineering Context
Test and Evaluation of Autonomous Systems in a Model Based Engineering Context Raytheon Michael Nolan USAF AFRL Aaron Fifarek Jonathan Hoffman 3 March 2016 Copyright 2016. Unpublished Work. Raytheon Company.
Knowledge-based Systems for Industrial Applications
Knowledge-based Systems for Industrial Applications 1 The Topic 2 Tasks Goal: Overview of different tasks Systematic and formal characterization as a requirement for theory and implementation Script: Chap.
Towards Trustworthy Aerospace Systems: An Experience Report
Joost-Pieter Katoen 1/48 Towards Trustworthy Aerospace Systems: An Experience Report Joost-Pieter Katoen Software Modeling and Verification Group RWTH Aachen University Invited Talk at Formal Methods in
An Integrated Process for FDIR Design in Aerospace
An Integrated Process for FDIR Design in Aerospace Benjamin Bittner 1, Marco Bozzano 1, Alessandro Cimatti 1, Regis De Ferluc 2, Marco Gario 1, Andrea Guiotto 3, and Yuri Yushtein 4 1 Fondazione Bruno
Combining MILS with Contract-Based Design for Safety and Security Requirements
Combining MILS with Contract-Based Design for Safety and Security Requirements Alessandro Cimatti 1, Rance DeLong 2, Davide Marcantonio 1, and Stefano Tonetta 1 1 FBK-irst {cimatti,marcantonio,tonettas}@fbk.eu
Safety Assessment of AltaRica models via Symbolic Model Checking
Safety Assessment of AltaRica models via Symbolic Model Checking Marco Bozzano a, Alessandro Cimatti a, Oleg Lisagor b, Cristian Mattarei a, Sergio Mover a, Marco Roveri a, Stefano Tonetta a a Fondazione
COMPASS: FORMAL METHODS FOR SYSTEM-SOFTWARE CO-ENGINEERING
COMPASS: FORMAL METHODS FOR SYSTEM-SOFTWARE CO-ENGINEERING Viet Yen Nguyen Lehrstuhl für Informatik 2, RWTH Aachen University nguyen@cs.rwth-aachen.de Technology Innovation Days, ESA/ESTEC, 2011 ABOUT
ExCuSe A Method for the Model-Based Safety Assessment of Simulink and Stateflow Models
ExCuSe A Method for the Model-Based Safety Assessment of Simulink and Stateflow Models MATLAB Expo 2018 2018-06-26 München Julian Rhein 1 Outline Introduction Property Proving Application to Safety Assessment
Tools for Formally Reasoning about Systems. June Prepared by Lucas Wagner
Tools for Formally Reasoning about Systems June 9 2015 Prepared by Lucas Wagner 2015 Rockwell 2015 Collins. Rockwell All Collins. rights reserved. All rights reserved. Complex systems are getting more
A Symbolic Model Checking Approach to On-Board Autonomy
AAAI 2011 Workshop on Generalized Planning Artificial Alessandro Cimatti A Symbolic Model Checking Approach to On-Board Autonomy Alessandro Cimatti Embedded System Unit Fondazione Bruno Kessler Trento,
Model-based System Engineering for Fault Tree Generation and Analysis
Model-based System Engineering for Fault Tree Generation and Analysis Nataliya Yakymets, Hadi Jaber, Agnes Lanusse CEA Saclay Nano-INNOV, Institut CARNOT CEA LIST, DILS, 91 191 Gif sur Yvette CEDEX, Saclay,
Symbolic Synthesis of Observability Requirements for Diagnosability
Symbolic Synthesis of Observability Requirements for Diagnosability B. Bittner 1,2 M.Bozzano 2 A. Cimatti 2 X. Olive 3 1 University of Amsterdam, Science Park 904, 1098XH Amsterdam, The Netherlands bittner@science.uva.nl
Boeing 777. Boeing 777. Paper: Triple-Triple Redundant 777 Primary Flight Computer. Primary Flight Control Surfaces
u Primary Flight Computer Paper: Triple-Triple Redundant 777 Primary Flight Computer» Y.C. Yeh» 1996 IEEE Aerospace Applications Conference» pg 293-307 2003 A.W. Krings Page: 1 Primary Flight Control Surfaces
