Your search keyword '"safety-critical"' showing total 306 results

1. Towards Continuous Certification of Software Systems for Aerospace

Author

Ribeiro, J. Eduardo Ferreira, van der Aalst, Wil, Series Editor, Ram, Sudha, Series Editor, Rosemann, Michael, Series Editor, Szyperski, Clemens, Series Editor, Guizzardi, Giancarlo, Series Editor, Marchesi, Lodovica, editor, Goldman, Alfredo, editor, Lunesu, Maria Ilaria, editor, Przybyłek, Adam, editor, Aguiar, Ademar, editor, Morgan, Lorraine, editor, Wang, Xiaofeng, editor, and Pinna, Andrea, editor

Published

2025

2. Safety-Critical Containment Control for Quadrotor Team Using Exponential Control Barrier Functions.

Author

Xia, Zheng and Chen, Mou

Subjects

*REAL-time programming, *QUADRATIC programming, *ALGORITHMS, *TEAMS

Abstract

In this work, the containment control problem for a quadrotor team is addressed in the presence of multiple dynamic leaders with unknown bounded time-varying inputs. Both safety-critical constraints and input constraints are considered. Specifically, a linear extended state observer (ESO) is employed to handle the uncertainty and disturbance. A distributed fixed-time observer is designed to estimate the reference signal requiring no global information. The proposed nominal controller can guarantee the formation geometric constraint in steady states. Moreover, safety certificates for collision-free in transient states is enforced by using exponential control barrier functions (ECBFs). A real-time quadratic programming (QP) problem is constructed to modify the nominal controller such that both safety constraint and input constraint can be satisfied. Finally, simulations and experiments illustrate the effectiveness of the algorithm. [ABSTRACT FROM AUTHOR]

Published

2024

3. Safe motion planning and formation control of quadruped robots.

Author

Ji, Zongrui and Dong, Yi

Subjects

PREDICTIVE control systems, ARTIFICIAL intelligence, MULTIAGENT systems, ENERGY consumption, EUCLIDEAN distance, MOBILE robots

Abstract

This paper introduces a motion planning and cooperative formation control approach for quadruped robots and multi-agent systems. First, in order to improve the efficiency and safety of quadruped robots navigating in complex environments, this paper proposes a new planning method that combines the dynamic model of quadruped robots and a gradient-optimized obstacle avoidance strategy without Euclidean Signed Distance Field. The framework is suitable for both static and slow dynamic obstacle environments, aiming to achieve multiple goals of obstacle avoidance, minimizing energy consumption, reducing impact, satisfying dynamic constraints, and ensuring trajectory smoothness. This approach differs in that it reduces energy consumption throughout the movement from a new perspective. Meanwhile, this method effectively reduces the impact of the ground on the robot, thus mitigating the damage to its structure. Second, we combine the dynamic control barrier function and the virtual leader-follower model to achieve efficient and safe formation control through model predictive control. Finally, the proposed algorithm is validated through both simulations and real-world scenarios testing. [ABSTRACT FROM AUTHOR]

Published

2024

4. Safe motion planning and formation control of quadruped robots

Author

Zongrui Ji and Yi Dong

Subjects

Efficient motion planning, Dynamic model, Safety-critical, Model predictive control, Electronic computers. Computer science, QA75.5-76.95, Computer engineering. Computer hardware, TK7885-7895

Abstract

Abstract This paper introduces a motion planning and cooperative formation control approach for quadruped robots and multi-agent systems. First, in order to improve the efficiency and safety of quadruped robots navigating in complex environments, this paper proposes a new planning method that combines the dynamic model of quadruped robots and a gradient-optimized obstacle avoidance strategy without Euclidean Signed Distance Field. The framework is suitable for both static and slow dynamic obstacle environments, aiming to achieve multiple goals of obstacle avoidance, minimizing energy consumption, reducing impact, satisfying dynamic constraints, and ensuring trajectory smoothness. This approach differs in that it reduces energy consumption throughout the movement from a new perspective. Meanwhile, this method effectively reduces the impact of the ground on the robot, thus mitigating the damage to its structure. Second, we combine the dynamic control barrier function and the virtual leader-follower model to achieve efficient and safe formation control through model predictive control. Finally, the proposed algorithm is validated through both simulations and real-world scenarios testing.

Published

2024

5. A Systematic Literature Review of Augmented Reality for Maritime Collaboration.

Author

van den Oever, Floris, Fjeld, Morten, and Sætrevik, Bjørn

Subjects

*TECHNOLOGY assessment, *SITUATIONAL awareness, *NAVIGATION in shipping, *MARITIME shipping, *EVALUATION methodology, *AUGMENTED reality

Abstract

Augmented Reality (AR) could improve maritime collaboration by facilitating human factors like situation awareness and decision-making. However, it is not clear in which ways AR can be beneficial and for which maritime operations. This paper addresses the need for a systematic literature review of state-of-the-art ways AR can facilitate maritime collaboration. Following the PRISMA statement, we searched for the constructs "AR," "maritime operation," and "collaboration" in the Web of Science and IEEE Xplore databases. Out of 691 search results, we retained 32 publications for analysis. Ten publications from other sources were included. Our results provide a review of AR applications for the maritime operations of ship navigation, personal navigation, maritime construction, maritime maintenance and inspection, and other. We suggest that research focuses on bringing promising AR applications to higher technology readiness levels, learning from other industries, applying robust evaluation methods, and grounding more on human factors like decision-making, situation awareness, and communication. [ABSTRACT FROM AUTHOR]

Published

2024

6. Addressing cybersecurity and safety disconnects in United States army aviation: an exploratory qualitative case study.

Author

Pearson, Justin and Oni, Oludotun

Subjects

AVIATION policy, INTERNET security, CROSS-functional teams, LITERATURE reviews, CYBERTERRORISM

Abstract

This qualitative case study explores the reasons behind disconnects between United States Army (Army) aviation safety and cybersecurity groups' processes. The disconnects were defined as dissimilarities between Army aviation systems and inadvertent overlap of system implementation requirements. The disconnects cause an absence of explicit means to verify systems' reresiliency to cybersecurity attacks that increase the risk to flight safety and mission readiness. Literature review revealed the absence of explicit guidance and the increase of cybersecurity issues affecting interconnected aviation systems. This study sought to discover the reasons behind the disconnects and explore how the disconnects could be improved to increase resiliency to cybersecurity attacks and decrease the risk to flight safety and mission readiness. The researcher used the organizational discontinuity theory (ODT) as the framework for determining the reason behind the lack of explicit guidance. Additionally, the researcher conducted interviews with knowledgeable safety and cybersecurity professionals and conducted data source triangulation using the safety and cybersecurity groups' respective process documentation to justify key research findings and accomplish data analysis activities. Data analysis identified three themes: awareness, process critique, and logical and complementary improvement. This study concluded that one primary reason behind the disconnects between safety and cybersecurity groups' processes is that both processes are isolated in terms of execution across the systems' lifecycles. The isolation causes conflicting process requirements and inadvertent overlap where requirements could be improved if cross-functional group coordination occurred. This study also confirmed the necessity for leadership guidance to implement cross-functional group coordination and comprehensive processes to address the disconnects. [ABSTRACT FROM AUTHOR]

