architecture framework for software safety
play

Architecture Framework for Software Safety Havva Gulay GURBUZ - PowerPoint PPT Presentation

Nov 12, 2022 •247 likes •473 views

Architecture Framework for Software Safety Havva Gulay GURBUZ Nagehan PALA ER Bedir TEKINERDOGAN 29.09.2014 Bilkent University Computer Engineering Department & Agenda p Introduction & Motivation p Case study: Avionics Control

  1. Architecture Framework for Software Safety Havva Gulay GURBUZ Nagehan PALA ER Bedir TEKINERDOGAN 29.09.2014 Bilkent University Computer Engineering Department &

  2. Agenda p Introduction & Motivation p Case study: Avionics Control Computer System p Meta-model for Software Safety p Viewpoints for Software Safety n Hazard Viewpoint n Safety Tactics Viewpoint n Safety-Critical Viewpoint p Conclusion & Future Work 2/22

  3. Introduction p Currently, an increasing number of systems: n Controlled by software n Rely on the correct operation of the software p A safety-critical system: n Malfunctioning of software could result in death, injury or damage to environment p To mitigate these serious risks: n The architecture of safety-critical systems needs to be carefully designed and analyzed 3/22

  4. Introduction p A common practice for modeling software architecture n Software architecture viewpoints to model the architecture for particular stakeholders and concerns p Existing architecture viewpoints n general purpose n do not explicitly focus on safety concern in particular p We propose an architecture framework for modeling architecture for software safety to address the safety concern explicitly and assist the architect. 4/22

  5. Introduction p The architecture framework is based on a meta-model that has been developed after a thorough domain analysis. The framework includes three coherent set of viewpoints each of which addresses an important concern. p The framework is not mentioned as a replacement of existing general purpose frameworks but rather needs to be considered complementary to these. p The application of the viewpoints is illustrated with a case-study on safety-critical avionics control computer system. 5/22

  6. Avionics Control Computer System 6/22

  7. Case Study – Requirements Requirement Explanation Display aircraft altitude data Altitude is defined as the height of the aircraft above sea level. Altitude information is shown to pilots, as well as, also used by other avionics systems such as ground collision detection system. Pilots depend on the displayed altitude information especially when landing. Display aircraft position data Position is the latitude and longitude coordinates of the aircraft received from GPS (Global Positioning System). Route management also uses aircraft position. Aircraft position is generally showed along with the other points in the route. Pilots can see the deviation from the route and take actions according to the deviation. Display aircraft attitude data Attitude is defined with the angles of rotation of the aircraft in three dimensions, known as roll, pitch and yaw angles. For instance, the symbol, called as ADI (Attitude Direction Indicator), is used to show roll and pitch angles of the aircraft. Display fuel amount Fuel amount is the sum of fuel in all fuel tanks. Fuel amount is generally represented with a bar chart in order to show how much fuel remains in the aircraft. Display radio frequency channel The radio frequency channel is used to communicate with ground stations. 7/22

  8. Case Study – Hazard Analysis Hazard Possible Causes Consequence Severity HZ1 Loss of/Error in altimeter, Aircraft Catastrophic Displaying Loss of/Error in communication crash wrong altitude with altimeter, data Error in display HZ2 Loss of/Error in GPS, Aircraft Catastrophic Displaying Loss of/Error in communication crash wrong position with GPS, data Error in display HZ3 Loss of/Error in gyroscope, Aircraft Catastrophic Displaying Loss of/Error in communication crash wrong attitude with gyroscope, data Error in display HZ4 Loss of/Error in fuel sensor, Aircraft Catastrophic Displaying Loss of/Error in communication crash wrong fuel with fuel sensor, amount Error in display HZ5 Loss of/Error in radio, Communication Negligible Displaying Loss of/Error in communication error wrong radio with radio, frequency Error in display 8/22

  9. Case Study – Safety Requirements for Hazard HZ1 ID Definition SR1 Altitude data shall be received from two independent altimeter devices. SR2 If one of the altitude data cannot be received, the altitude data received from only one of the altimeter device shall be displayed and a warning shall be generated. SR3 If both of the altitude data cannot be received, the altitude data shall not be displayed and a warning shall be generated. SR4 If the difference between two altitude values received from two altimeter devices is more than a given threshold, the altitude data shall not be displayed and a warning shall be generated. SR5 Altitude data shall be displayed on two independent display devices. 9/22