SCADE S E M I N A R I N S O F T W A R E E N G I N E E R I N G P R E S E N T E R A V N E R B A R R
SCADE 1 S E M I N A R I N S O F T W A R E E N G I N E E R I N G P R E S E N T E R A V N E R B A R R What is SCADE? Introduction 2 Software Critical Application Development Environment, a Lustrebased IDE
A Framework for the Formal Verification of Time-Triggered Systems
A Framework for the Formal Verification of Time-Triggered Systems Lee Pike leepike@galois.com Indiana University, Bloomington Department of Computer Science Advisor: Prof. Steven D. Johnson December 12,
CIS 890: High-Assurance Systems
CIS 890: High-Assurance Systems Hazard Analysis Lecture: Error Modeling Annex Version 2 - Introduction Copyright 2016, John Hatcliff, Hariharan Thiagarajan. The syllabus and all lectures for this course
OCRA: Othello Contracts Refinement Analysis Version 1.3
OCRA: Othello Contracts Refinement Analysis Version 1.3 Alessandro Cimatti, Michele Dorigatti, Stefano Tonetta Abstract Contract-based design enriches a component model with properties structured in pairs
SySTEMA. SYstem & Safety Tool for Executing Model-based Analyses
SySTEMA SYstem & Safety Tool for Executing Model-based Analyses Alessio Costantini, Fancesco Inglima, Rodolfo Mazzei, Sergio Di Ponzio System Engineering Local Expertise Center ALTRAN ITALY alessio.costantini@altran.com,
FlexRay International Workshop. FAN analysis
FlexRay International Workshop 16 th and 17 th April, 2002 Munich FAN analysis Dipl. Inf. Jens Lisner - University of Essen Project FAN - Goals Verify the design of FlexRay in particular: countermeasures
Deriving safety requirements according to ISO for complex systems: How to avoid getting lost?
Deriving safety requirements according to ISO 26262 for complex systems: How to avoid getting lost? Thomas Frese, Ford-Werke GmbH, Köln; Denis Hatebur, ITESYS GmbH, Dortmund; Hans-Jörg Aryus, SystemA GmbH,
Model checking Hybrid Systems via Satisfiability Modulo Theories
Model checking Hybrid Systems via Satisfiability Modulo Theories Alessandro Cimatti Embedded System Unit Fondazione Bruno Kessler Trento, Italy cimatti@fbk.eu Joint work with Andrea Micheli, Sergio Mover,
Strong and Weak Contract Formalism for Third-Party Component Reuse
Strong and Weak Contract Formalism for Third-Party Component Reuse Irfan Sljivo, Barbara Gallina, Jan Carlson, Hans Hansson Mälardalen Real-Time Research Centre, Mälardalen University, Västerås, Sweden
Interoperability in Aerospace Public Use Case of CRYSTAL project
Interoperability in Aerospace Public Use Case of CRYSTAL project December 3 rd, 2013. Francesco Brunetti, Politecnico di Torino Summary CRYSTAL Overview; CRYSTAL WP2.08: Public Use Case; Public Use Case,
Safety and Reliability of Software-Controlled Systems Part 14: Fault mitigation
Safety and Reliability of Software-Controlled Systems Part 14: Fault mitigation Prof. Dr.-Ing. Stefan Kowalewski Chair Informatik 11, Embedded Software Laboratory RWTH Aachen University Summer Semester
What are Embedded Systems? Lecture 1 Introduction to Embedded Systems & Software
What are Embedded Systems? 1 Lecture 1 Introduction to Embedded Systems & Software Roopa Rangaswami October 9, 2002 Embedded systems are computer systems that monitor, respond to, or control an external
ON-LINE QUALITATIVE MODEL-BASED DIAGNOSIS OF TECHNOLOGICAL SYSTEMS USING COLORED PETRI NETS