Published

2024

7. Weaving Agility in Safety-Critical Software Development for Aerospace: From Concerns to Opportunities

Author

J. Eduardo Ferreira Ribeiro, Joao Gabriel Silva, and Ademar Aguiar

Subjects

Agile, aerospace, DO-178C, FAA, safety-critical, software development, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Domain-specific standards and documents heavily regulate safety-critical systems. One example is the DO-178C standard for aerospace, which guides organizations to achieve system safety and evidence for their certification. Under such regulated contexts, most organizations use traditional development processes, in contrast to the massive adoption of Agile in the software industry. Among other benefits, Agile methods promise faster delivery and better flexibility to address customer needs. Adopting Agile methods and practices are possible in aerospace because the DO-178C standard does not prescribe concrete software development methods. In spite of that, Agile development is not used in DO-178C contexts. To help change that, our research aims to understand whether and how organizations engineering safety-critical software systems for aerospace may benefit from Agile methods and practices. We analyzed the DO-178C standard and confirm that it is compatible with Agile methods. Then, we present a systematic literature mapping of adopting Agile in software development for aerospace, where we identified significant concerns, recurrent issues, and several challenges. Some real industry aerospace projects provided us with important data and the perspective of domain experts about the pros and cons of Agile methods in this context. We conclude by proposing an agenda of research opportunities to improve safety-critical software development towards agility that we consider worthy of further research, application and confirmation in wider contexts.

Published

2024

8. Unpacking Human-AI Interaction in Safety-Critical Industries: A Systematic Literature Review

Author

Tita A. Bach, Jenny K. Kristiansen, Aleksandar Babic, and Alon Jacovi

Subjects

Artificial intelligence, humans, measurement, methods, safety, safety-critical, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Ensuring quality human-AI interaction (HAII) in safety-critical industries is essential. Failure to do so can lead to catastrophic and deadly consequences. Despite this urgency, existing research on HAII is limited, fragmented, and inconsistent. We present here a survey of that literature and recommendations for research best practices that should improve the field. We divided our investigation into the following areas: 1) terms used to describe HAII, 2) primary roles of AI-enabled systems, 3) factors that influence HAII, and 4) how HAII is measured. Additionally, we described the capabilities and maturity of the AI-enabled systems used in safety-critical industries discussed in these articles. We found that no single term is used across the literature to describe HAII and some terms have multiple meanings. According to our literature, seven factors influence HAII: user characteristics (e.g., user personality), user perceptions and attitudes (e.g., user biases), user expectations and experience (e.g., mismatched user expectations and experience), AI interface and features (e.g., interactive design), AI output (e.g., perceived accuracy), explainability and interpretability (e.g., level of detail, user understanding), and usage of AI (e.g., heterogeneity of environments). HAII is most measured with user-related subjective metrics (e.g., user perceptions, trust, and attitudes), and AI-assisted decision-making is the most common primary role of AI-enabled systems. Based on this review, we conclude that there are substantial research gaps in HAII. Researchers and developers need to codify HAII terminology, involve users throughout the AI lifecycle (especially during development), and tailor HAII in safety-critical industries to the users and environments.

Published

2024

9. Design and analysis of fault-tolerant sequential logic circuits for safety-critical applications.

Author

Khairullah, Shawkat Sabah, Qassabbashi, Farah Natiq, and Kareem, Jumana Abdullah

Subjects

SEQUENTIAL circuits, LOGIC circuit design, SEQUENTIAL analysis, SWITCHING circuits, MARKOV processes

Abstract

Safety-critical systems used in applications that demand high levels of dependability, efficiency, and fault-tolerance often use sequential logic circuits in its design and implementation. The safety-critical digital system typically uses latches, flip-flops, and other memory elements, which are prone to the effects of natural faults and single event upsets (SEUs) caused by radiation-induced effects. The faults can lead to subsystem failures due to the continuous advancement in the realization of the small size transistor. To design a reliable digital-based system, it is essential to develop new faulttolerance approaches that are integrated into the design of sequential logic circuits. This work proposes a novel fault-tolerant approach based on the redundancy of sequential logic circuit, which consists of a variety of design components, D flip-flop storage elements linked to a fault injection unit, a duplicate modular redundancy, and data monitoring units with a switching circuit. The experimental simulation results using a five-state Markov chain analysis model prove that the proposed fault-tolerant system can achieve 0.99999998 for reliability of the fault detection coverage (C) which equal to 0.99999. Finally, we believe that using this new approach of fault-tolerance and redundancy would improve the dependability and reliability of next generation safety-critical applications. [ABSTRACT FROM AUTHOR]

Published

2024

10. Galileo high accuracy service performance and anomaly mitigation capabilities.

Author

Martini, Ilaria, Susi, Melania, Cucchi, Luca, and Fernandez-Hernandez, Ignacio

Abstract

Precise point positioning (PPP) and real-time kinematic techniques are interesting in several sectors, especially for autonomous applications. These users have high accuracy needs coupled with stringent requirements on continuity, availability, integrity, and convergence time, whose satisfaction can be challenging in harsh environments. Galileo launched on January 2023 the initial high accuracy service (HAS), a European free-of-charge PPP service with a worldwide coverage transmitted on E6 signals and provided through an internet connection. This paper characterizes the Galileo HAS product performance, including orbital errors, clock errors, code biases, and overall signal in space error (SISE), with live signals transmitted since HAS service declaration. The paper also presents the behavior of HAS SIS in the case of four satellite anomalies between September 2021 and August 2022, occurring for Galileo and GPS. Finally, the paper presents the results of HAS performance in both static open sky and road scenarios, showing a few-decimeter accuracy even in environments with degraded visibility. The paper shows the improvements in terms of robustness to satellite anomaly thanks to the Galileo HAS characteristics. [ABSTRACT FROM AUTHOR]

Published

2024

11. Electromagnetic Performance Analysis of a Multichannel Permanent Magnet Synchronous Generator †.

Author

Korkosz, Mariusz, Sztajmec, Elżbieta, and Prokop, Jan

Subjects

*PERMANENT magnet generators, *SYNCHRONOUS generators, *ELECTRIC power production, *CLINICAL pathology, *ENERGY consumption

Abstract

In this paper, we present an analysis of the properties of the prototype three-phase Multichannel Permanent Magnet Synchronous Generator (MCPMSG) prototype designed and constructed by the authors. Each channel of the generator has electrically separated windings, which allows us to create an island system of electricity generation. The analyzed MCPMSG is intended for critical applications, and it is designed for four-channel operation. The purpose of this work is to analyze various configurations of the generator channels to improve the redundancy of the electricity generation system. The MCPMSG operation with one or two independent sources of energy consumption in the case of a dual-channel or double dual-channel operation was investigated. For the analyzed cases, the original mathematical models of the three-phase MCPMSG were developed. On the basis of numerical and laboratory tests, the influence of individual configurations on the MCPMSG output parameters was determined. An original method for diagnosing the operation of the MCPMSG channels was developed. Numerical and laboratory tests of the proposed diagnostic method based on a single voltage signal were carried out. As part of the laboratory tests, selected operating states under conditions of full winding symmetry and internal asymmetry were analyzed. The advantage of the proposed diagnostic method is the control of the operating state of the channels both under load and in the de-energized state. The proposed diagnostic method for control of the individual channel requires measurement of only one voltage signal. [ABSTRACT FROM AUTHOR]