ON-LINE QUALITATIVE MODEL-BASED DIAGNOSIS OF TECHNOLOGICAL SYSTEMS USING COLORED PETRI NETS Adrien Leitold 1 Miklós Gerzson 2 Anna I. Pózna 2 and Katalin M. Hangos 2,3 1 Department of Mathematics 3 Process
From Design Contracts to Component Requirements Verification
From Design Contracts to Component Requirements Verification Jing (Janet) Liu, John D. Backes, Darren Cofer, and Andrew Gacek Advanced Technology Center, Rockwell Collins {jing.liu,john.backes,darren.cofer,andrew.gacek}@rockwellcollins.com
Introduction to Formal Methods
2008 Spring Software Special Development 1 Introduction to Formal Methods Part I : Formal Specification i JUNBEOM YOO jbyoo@knokuk.ac.kr Reference AS Specifier s Introduction to Formal lmethods Jeannette
AADL Fault Modeling and Analysis Within an ARP4761 Safety Assessment
AADL Fault Modeling and Analysis Within an ARP4761 Safety Assessment Julien Delange Peter Feiler David P. Gluch John Hudak October 2014 TECHNICAL REPORT CMU/SEI-2014-TR-020 Software Solutions Division
Issues in Programming Language Design for Embedded RT Systems
CSE 237B Fall 2009 Issues in Programming Language Design for Embedded RT Systems Reliability and Fault Tolerance Exceptions and Exception Handling Rajesh Gupta University of California, San Diego ES Characteristics
DIVERSITY TG Automatic Test Case Generation from Matlab/Simulink models. Diane Bahrami, Alain Faivre, Arnault Lapitre
DIVERSITY TG Automatic Test Case Generation from Matlab/Simulink models Diane Bahrami, Alain Faivre, Arnault Lapitre CEA, LIST, Laboratory of Model Driven Engineering for Embedded Systems (LISE), Point
A Property-Based Proof System for Contract-Based Design
A Property-Based Proof System for Contract-Based Design Alessandro Cimatti Fondazione Bruno Kessler Email: cimatti@fbk.eu Stefano Tonetta Fondazione Bruno Kessler Email: tonettas@fbk.eu Abstract Contract-based
Efficient Anytime Techniques for Model-Based Safety Analysis
Efficient Anytime Techniques for Model-Based Safety Analysis Marco Bozzano, Alessandro Cimatti, Alberto Griggio, and Cristian Mattarei Fondazione Bruno Kessler, Trento, Italy Abstract. Safety analysis
Modelling of PnP Weapon Systems with AADL Protocol Behaviour
Modelling of PnP Weapon Systems with AADL Protocol Behaviour A. Windisch and H. Schlatt EADS, Systems Engineering 81663 Munich, Germany Contents Introduction Notational Issues and Modelling Approach The
AADL Requirements Annex Review
Dominique Blouin Lab-STICC Université de Bretagne-Occidentale Université de Bretagne-Sud Bretagne, France 1 AADL Standards Meeting, April 23 th, 2013 Agenda Comments from Annex Document Review Motivations
Verification of Fault-Tolerant Protocols with Sally
Verification of Fault-Tolerant Protocols with Sally Bruno Dutertre, Dejan Jovanović, and Jorge A. Navas Computer Science Laboratory, SRI International Abstract. Sally is a model checker for infinite-state
CDA 5140 Software Fault-tolerance. - however, reliability of the overall system is actually a product of the hardware, software, and human reliability
CDA 5140 Software Fault-tolerance - so far have looked at reliability as hardware reliability - however, reliability of the overall system is actually a product of the hardware, software, and human reliability
A Comprehensive Approach to On-Board Autonomy Verification and Validation
Proceedings of the Twenty-Second International Joint Conference on Artificial Intelligence A Comprehensive Approach to On-Board Autonomy Verification and Validation M. Bozzano, A. Cimatti, M. Roveri, A.
Complexity-Reducing Design Patterns for Cyber-Physical Systems. DARPA META Project. AADL Standards Meeting January 2011 Steven P.
Complexity-Reducing Design Patterns for Cyber-Physical Systems DARPA META Project AADL Standards Meeting 24-27 January 2011 Steven P. Miller Delivered to the Government in Accordance with Contract FA8650-10-C-7081
Model-Based Safety Approach for Early Validation of Integrated and Modular Avionics Architectures
Model-Based Safety Approach for Early Validation of Integrated and Modular Avionics Architectures Marion Morel THALES AVIONICS S.A.S., 31036 Toulouse, France marion.morel@fr.thalesgroup.com Abstract. Increasing
Modular Verification of Web Services Using Efficient Symbolic Encoding and Summarization
Modular Verification of Web Services Using Efficient Symbolic Encoding and Summarization Fang Yu joint work with: Chao Wang, Aarti Gupta and Tevfik Bultan University of California, Santa Barbara and NEC
A Modal Specification Approach for Assuring the Safety of On-Demand Medical Cyber-Physical Systems
A Modal Specification Approach for Assuring the Safety of On-Demand Medical Cyber-Physical Systems Lu Feng PRECISE Center Department of Computer and Information Science University of Pennsylvania lufeng@cis.upenn.edu
Distributed Systems Programming (F21DS1) Formal Verification
Distributed Systems Programming (F21DS1) Formal Verification Andrew Ireland Department of Computer Science School of Mathematical and Computer Sciences Heriot-Watt University Edinburgh Overview Focus on
Parnas Tables: A Practical Formalism. Joanne M. Atlee Department of Computer Science University of Waterloo
Parnas Tables: A Practical Formalism Joanne M. Atlee Department of Computer Science University of Waterloo Critical Software Medical Devices Transportation Telecommunications Automated Manufacturing Software
From MDD back to basic: Building DRE systems
From MDD back to basic: Building DRE systems, ENST MDx in software engineering Models are everywhere in engineering, and now in software engineering MD[A, D, E] aims at easing the construction of systems
An Information Model for High-Integrity Real Time Systems
An Information Model for High-Integrity Real Time Systems Alek Radjenovic, Richard Paige, Philippa Conmy, Malcolm Wallace, and John McDermid High-Integrity Systems Group, Department of Computer Science,
VLSI Testing. Virendra Singh. Bangalore E0 286: Test & Verification of SoC Design Lecture - 7. Jan 27,
VLSI Testing Fault Simulation Virendra Singh Indian Institute t of Science Bangalore virendra@computer.org E 286: Test & Verification of SoC Design Lecture - 7 Jan 27, 2 E-286@SERC Fault Simulation Jan
Control of Brushless DC Motor with Static Redundancy for Force Feedback in Steer-by-Wire Applications
icc 2005 CAN in Automation Control of Brushless DC Motor with Static Redundancy for Force Feedback in Steer-by-Wire Applications Alessandro Bertacchini, Luca Tamagnini, Matteo Mistrorigo, Paolo Pavan,
these developments has been in the field of formal methods. Such methods, typically given by a
PCX: A Translation Tool from PROMELA/Spin to the C-Based Stochastic Petri et Language Abstract: Stochastic Petri ets (SPs) are a graphical tool for the formal description of systems with the features of
CprE 458/558: Real-Time Systems. Lecture 17 Fault-tolerant design techniques
: Real-Time Systems Lecture 17 Fault-tolerant design techniques Fault Tolerant Strategies Fault tolerance in computer system is achieved through redundancy in hardware, software, information, and/or computations.