Published

2023

12. Why the use of domain-specific modeling in airworthy software requires new methods and how these might look like? (extended version)

Author

Tietz, Vanessa, Frey, Constantin, Waldvogel, Andreas, Schoepf, Julian, and Annighoefer, Bjoern

Published

2024

13. Redesigning Medical Device Assurance: Separating Technological and Clinical Assurance Cases

Author

Deevy, Spencer, de Moraes Machado, Tiago, Modhafar, Amen, O’Beirne, Wesley, Paige, Richard F., Wassyng, Alan, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Guiochet, Jérémie, editor, Tonetta, Stefano, editor, and Bitsch, Friedemann, editor

Published

2023

14. Safety-critical computer vision: an empirical survey of adversarial evasion attacks and defenses on computer vision systems.

Author

Meyers, Charles, Löfstedt, Tommy, and Elmroth, Erik

Subjects

CYBERTERRORISM, MACHINE learning, COMPUTER systems, COMPUTER vision, POISONS

Abstract

Considering the growing prominence of production-level AI and the threat of adversarial attacks that can poison a machine learning model against a certain label, evade classification, or reveal sensitive data about the model and training data to an attacker, adversaries pose fundamental problems to machine learning systems. Furthermore, much research has focused on the inverse relationship between robustness and accuracy, raising problems for real-time and safety-critical systems particularly since they are governed by legal constraints in which software changes must be explainable and every change must be thoroughly tested. While many defenses have been proposed, they are often computationally expensive and tend to reduce model accuracy. We have therefore conducted a large survey of attacks and defenses and present a simple and practical framework for analyzing any machine-learning system from a safety-critical perspective using adversarial noise to find the upper bound of the failure rate. Using this method, we conclude that all tested configurations of the ResNet architecture fail to meet any reasonable definition of 'safety-critical' when tested on even small-scale benchmark data. We examine state of the art defenses and attacks against computer vision systems with a focus on safety-critical applications in autonomous driving, industrial control, and healthcare. By testing a combination of attacks and defenses, their efficacy, and their run-time requirements, we provide substantial empirical evidence that modern neural networks consistently fail to meet established safety-critical standards by a wide margin. [ABSTRACT FROM AUTHOR]

Published

2023

15. Out-of-Distribution Data Generation for Fault Detection and Diagnosis in Industrial Systems

Author

Jefkine Kafunah, Priyanka Verma, Muhammad Intizar Ali, and John G. Breslin

Subjects

Deep generative models, fault diagnosis, process monitoring, safety-critical, out-of-distribution data, variational autoencoder, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

The emergence of Industry 4.0 has transformed modern-day factories into high-tech industrial sites through rapid automation and increased access to real-time data. Deep learning approaches possessing superior capabilities for intelligent, data-driven fault diagnosis have become critical in ensuring process safety and reliability in these industrial sites. However, such applications trained exclusively on in-distribution process data face challenges in the wake of previously unseen out-of-distribution (OOD) data in the real world. This paper addresses the challenge of out-of-distribution data detection for deep learning-based fault diagnosis models by generating synthetic data to simulate real-world anomalies not present in the training set. We propose Manifold Guided Sampling (MGS), a data-driven method for generating synthetic OOD samples from the in-distribution data-supporting manifold estimated through a deep generative model. Synthetic data from MGS enhances the model capacity for prediction uncertainty quantification, resulting in safe and reliable models for real-world industrial process monitoring. Furthermore, the MGS algorithm maintains the in-distribution data feature space as a reference point during data generation to ensure the resulting synthetic OOD data is realistic. We analyze the effectiveness of MGS through experiments conducted on the steel plates faults dataset and demonstrate that augmenting training data with synthetic data from MGS enhances the model performance in OOD detection tasks and provides robustness against dataset distributional shifts. The findings underscore the effectiveness of utilizing synthetic MGS-generated OOD data in scenarios where real-world OOD data is limited, enabling better generalization and more reliable fault detection in practical applications.

Published

2023

16. HPC Platform for Railway Safety-Critical Functionalities Based on Artificial Intelligence.

Author

Labayen, Mikel, Medina, Laura, Eizaguirre, Fernando, Flich, José, and Aginako, Naiara

Subjects

ARTIFICIAL intelligence, RAILROAD management, COMPUTING platforms, COMPUTER engineering, DRIVERLESS cars, RAILROADS, COMPUTER vision

Abstract

The automation of railroad operations is a rapidly growing industry. In 2023, a new European standard for the automated Grade of Automation (GoA) 2 over European Train Control System (ETCS) driving is anticipated. Meanwhile, railway stakeholders are already planning their research initiatives for driverless and unattended autonomous driving systems. As a result, the industry is particularly active in research regarding perception technologies based on Computer Vision (CV) and Artificial Intelligence (AI), with outstanding results at the application level. However, executing high-performance and safety-critical applications on embedded systems and in real-time is a challenge. There are not many commercially available solutions, since High-Performance Computing (HPC) platforms are typically seen as being beyond the business of safety-critical systems. This work proposes a novel safety-critical and high-performance computing platform for CV- and AI-enhanced technology execution used for automatic accurate stopping and safe passenger transfer railway functionalities. The resulting computing platform is compatible with the majority of widely-used AI inference methodologies, AI model architectures, and AI model formats thanks to its design, which enables process separation, redundant execution, and HW acceleration in a transparent manner. The proposed technology increases the portability of railway applications into embedded systems, isolates crucial operations, and effectively and securely maintains system resources. [ABSTRACT FROM AUTHOR]

Published

2023

17. Integration of COTS Processing Architectures in Small Satellites for Onboard Computing Using Fault Injection Testing Methodology

Author

Gamazo-Real, Jose-Carlos, Zamorano-Flores, Juan Rafael, Sanz-Andrés, Ángel, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Cerone, Antonio, editor, Autili, Marco, editor, Bucaioni, Alessio, editor, Gomes, Cláudio, editor, Graziani, Pierluigi, editor, Palmieri, Maurizio, editor, Temperini, Marco, editor, and Venture, Gentiane, editor