The FSAP/NuSMV-SA Safety Analysis Platform
Software Tools for Technology Transfer manuscript No. (will be inserted by the editor) The FSAP/NuSMV-SA Safety Analysis Platform Marco Bozzano, Adolfo Villafiorita ITC-IRST, Via Sommarive 18, 38050 Trento,
The role of functional decomposition
The role of functional decomposition Jon Bell Doc. ref. SD/TR/FR/10: July 27, 2004 Abstract Hierarchical decomposition of function is already a feature of the language used for interpretation of simulation
KRATOS A Software Model Checker for SystemC
KRATOS A Software Model Checker for SystemC A. Cimatti, A. Griggio, A. Micheli, I. Narasamdya, and M. Roveri Fondazione Bruno Kessler Irst {cimatti,griggio,amicheli,narasamdya,roveri}@fbk.eu Abstract.
MTAT : Software Testing
MTAT.03.159: Software Testing Lecture 03: White-Box Testing (Textbook Ch. 5) Spring 2013 Dietmar Pfahl email: dietmar.pfahl@ut.ee Lecture Chapter 5 White-box testing techniques (Lab 3) Structure of Lecture
Towards SpaceWire Plug-And-Play ECSS Standard
Towards SpaceWire Plug-And-Play ECSS Standard David Jameux SpaceWire 2011, San Antonio (TX), USA 08/11/2011 Background 1. SpaceWire: a. initiated by ESA b. allows embarking high speed data networks on
IronFleet. Dmitry Bondarenko, Yixuan Chen
IronFleet Dmitry Bondarenko, Yixuan Chen A short survey How many people have the confidence that your Paxos implementation has no bug? How many people have proved that the implementation is correct? Why
Dependability. IC Life Cycle
Dependability Alberto Bosio, Associate Professor UM Microelectronic Departement bosio@lirmm.fr IC Life Cycle User s Requirements Design Re-Cycling In-field Operation Production 2 1 IC Life Cycle User s
Adding Formal Requirements Modeling to SysML
Adding Formal Requirements Modeling to SysML Mark R. Blackburn www.markblackburn.com Abstract. This paper seeks to raise awareness on the SCR extensions derived from industry use, and discusses how an
AUTAS: a tool for supporting FMECA generation in aeronautic systems
AUTAS: a tool for supporting FMECA generation in aeronautic systems Claudia Picardi 1, Luca Console 1, Frederic Berger 2, Jan Breeman 3, Tony Kanakis 3, Jeroen Moelands 3 Stephan Collas 4, Emmanuel Arbaretier
Modelling & Simulation of Complex Socio-Cyber- Physical Systems and Large Scale Systems of Systems
Modelling & Simulation of Complex Socio-Cyber- Physical Systems and Large Scale Systems of Systems Along their Lifetime, a System Owner Standpoint CSDM 2016 December 13-14, 2016 N. Thuy - EDF R&D General
Mike Whalen Program Director, UMSEC University of Minnesota
Formal Analysis for Communicating Medical Devices Mike Whalen Program Director, UMSEC University of Minnesota Research Topics Multi-Domain Analysis of System Architecture Models Compositional Assume-Guarantee
Experiences with CANoe-based Fault Injection for AUTOSAR
Experiences with CANoe-based Fault Injection for AUTOSAR Patrick E. Lanigan, Priya Narasimhan Electrical & Computer Engineering Carnegie Mellon University Thomas E. Fuhrman Research & Development General
Redundancy in fault tolerant computing. D. P. Siewiorek R.S. Swarz, Reliable Computer Systems, Prentice Hall, 1992
Redundancy in fault tolerant computing D. P. Siewiorek R.S. Swarz, Reliable Computer Systems, Prentice Hall, 1992 1 Redundancy Fault tolerance computing is based on redundancy HARDWARE REDUNDANCY Physical
Architectural Design. Topics covered. Architectural Design. Software architecture. Recall the design process
Architectural Design Objectives To introduce architectural design and to discuss its importance To explain the architectural design decisions that have to be made To introduce three complementary architectural
AADL to build DRE systems, experiments with Ocarina. Jérôme Hugues, ENST