Published

2022

18. Fault Diagnosis for China Space Station Circulating Pumps: Prototypical Network with Uncertainty Theory.

Author

Wu, Wenbo, Zou, Tianji, Guo, Dong, Zhang, Lu, Wang, Ke, and Li, Xuzhi

Subjects

*SPACE stations, *PUMPING stations, *FAULT diagnosis, *EPISTEMIC uncertainty

Abstract

Methods for fault diagnosis based on metric learning, in which a query sample is classified by picking the closest prototype from the support set based on their feature similarities, have been the subject of many studies. In real-world applications of in-orbit products, such as circulating pumps, the computation of similarity between different pairs is prone to different degrees of inaccuracy, especially epistemic uncertainty. Knowing and considering the uncertainty of similarity may improve fault detection accuracy. This article provides a unique approach to fault diagnosis based on Prototypical Network (Pro-Net) and Uncertainty Theory. In particular, we use epistemic uncertainty by altering the representation of prototypes from a deterministic scalar to an uncertain representation. To assess the similarity between a query and the prototypes in a support set, we calculate the uncertain distance between the pairs using cross-entropy. Experiments with symmetrical structures reveal that our proposed method significantly enhances classification precision and achieves state-of-the-art performance. It improves the reliability of fault diagnosis and reduces the risk of making erroneous judgments in safety-critical systems, decreasing the possibility of adverse consequences. [ABSTRACT FROM AUTHOR]

Published

2023

19. Train-to-Train Connectivity for Safety-Critical Use Cases

Author

Ruiz, Cristian García, García-Loygorri, Juan Moreno, Velázquez, Berta Mazuecos, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Moreno García-Loygorri, Juan, editor, Pérez Yuste, Antonio, editor, and Berbineau, Marion, editor

Published

2021

20. Health Risk Management (For Staff with Safety-Critical Positions)

Author

Tzanakakis, Konstantinos, Roess, Roger P., Series Editor, and Tzanakakis, Konstantinos

Published

2021

21. HPC Platform for Railway Safety-Critical Functionalities Based on Artificial Intelligence

Author

Mikel Labayen, Laura Medina, Fernando Eizaguirre, José Flich, and Naiara Aginako

Subjects

autonomous and driverless train operation, computer vision and artificial intelligence, high-performance computing, safety-critical, AI hardware accelerator, Technology, Engineering (General). Civil engineering (General), TA1-2040, Biology (General), QH301-705.5, Physics, QC1-999, Chemistry, QD1-999

Abstract

The automation of railroad operations is a rapidly growing industry. In 2023, a new European standard for the automated Grade of Automation (GoA) 2 over European Train Control System (ETCS) driving is anticipated. Meanwhile, railway stakeholders are already planning their research initiatives for driverless and unattended autonomous driving systems. As a result, the industry is particularly active in research regarding perception technologies based on Computer Vision (CV) and Artificial Intelligence (AI), with outstanding results at the application level. However, executing high-performance and safety-critical applications on embedded systems and in real-time is a challenge. There are not many commercially available solutions, since High-Performance Computing (HPC) platforms are typically seen as being beyond the business of safety-critical systems. This work proposes a novel safety-critical and high-performance computing platform for CV- and AI-enhanced technology execution used for automatic accurate stopping and safe passenger transfer railway functionalities. The resulting computing platform is compatible with the majority of widely-used AI inference methodologies, AI model architectures, and AI model formats thanks to its design, which enables process separation, redundant execution, and HW acceleration in a transparent manner. The proposed technology increases the portability of railway applications into embedded systems, isolates crucial operations, and effectively and securely maintains system resources.

Published

2023

22. A Personal Opinion Survey on Process Compliance Checking in the Safety Context

Author

Castellanos Ardila, Julieth Patricia, Gallina, Barbara, Filipe, Joaquim, Editorial Board Member, Ghosh, Ashish, Editorial Board Member, Prates, Raquel Oliveira, Editorial Board Member, Zhou, Lizhu, Editorial Board Member, Shepperd, Martin, editor, Brito e Abreu, Fernando, editor, Rodrigues da Silva, Alberto, editor, and Pérez-Castillo, Ricardo, editor

Published

2020

23. Creation of Interactive Virtual Reality Scenarios as a Training and Education Tool

Author

Nasyrov, Rinat R., Excell, Peter S., Edmonds, Ernest, Founding Editor, Vear, Craig, Series Editor, Brown, Paul, Editorial Board Member, Bryan-Kinns, Nick, Editorial Board Member, England, David, Editorial Board Member, Ferguson, Sam, Editorial Board Member, Ferran, Bronaċ, Editorial Board Member, Hugill, Andrew, Editorial Board Member, Lambert, Nicholas, Editorial Board Member, Lowgren, Jonas, Editorial Board Member, Yi-Luen Do, Ellen, Editorial Board Member, Earnshaw, Rae, editor, Liggett, Susan, editor, Excell, Peter, editor, and Thalmann, Daniel, editor

Published

2020

24. Validation of a Simulation Algorithm for Safety-Critical Human Multitasking

Author

Broccia, Giovanna, Milazzo, Paolo, Belviso, Cristina, Montiel, Carmen Berrocal, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Sekerinski, Emil, editor, Moreira, Nelma, editor, Oliveira, José N., editor, Ratiu, Daniel, editor, Guidotti, Riccardo, editor, Farrell, Marie, editor, Luckcuck, Matt, editor, Marmsoler, Diego, editor, Campos, José, editor, Astarte, Troy, editor, Gonnord, Laure, editor, Cerone, Antonio, editor, Couto, Luis, editor, Dongol, Brijesh, editor, Kutrib, Martin, editor, Monteiro, Pedro, editor, and Delmas, David, editor

Published

2020

25. Robust Fault Tolerant Rail Door State Monitoring Systems

Author

Sniatala, Pawel, Amini, M. Hadi, Boroojeni, Kianoosh G., Sniatala, Pawel, Amini, M. Hadi, and Boroojeni, Kianoosh G.

Published

2020

26. Methodology for the integrative adaption of manufacturing process and inspection sequences to component changes of safety–critical medical products.

Author

Stauder, Lars, Knott, Anna-Lena, Schmitt, Robert H., and Bergs, Thomas

Abstract

Ever-shorter product lifecycles and more frequently changing customer demands challenge manufacturing companies to change their products and the components these products are composed of in ever-shorter periods. As a result, the existing manufacturing process and inspection sequences (MPISs) of the corresponding components must be adapted. Particularly in the production of safety–critical components, such as in the medical industries, component changes represent a major challenge, as very high quality requirements are placed on the components and a costly re-certification of the adapted processes is necessary. Due to the high quality requirements, not only the manufacturing process but also the inspection processes must be adapted for the realization of a component change. Furthermore, a high degree of planning reliability is necessary when deriving adaptations of MPISs for component changes to keep the re-certification effort and adaptation costs for safety–critical components as low as possible. Therefore, a methodology is introduced for the integrative derivation of adaptation options of MPISs due to component changes that supports users in identifying suitable adaptations in a systematic and time-efficient way. The methodology is successfully applied to a use case from the medical industry and supports users in identifying adaptations in established MPISs to implement a component change. [ABSTRACT FROM AUTHOR]

Published

2022

27. High fusion computers: The IoTs, edges, data centers, and humans-in-the-loop as a computer.

Author

Wanling Gao, Lei Wang, Mingyu Chen, Jin Xiong, Chunjie Luo, Wenli Zhang, Yunyou Huang, Weiping Li, Guoxin Kang, Chen Zheng, Biwei Xie, Shaopeng Dai, Qian He, Hainan Ye, Yungang Bao, and Jianfeng Zhan