AADL to build DRE systems, experiments with Ocarina Jérôme Hugues, ENST ENST Research topic: Methods for DRE Building a DRE is still a complex issue: RT-CORBA, DDS are only partial solutions Still difficult
Integration of Formal Methods into Design and Implementation of Aerospace Systems
Integration of Formal Methods into Design and Implementation of Aerospace Systems Rice University December 11, 2014 Successes Bottlenecks Need for a New Direction Future Challenges Formal Methods Have
Air Force Institute of Technology
1 Air Force Institute of Technology Extending Net-Centric Quality of Service to Systems of Systems 12 th Annual NDIA Systems Engineering Conference San Diego, CA 26-29 October 2009 Major Vinod Naga, USAF
A Multi-Modal Composability Framework for Cyber-Physical Systems
S5 Symposium June 12, 2012 A Multi-Modal Composability Framework for Cyber-Physical Systems Linh Thi Xuan Phan Insup Lee PRECISE Center University of Pennsylvania Avionics, Automotive Medical Devices Cyber-physical
Business Process Modelling
CS565 - Business Process & Workflow Management Systems Business Process Modelling CS 565 - Lecture 2 20/2/17 1 Business Process Lifecycle Enactment: Operation Monitoring Maintenance Evaluation: Process
A Tutorial on Runtime Verification and Assurance. Ankush Desai EECS 219C
A Tutorial on Runtime Verification and Assurance Ankush Desai EECS 219C Outline 1. Background on Runtime Verification 2. Challenges in Programming Robotics System Drona). 3. Solution 1: Combining Model
System modeling. Fault modeling (based on slides from dr. István Majzik and Zoltán Micskei)
System modeling Fault modeling (based on slides from dr. István Majzik and Zoltán Micskei) Budapest University of Technology and Economics Department of Measurement and Information Systems Contents Concept
Part 2: Basic concepts and terminology
Part 2: Basic concepts and terminology Course: Dependable Computer Systems 2012, Stefan Poledna, All rights reserved part 2, page 1 Def.: Dependability (Verlässlichkeit) is defined as the trustworthiness
Areas related to SW verif. Trends in Software Validation. Your Expertise. Research Trends High level. Research Trends - Ex 2. Research Trends Ex 1
Areas related to SW verif. Trends in Software Validation Abhik Roychoudhury CS 6214 Formal Methods Model based techniques Proof construction techniques Program Analysis Static Analysis Abstract Interpretation
Quantitative Safety Analysis of SysML Models
University of Konstanz Department of Computer and Information Science Bachelor Thesis for the degree Bachelor of Science (B. Sc.) in Information Engineering Quantitative Safety Analysis of SysML Models
The exida. IEC Functional Safety and. IEC Cybersecurity. Certification Programs
The exida IEC 61508 - Functional Safety and IEC 62443- Cybersecurity Certification Programs V1 R1 November 10, 2017 exida Sellersville, PA 18960, USA, +1-215-453-1720 Munich, Germany, +49 89 4900 0547
Digital Technologies for Energy Management
NATIONAL CLEANER PRODUCTION CENTRE SOUTH AFRICA Digital Technologies for Energy Management SANEA Energy Rendezvous Cape Town - 26 September 2018 Alfred Hartzenburg Presentation Points Global energy performance
Dependability Modeling Based on AADL Description (Architecture Analysis and Design Language)
Dependability Modeling Based on AADL Description (Architecture Analysis and Design Language) Ana Rugina, Karama Kanoun and Mohamed Kaâniche {rugina, kanoun, kaaniche}@laas.fr European Integrated Project
Drive-by-Data & Integrated Modular Platform
Drive-by-Data & Integrated Modular Platform Gernot Hans, Bombardier Transportation Mirko Jakovljevic, TTTech Computertechnik AG CONNECTA has received funding from the European Union s Horizon 2020 research
Ingress Policing in Automotive Systems. Soheil Samii, General Motors R&D Johannes Specht, Univ. of Duisburg-Essen
Ingress Policing in Automotive ystems oheil amii, General Motors R&D Johannes pecht, Univ. of Duisburg-Essen Ethernet in Automotive ystems Automotive Ethernet will grow Advanced Driver Assistance ystems
UML-AADL 09: Towards a Model- Driven Approach for Mapping Requirements on AADL Mathieu DELEHAYE Christophe PONSARD
Potsdam, Germany 02/06/2009 UML-AADL 09: Towards a Model- Driven Approach for Mapping Requirements on AADL Mathieu DELEHAYE Christophe PONSARD Outline 1. Motivation 2. NFR and tools survey 3. Goal-oriented
A Correctness Proof for a Practical Byzantine-Fault-Tolerant Replication Algorithm
Appears as Technical Memo MIT/LCS/TM-590, MIT Laboratory for Computer Science, June 1999 A Correctness Proof for a Practical Byzantine-Fault-Tolerant Replication Algorithm Miguel Castro and Barbara Liskov
Computer aided verification
Computer aided verification lecture 10 Model-checking success stories Sławomir Lasota University of Warsaw 1 LITERATURE G. J. Holzman, Mars Code. Commun. ACM 57(2):64-73, 2014. D.L. Detlefs, C.H. Flood,
Software architecture in ASPICE and Even-André Karlsson
Software architecture in ASPICE and 26262 Even-André Karlsson Agenda Overall comparison (3 min) Why is the architecture documentation difficult? (2 min) ASPICE requirements (8 min) 26262 requirements (12
A Modelling and Analysis Environment for LARES
A Modelling and Analysis Environment for LARES Alexander Gouberman, Martin Riedl, Johann Schuster, and Markus Siegle Institut für Technische Informatik, Universität der Bundeswehr München, {firstname.lastname@unibw.de
D2.3 General principles for mapping AADL models to GSN
Project Number 318772 D2.3 General principles for mapping AADL models to GSN Version 1.1 Final Release Public Distribution University of York Project Partners: Fondazione Bruno Kessler, fortiss, Frequentis,
SPIDER: A Fault-Tolerant Bus Architecture
Formal Methods Group NASA Langley Research Center lee.s.pike@nasa.gov May 11, 2005 Motivation Safety-critical distributed x-by-wire applications are being deployed in inhospitable environments. Failure
Model Checking of Statecharts using Automatic White Box Test Generation
Abstract Model Checking of Statecharts using Automatic White Box Test Generation Doron Drusinsky Time Rover, Inc., 11425 Charsan Lane, Cupertino, CA, 95014 www.time-rover.com This paper describes a model
Your What is My How: Iteration and Hierarchy in System Design
Your What is My How: Iteration and Hierarchy in System Design Michael W. Whalen, Andrew Gacek, Darren Cofer, Anitha Murugesan, Mats P. E. Heimdahl and Sanjai Rayadurgam Department of Computer Science and
Automatic Generation of Test Vectors for SCR-Style Specifications
Automatic Generation of Test Vectors for SCR-Style Specifications Mark R. Blackburn Software Productivity Consortium blackbur@software.org Abstract This paper provides the basis for integrating the Software
Formal modelling and verification in UPPAAL
Budapest University of Technology and Economics Department of Measurement and Information Systems Fault Tolerant Systems Research Group Critical Embedded Systems Formal modelling and verification in UPPAAL
Safety Assessment ICAS 2010
Preliminary Design of Future Reconfigurable IMA Platforms Safety Assessment ICAS 2010 Pierre Bieber, Julien Brunel, Eric Noulard, Claire Pagetti,Thierry Planche, Frédéric Vialard and all the Scarlett partners
Software verification for ubiquitous computing
Software verification for ubiquitous computing Marta Kwiatkowska Computing Laboratory, University of Oxford QA 09, Grenoble, June 2009 Software everywhere Electronic devices, ever smaller Laptops, phones,
System-level co-modeling AADL and Simulink specifications using Polychrony (and Syndex)
System-level co-modeling AADL and Simulink specifications using Polychrony (and Syndex) AADL Standards Meeting June 6., 2011 Jean-Pierre Talpin, INRIA Parts of this presentation are joint work with Paul,