Subjects

COMPUTERS, DATA libraries, INTERNET of things, ACCURACY, SOURCE code

Abstract

Emerging and future applications rely heavily upon systems consisting of Internet of Things (IoT), edges, data centers, and humans-in-the-loop. Significantly different from warehouse-scale computers that serve independent concurrent user requests, this new class of computer systems directly interacts with the physical world, considering humans an essential part and performing safety-critical and mission-critical operations; their computations have intertwined dependencies between not only adjacent execution loops but also actions or decisions triggered by IoTs, edge, datacenters, or humans-in-the-loop; the systems must first satisfy the accuracy metric in predicting, interpreting, or taking action before meeting the performance goal under different cases. This article argues we need a paradigm shift to reconstruct the IoTs, edges, data centers, and humans-in-the-loop as a computer rather than a distributed system. We coin a new term, high fusion computers (HFCs), to describe this class of systems. The fusion in the term has two implications: fusing IoTs, edges, data centers, and humans-in-the-loop as a computer, fusing the physical and digital worlds through HFC systems. HFC is a pivotal case of the open-source computer systems initiative. We laid out the challenges, plan, and call for uniting our community's wisdom and actions to address the HFC challenges. Everything, including the source code, will be publicly available from the project homepage: https://www.computercouncil.org/HFC/. [ABSTRACT FROM AUTHOR]

Published

2022

28. A CONCEPT STUDY OVER A RADAR-BASED TERRAIN AWARENESS SYSTEM (RTAS)

Author

Alostaz, Rawand and Alostaz, Rawand

Published

2024

29. Managing security evidence in safety-critical organizations

Author

Mohamad, Mazen, Steghöfer, Jan-Philipp, Knauss, Eric, Scandariato, Riccardo, Mohamad, Mazen, Steghöfer, Jan-Philipp, Knauss, Eric, and Scandariato, Riccardo

Abstract

With the increasing prevalence of open and connected products, cybersecurity has become a serious issue in safety-critical domains such as the automotive industry. As a result, regulatory bodies have become more stringent in their requirements for cybersecurity, necessitating security assurance for products developed in these domains. In response, companies have implemented new or modified processes to incorporate security into their product development lifecycle, resulting in a large amount of evidence being created to support claims about the achievement of a certain level of security. However, managing evidence is not a trivial task, particularly for complex products and systems. This paper presents a qualitative interview study conducted in six companies on the maturity of managing security evidence in safety-critical organizations. We find that the current maturity of managing security evidence is insufficient for the increasing requirements set by certification authorities and standardization bodies. Organizations currently fail to identify relevant artifacts as security evidence and manage this evidence on an organizational level. One part of the reason are educational gaps, the other a lack of processes. The impact of AI on the management of security evidence is still an open question.

Published

2024

30. Compositional Verification in the Real World of Engineering : A case study on formal requirements for a redundancy braking system at Scania CV

Author

Arnholm Söderberg, Leo and Arnholm Söderberg, Leo

Abstract

This master thesis studies how requirements for a safety-critical system can be formalised and their integrity verified using formal verification, especially using stochastic compositional verification. For this master thesis a redundancy braking system for an autonomous vehicle system at Scania is studied. The study presents a potential redundancy braking system with its various sub-components and their purpose. Based on EU-regulation, a scenario is presented where an autonomous vehicle is expected to brake within specific parameters to avoid collision. This scenario is used to derive formal specifications describing desired behaviour of the system's sub-components using the formalism probabilistic contract formulae. These specifications form parallel compositions describing desired behaviour for the system in order to satisfy a top-level specification. This thesis shows how stochastic compositional verification can be utilised for a safety-critical system in the automotive industry. The specifications can be used in future work to prove refinement using an algorithm for verifying refinement of parallel compositions of probabilistic contract formulae.

Published

2024

31. Modeling and safety analysis for collaborative safety-critical systems using hierarchical colored Petri nets

Author

Ali, Nazakat, Punnekkat, Sasikumar, Rauf, A., Ali, Nazakat, Punnekkat, Sasikumar, and Rauf, A.

Abstract

Context: Collaborative systems enable multiple independent systems to work together towards a common goal. These systems can include both human-system and system-system interactions and can be found in a variety of settings, including smart manufacturing, smart transportation, and healthcare. Safety is an important consideration for collaborative systems because one system's failure can significantly impact the overall system performance and adversely affect other systems, humans or the environment. Goal: Fail-safe mechanisms for safety-critical systems are designed to bring the system to a safe state in case of a failure in the sensors or actuators. However, a collaborative safety-critical system must do better and be safe-operational, for e.g., a failure of one of the members in a platoon of vehicles in the middle of a highway is not acceptable. Thus, failures must be compensated, and compliance with safety constraints must be ensured even under faults or failures of constituent systems. Method: In this paper, we model and analyze safety for collaborative safety-critical systems using hierarchical Coloured Petri nets (CPN). We used an automated Human Rescue Robot System (HRRS) as a case study, modeled it using hierarchical CPN, and injected some specified failures to check and confirm the safe behavior in case of unexpected scenarios. Results: The system behavior was observed after injecting three types of failures in constituent systems, and then safety mechanisms were applied to mitigate the effect of these failures. After applying safety mechanisms, the HRRS system's overall behavior was again observed both in terms of verification and validation, and the simulated results show that all the identified failures were mitigated and HRRS completed its mission. Conclusion: It was found that the approach based on formal methods (CPN modeling) can be used for the safety analysis, modeling, validation, and verification of collaborative safety-critical systems like HRRS

Published

2024

32. Implementation of Structured Object-Oriented Formal Language for Warehouse Management System

Author

Irfin Afifudi and Inge Martina

Subjects

software engineering, safety-critical, structured object-oriented formal language, object- based programming, software quality, Telecommunication, TK5101-6720, Information technology, T58.5-58.64

Abstract

Designing process is inseparable from software development. Like other software development processes, designing process faces many problems, such as improper and ambiguous specifications. These problems may be overcome by applying formal engineering methods. One of which is Structured Object-Oriented Formal Language (SOFL). The analysis and formation of the design and implementation of SOFL are carried out as a solution to the problem. The application of SOFL is divided into three parts according to SOFL rules, namely informal specification, semi-formal specification, and formal specification. The design and implementation are measured and tested using rigorous review and maintainability index. This research uses a warehouse management system, a safety-critical system, as a case study. Rigorous analysis shows that SOFL in warehouse management system increases the maintainability index of 56.94%. It means that it is easier to develop.

Published

2020

33. A Cognitive Task Analysis of Safety-Critical Launch Termination Systems

Author

Daiker, Ronald, Ghatas, Rania, Vincent, Michael, Rippy, Lisa, Holbrook, Jon, Kacprzyk, Janusz, Series Editor, Pal, Nikhil R., Advisory Editor, Bello Perez, Rafael, Advisory Editor, Corchado, Emilio S., Advisory Editor, Hagras, Hani, Advisory Editor, Kóczy, László T., Advisory Editor, Kreinovich, Vladik, Advisory Editor, Lin, Chin-Teng, Advisory Editor, Lu, Jie, Advisory Editor, Melin, Patricia, Advisory Editor, Nedjah, Nadia, Advisory Editor, Nguyen, Ngoc Thanh, Advisory Editor, Wang, Jun, Advisory Editor, and Stanton, Neville, editor

Published

2019

34. Enhancing Dependability Analysis Provisioning in CBTC Wireless Communication System With Age of Information.

Author

Wang, Xiaoxuan, Li, Yang, Jing, Tao, Huo, Yan, and Tang, Tao

Subjects

*WIRELESS communications, *INFORMATION society, *PUBLIC transit, *INFORMATION storage & retrieval systems

Abstract

As a crucial part of the communication-based train control (CBTC) system, the wireless communication subsystem is responsible for transmitting safety-critical information, which directly affects the safe and efficient operation of the urban rail transit. The dependability analysis method for wireless communication in CBTC is critical and necessary to ensure the stable transmission of safety-critical information. However, most of the existing researches in CBTC lack a unified evaluation index to analyze the wireless communication dependability. In this paper, the dependability of wireless communication system in CBTC is established. To be specific, timeliness, integrity, security, and safety are used to describe the dependability of CBTC wireless communication system in our definition. The age of information (AoI) is used to quantitatively analyze the dependability in the CBTC wireless communication system. To verify the effectiveness of the proposed dependability analysis method, we quantitatively introduce the dependability of wireless communication system in CBTC with different scenarios, including packet-drop, re-transmission, handoff, and cyber-attack. Simulation results show that the designed dependability analysis method with quantized AoI can efficiently describe the dependability of CBTC wireless communication system in different scenarios. [ABSTRACT FROM AUTHOR]

Published

2022

35. Decentralized Task Reallocation on Parallel Computing Architectures Targeting an Avionics Application.

Author

Khamvilai, Thanakorn, Sutter, Louis, Baufreton, Philippe, Neumann, François, and Feron, Eric

Subjects

*PARALLEL programming, *PARALLEL processing, *PROBLEM solving, *ALGORITHMS, *AVIONICS, *RELIABILITY in engineering

Abstract

This work presents an online decentralized allocation algorithm of a safety-critical application on parallel computing architectures, where individual Computational Units can be affected by faults. The described method includes representing the architecture by an abstract graph where each node represents a Computational Unit. Applications are also represented by the graph of Computational Units they require for execution. The problem is then to decide how to allocate Computational Units to applications to guarantee execution of a safety-critical application. The problem is formulated as an optimization problem with the form of an Integer Linear Program. A state-of-the-art solver is then used to solve the problem. Decentralizing the allocation process is achieved through redundancy of the allocator executed on the architecture. No centralized element decides on the allocation of the entire architecture, thus improving the reliability of the system. Inspired by multi-core architectures in avionics systems, an experimental illustration of the work is also presented. It is used to demonstrate the capabilities of the proposed allocation process to maintain the operation of a physical system in a decentralized way while individual components fail. [ABSTRACT FROM AUTHOR]

Published

2021

36. Encouraging Volitional Pedaling in Functional Electrical Stimulation-Assisted Cycling Using Barrier Functions

Author

Axton Isaly, Brendon C. Allen, Ricardo G. Sanfelice, and Warren E. Dixon

Subjects

functional electrical stimulation (FES, cycling, barrier function, safety-critical, euler-Lagrange, control design, Mechanical engineering and machinery, TJ1-1570, Electronic computers. Computer science, QA75.5-76.95

Abstract

Stationary motorized cycling assisted by functional electrical stimulation (FES) is a popular therapy for people with movement impairments. Maximizing volitional contributions from the rider of the cycle can lead to long-term benefits like increased muscular strength and cardiovascular endurance. This paper develops a combined motor and FES control system that tasks the rider with maintaining their cadence near a target point using their own volition, while assistance or resistance is applied gradually as their cadence approaches the lower or upper boundary, respectively, of a user-defined safe range. Safety-ensuring barrier functions are used to guarantee that the rider’s cadence is constrained to the safe range, while minimal assistance is provided within the range to maximize effort by the rider. FES stimulation is applied before electric motor assistance to further increase power output from the rider. To account for uncertain dynamics, barrier function methods are combined with robust control tools from Lyapunov theory to develop controllers that guarantee safety in the worst-case. Because of the intermittent nature of FES stimulation, the closed-loop system is modeled as a hybrid system to certify that the set of states for which the cadence is in the safe range is asymptotically stable. The performance of the developed control method is demonstrated experimentally on five participants. The barrier function controller constrained the riders’ cadence in a range of 50 ± 5 RPM with an average cadence standard deviation of 1.4 RPM for a protocol where cadence with minimal variance was prioritized and used minimal assistance from the motor (4.1% of trial duration) in a separate protocol where power output from the rider was prioritized.

Published

2021

37. Agile Usage in Embedded Software Development in Safety Critical Domain–A Systematic Review

Author

Demissie, Surafel, Keenan, Frank, Özcan-Top, Özden, McCaffery, Fergal, Barbosa, Simone Diniz Junqueira, Series Editor, Filipe, Joaquim, Series Editor, Kotenko, Igor, Series Editor, Sivalingam, Krishna M., Series Editor, Washio, Takashi, Series Editor, Yuan, Junsong, Series Editor, Zhou, Lizhu, Series Editor, Stamelos, Ioannis, editor, O'Connor, Rory V., editor, Rout, Terry, editor, and Dorling, Alec, editor

Published

2018

38. Evaluating and Mitigating Neutrons Effects on COTS EdgeAI Accelerators.

Author

Blower, Sebastian, Rech, Paolo, Cazzaniga, Carlo, Kastriotou, Maria, and Frost, Christopher D.

Subjects

*ARTIFICIAL intelligence, *NEUTRONS, *SOLUTION strengthening, *NEUTRON beams, *ARTIFICIAL neural networks, *ACCELERATOR mass spectrometry

Abstract

EdgeAI is an emerging artificial intelligence (AI) accelerator technology, which is capable of delivering improved AI performance at both a lower cost and a lower power level. With the aim of implementation in large quantities and in safety-critical environments, it is imperative to understand how single-event effects (SEEs) affect the reliability of this new family of devices and to propose efficient hardening solutions. Through neutron beam experiments and fault-injection analysis of a commercial-off-the-shelf (COTS) EdgeAI device, we are able to identify the device’s SEE failure-modes, separate the error rate contributions of the device’s different resources, and characterize the device’s SEE reliability. During this analysis, we discovered that the vast majority of single-bit flips have no appreciable effect on the output. After this analysis, we propose a hardening solution that implements triple-modular redundancy (TMR) in the device without changing its physical architecture. We experimentally validate this solution and show that we are able to correct 96% of the misclassifications (critical errors) with nearly zero overhead. [ABSTRACT FROM AUTHOR]

Published

2021

39. A cross-layer middleware architecture for time and safety critical applications in MANETs

Author

Pease, Sarogini G.

Subjects

004, Real-time, Cross-layer, Optimization, MANETs, Safety-critical, Hard real-time

Abstract

Mobile Ad hoc Networks (MANETs) can be deployed instantaneously and adaptively, making them highly suitable to military, medical and disaster-response scenarios. Using real-time applications for provision of instantaneous and dependable communications, media streaming, and device control in these scenarios is a growing research field. Realising timing requirements in packet delivery is essential to safety-critical real-time applications that are both delay- and loss-sensitive. Safety of these applications is compromised by packet loss, both on the network and by the applications themselves that will drop packets exceeding delay bounds. However, the provision of this required Quality of Service (QoS) must overcome issues relating to the lack of reliable existing infrastructure, conservation of safety-certified functionality. It must also overcome issues relating to the layer-2 dynamics with causal factors including hidden transmitters and fading channels. This thesis proposes that bounded maximum delay and safety-critical application support can be achieved by using cross-layer middleware. Such an approach benefits from the use of established protocols without requiring modifications to safety-certified ones. This research proposes ROAM: a novel, adaptive and scalable cross-layer Real-time Optimising Ad hoc Middleware framework for the provision and maintenance of performance guarantees in self-configuring MANETs. The ROAM framework is designed to be scalable to new optimisers and MANET protocols and requires no modifications of protocol functionality. Four original contributions are proposed: (1) ROAM, a middleware entity abstracts information from the protocol stack using application programming interfaces (APIs) and that implements optimisers to monitor and autonomously tune conditions at protocol layers in response to dynamic network conditions. The cross-layer approach is MANET protocol generic, using minimal imposition on the protocol stack, without protocol modification requirements. (2) A horizontal handoff optimiser that responds to time-varying link quality to ensure optimal and most robust channel usage. (3) A distributed contention reduction optimiser that reduces channel contention and related delay, in response to detection of the presence of a hidden transmitter. (4) A feasibility evaluation of the ROAM architecture to bound maximum delay and jitter in a comprehensive range of ns2-MIRACLE simulation scenarios that demonstrate independence from the key causes of network dynamics: application setting and MANET configuration; including mobility or topology. Experimental results show that ROAM can constrain end-to-end delay, jitter and packet loss, to support real-time applications with critical timing requirements.

Published

2013

40. SafeConcert: A Metamodel for a Concerted Safety Modeling of Socio-Technical Systems

Author

Montecchi, Leonardo, Gallina, Barbara, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Bozzano, Marco, editor, and Papadopoulos, Yiannis, editor

Published

2017

41. Integrated Information Visualization and Usability of User Interfaces for Safety-Critical Contexts

Author

Kwee-Meier, Sonja Th., Wiessmann, Marion, Mertens, Alexander, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, and Harris, Don, editor

Published

2017

42. Transferring Learning Across Safety-Critical Industries

Author

Liston, Paul M., Kay, Alison, Cromie, Sam, McDonald, Nick, Kavanagh, Bill, Cooke, Roddy, Walter, Peter, and MacLachlan, Malcolm, editor

Published

2017

43. Methodology for the identification of alternative manufacturing changes for safety–critical components.

Author

Bergs, Thomas, Hermann, Lennard, Rey, Jan, and Barth, Sebastian

Abstract

A variety of factors are forcing companies to change their products and the components these products are composed of. Examples of current factors are changing customer requirements, product optimizations or ever-shorter product lifecycles. These component changes, particularly in safety–critical components in the medical and aerospace industry, pose great challenges and are limited in scope. The challenges and limitations arise from the high costs and the amount of time involved in component recertification as required by law, as well as revalidations of the manufacturing after a change has been implemented. Some component changes are even mandatory. In this case there are no options for reducing recertification efforts by choosing between different design changes. In contrast, there are alternative manufacturing options with which to implement the prescribed component changes that can reduce the amount of revalidation required on the manufacturing side. Due to the fact that changes to the manufacture of safety–critical components require validation, the existence of alternative manufacturing changes offers the potential to save time and money by selecting the best-suited alternative. In order to be able to select the best-suited alternative, all alternative manufacturing changes must be known, which poses a challenge for technology planners dealing with the complex manufacture of safety–critical components. Therefore, a methodology is introduced to support technology planners in identify alternative manufacturing changes with which to implement scope-restricted changes to safety–critical components. The methodology is validated by applying it to a case study from the medical industry. [ABSTRACT FROM AUTHOR]

Published

2020

44. A Big Slot Scheduling Algorithm for the Reliable Delivery of Real-Time Data Packets in Wireless Sensor Networks

Author

Oh, Hoon, Azad, Md Abul Kalam, and Zeng, Qing-An, editor

Published

2016

45. Enforcing Safety for Mixed Traffic Control via a Control Barrier Function Quadratic Program

Author

Zhao, Chenguang, Yu, Huan, Zhao, Chenguang, and Yu, Huan

Abstract

Connected Automated Vehicle (CAV) has been considered as a transformative technology to improve traffic performance from various aspects. Many recent efforts have focused on the control of CAVs to dissipate stop-and-go waves in mixed-autonomy traffic. However, the safety impact of the CAV control design has not been fully addressed. A feedback controller that stabilizes the mixed vehicle platoon could cause rear-end collisions in some safety-critical scenarios, which hinders the application of CAV control design. This paper focuses on designing a Safety-critical Traffic Controller (STC) for a leading CAV that guarantees both safety and stability in the closed-loop mixed traffic system. We first propose the safe driving constraints for CAV and HDVs, based on which we design Control Barrier Functions (CBF) to penalize a nominal control input for any safety violation. We synthesize a safety-critical controller by integrating the CBF constraints with a nominal controller that achieves string stability and then solving a Quadratic Programming (QP) problem. Numerical simulations demonstrate that the proposed STC guarantees safety and expands the safety region of the mixed system. Simulations on the NGSIM dataset further validate that STC avoids rear-end collisions in real traffic.

Published

2023

46. Syntax-Based Dependency Discovery : Extracting Dependencies Between Integration Test Cases for Passive Testing

Author

Halldoff, David, Sten, Martin, Halldoff, David, and Sten, Martin

Abstract

Modern-day vehicles consist of numerous electronic computing devices with accompanying software. Since vehicles are generally classified as safety-critical systems, rigorous testing strategies have to be deployed to ensure correct operation of the embedded software. Testing in an active sense is understood to be the main testing method for software in general. The main characteristic of active testing is that test cases have complete control over the system under test, warranting sequential execution of test cases. To complement active testing a method called passive testing is being researched, where the main benefit compared to active testing is that the evaluation of test cases becomes parallelizable. As passive testing opens up for concurrency, the issue of not recognizing faulty behavior arises. This could be the case when simultaneously testing functions which share an output, and the incorrect behavior of a function is being masked by the correct behavior of another function. To avoid vacuous test results, the evaluation of dependent test cases can be separated. Previous work describes the process of extracting dependencies between test cases from requirement specifications. However, this approach is not suitable when test cases are derived from various artifacts. In this thesis we present a syntax-based approach for dependency discovery between test cases. The approach was evaluated through a case study using integration test cases developed for active hardware-in-the-loop testing at Scania CV. Dependencies between 946 test cases have been extracted and the test cases were grouped into three categories, with 286 test cases being identified as independent. The approach shows some potential for evaluating test cases written for active testing, but the results indicate that using test cases written specifically for passive testing may yield better results. The approach also proved to be useful for finding bugs and deviations in scripts. Thus, the method has pro, Moderna fordon innehåller åtskilliga elektroniska kontrollenheter med medföljande programvara. Eftersom fordon ofta anses vara säkerhetskritiska system krävs robusta teststrategier av den inbyggda mjukvaran för att säkerställa korrekt drift. Aktiv testning är för nuvarande den vanligaste metoden för att testa mjukvara. Den huvudsakliga egenskapen för aktiv testning är att testfall har total kontroll över systemet som är satt under test, vilket medför sekventiell utvärdering av testfall. För att komplettera aktiv testning undersöks en metod som kallas passiv testning, där den största fördelen gentemot aktiv testning är att utvärderingen av testfall kan ske parallellt. Att utvärdera testfall samtidigt medför dock att felaktigt beteende i mjukvaran potentiellt kan maskeras. Detta kan ske då flera funktioner delar utsignaler, och en funktions felaktiga beteende maskeras av en annan funktions korrekta beteende. För att undvika tomma sanningar som testresultat, kan utvärderingen av testfall som har ett beroende mellan dem separeras. Föregående arbeten inom området beskriver processen för att extrahera beroenden mellan testfall från kravspecifikationer. Denna metod är dock inte lämplig när testfall är baserade på flera olika artefakter. I detta examensarbete presenterar vi en syntaxbaserad metod för att hitta beroenden mellan testfall. Metoden utvärderades genom en fallstudie på Scania CV, där aktiva integrationstestfall för hardware-in-the-loop användes för analys. Beroenden mellan 946 testfall kunde extraheras och testfallen grupperades i tre olika kategorier, där 286 klassificerades som oberoende. Metoden visar potential för att analysera testfall skrivna för aktiv testning, men resultaten indikerar att testfall skrivna specifikt för passiv testning kan generera ett bättre resultat. Ett oväntat men positivt utfall är att metoden i viss grad kan användas för att hitta buggar och avvikelser i skript. Således har metoden visats användbar för att hitta beroenden från syntax

Published

2023

47. Requirement Validation - A multi-case study to identifyfailure factors in safety critical software development

Author

Ceriacous, Kyrollos, Ishak, Jakoob, Ceriacous, Kyrollos, and Ishak, Jakoob

Abstract

In software development, customer trust hinges on a product performing as expectedand ensuring appropriate steps are taken to prevent incidents due to faulty systems. Oneway of achieving this lies within in requirement validation – the process of validatingthe requirements set on the software. However, the complexity of the requirementvalidation domain can be challenging for companies and organizations seeking toimprove their validation processes. This research investigates this area, pinpointingpotential failure factors that may hinder effective requirement validation. The study wasconducted using a multi-case research design, involving individual interviews with fourdistinct divisions at SAAB: hardware, software, systems, and test equipment.This study built upon Niazi’s & Shastry's previous research where findings of failurefactors in requirement engineering are brought forward. What this research has done istaking the failure factors and applying them to requirement validation, which is asubcategory to requirement engineering. The failure factors taken into consideration inthis research are therefore the following: • Vague requirements• Undefined requirements process• Lack of stakeholder involvement• Business needs are not considered• Lack of requirement management• The requirements do not reflect the real needs of the customer• The requirements are inconsistent and/or incomplete• It is expensive to make changes to requirements after they have been agreed• Requirements growth• Stakeholders’ communication problems During the research, focus was placed on noting how often the interviewees mentionedeach failure factor. This helped in understanding which issues were most often seen asproblems in the requirement validation process.Particularly, stakeholder issues and the tendency towards vague requirement definitionsemerged as prevalent problems. The findings of this research do not only concernsafety-critical software companies but can additionally prove benefici

Published

2023

48. HPC Platform for Railway Safety-Critical Functionalities Based on Artificial Intelligence

Author

Ciencia de la computación e inteligencia artificial, Konputazio zientziak eta adimen artifiziala, Labayen Esnaola, Mikel, Medina, Laura, Eizaguirre, Fernando, Flich, José, Aginako Bengoa, Naiara, Ciencia de la computación e inteligencia artificial, Konputazio zientziak eta adimen artifiziala, Labayen Esnaola, Mikel, Medina, Laura, Eizaguirre, Fernando, Flich, José, and Aginako Bengoa, Naiara

Abstract

The automation of railroad operations is a rapidly growing industry. In 2023, a new European standard for the automated Grade of Automation (GoA) 2 over European Train Control System (ETCS) driving is anticipated. Meanwhile, railway stakeholders are already planning their research initiatives for driverless and unattended autonomous driving systems. As a result, the industry is particularly active in research regarding perception technologies based on Computer Vision (CV) and Artificial Intelligence (AI), with outstanding results at the application level. However, executing high-performance and safety-critical applications on embedded systems and in real-time is a challenge. There are not many commercially available solutions, since High-Performance Computing (HPC) platforms are typically seen as being beyond the business of safety-critical systems. This work proposes a novel safety-critical and high-performance computing platform for CV- and AI-enhanced technology execution used for automatic accurate stopping and safe passenger transfer railway functionalities. The resulting computing platform is compatible with the majority of widely-used AI inference methodologies, AI model architectures, and AI model formats thanks to its design, which enables process separation, redundant execution, and HW acceleration in a transparent manner. The proposed technology increases the portability of railway applications into embedded systems, isolates crucial operations, and effectively and securely maintains system resources.

Published

2023

49. Reducing idle time in event-triggered software execution via runnable migration and DPM-Aware scheduling.

Author

Copic, Milan, Leupers, Rainer, and Ascheid, Gerd

Subjects

*COMPUTER scheduling, *SCHEDULING, *AUTOMOBILE industry, *COMPUTER software

Abstract

Being the main driver of innovation in the automotive industry, vehicle software calls for more efficient tools for its development. Safety-critical applications are predominantly written respecting the AUTOSAR standard, where tasks comprise code-fragments called runnables, and deployed on multi-core architectures. However, task parallelization introduces a substantial number of idle intervals, as runnables have to be mapped and scheduled at design-time without violating data dependencies. In parallelized event-triggered tasks, these intervals are utilized by migrating runnables from the interrupted time-triggered tasks. We propose to also migrate runnables from consecutively scheduled tasks and additionally, to maximize their number using DPM-aware application scheduling. [ABSTRACT FROM AUTHOR]

Published

2020

50. Construction of formal models and verifying property specifications through an example of railway interlocking systems.

Author

Lukács, Gábor and Bartha, Tamás

Subjects

RAILROADS, TECHNICAL specifications

Abstract

The use of formal modeling has seen an increasing interest in the development of safety-critical, embedded microcomputer-controlled railway interlocking systems, due to its ability to specify the behavior of the systems using mathematically precise rules. The research goal is to prepare a specification-verification environment, which supports the developer of the railway interlocking systems in the creation of a formally-proven correct design and at the same time hides the inherent mathematical-computer since related background knowledge. The case study is presented with the aim to summarize the process of formalizing a domain specification, and to show further application possibilities (e.g. verification methods). [ABSTRACT FROM AUTHOR]

Published

2019