  10. Component & Connector View Existing general purpose views do not directly address the safety p concerns. For example, the information about whether a component is safety-critical is not explicit. The goal of providing safety concerns in views is two-fold: p Communicating the design decisions related with safety concerns 1. through views Accomplishing safety analysis of the architecture from views 2. 10/22

  11. Meta-model for Software Safety 11/22

  12. Hazard Viewpoint 12/22

  13. Case Study – Faults related with the hazard HZ1 Fault Description Fault Description [F1] Loss of altimeter device 1 [F9] Error in display device 1 [F2] Loss of communication with altimeter device 1 [F10] Error in display device 2 [F3] Loss of altimeter device 2 [F11] Altimeter1Mgr fails [F4] Loss of communication with altimeter device 2 [F12] Altimeter2Mgr fails [F5] Error in altimeter device 1 [F13] NavigationMgr fails [F6] Error in communication with altimeter device 1 [F14] Graphics1Mgr fails [F7] Error in altimeter device 2 [F15] Graphics2Mgr fails [F8] Error in communication with altimeter device 2 13/22

  14. Case Study – Hazard View 14/22

  15. Safety Tactics Viewpoint 15/22

  16. Case Study – Safety Tactics View 16/22

  17. Safety-Critical Viewpoint 17/22

  18. Case Study – Safety-Critical View (1 st Alternative) 18/22

  19. Case Study – Safety-Critical View (2 nd Alternative) 19/22

  20. Conclusion p Designing a safety-critical system requires to show design decisions related to safety concerns explicitly at the architectural level. p Existing viewpoint approaches tend to be general purpose. p For this purpose, we have introduced the architecture framework for software safety to address the safety concerns explicitly. 20/22

  21. Conclusion & Future Work p Using the viewpoints we could: n Analyze the architecture in the early phases of the development life cycle, n Analyze the design alternatives, n Increase the communication between safety engineers and software developers, n Communicate the design decisions related with safety p Future work: n Define metrics and develop tools to analyze several design alternatives for safety-critical systems based on the proposed viewpoints. 21/22

  22. Questions? Thank you. 22/22

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Software Architecture Software architecture The design process for identifying the sub-

Software Architecture Software architecture The design process for identifying the sub-

Software Architecture Software architecture The design process for identifying the sub- systems making up a system and the framework for sub-system control and communication is architectural design The output of this design process is

898 views • 56 slides
SE2: Introduction to Software Architecture Mei Nagappan What is Architecture? Encyclopedia

SE2: Introduction to Software Architecture Mei Nagappan What is Architecture? Encyclopedia

Material and some slide content from: - Emerson Murphy-Hill - Reid Holmes - Mehdi Mirakhorli - Software Architecture: Foundations, Theory, and Practice - Essential Software Architecture SE2: Introduction to Software Architecture Mei Nagappan

341 views • 31 slides
A Software Architecture Framework for Quality-Aware DevOps D. A. Tamburri , E. Di Nitto, M.

A Software Architecture Framework for Quality-Aware DevOps D. A. Tamburri , E. Di Nitto, M.

A Software Architecture Framework for Quality-Aware DevOps D. A. Tamburri , E. Di Nitto, M. Guerriero, P. Jamshidi, I. Spais DICE Horizon 2020 Research & Innovation Action Grant Agreement no. 644869 Funded by the Horizon 2020 Framework

507 views • 27 slides
Labor-Saving Architecture: An Object-Oriented Framework for Network Software William R. Otte

Labor-Saving Architecture: An Object-Oriented Framework for Network Software William R. Otte

Labor-Saving Architecture: An Object-Oriented Framework for Network Software William R. Otte and Douglas C. Schmidt Modern Software is Complex 1990 1995 2000 2005 What Andy gives, Bill takes away. Programming Paradigms Concurrent

403 views • 37 slides
HelenOS USB USB USB for HelenOS Software project Architecture USB framework (supervisor M.

HelenOS USB USB USB for HelenOS Software project Architecture USB framework (supervisor M.

HelenOS USB USB team Introduction HelenOS USB USB USB for HelenOS Software project Architecture USB framework (supervisor M. D eck y) Drivers Demonstration Summary . Slov M. Dek anek, V. Hork y, M. Klonfar, L ak, J.

654 views • 17 slides
Safety Architecture Overview Framework for the prediction, explanation and control of risks of

Safety Architecture Overview Framework for the prediction, explanation and control of risks of

Safety Architecture Overview Framework for the prediction, explanation and control of risks of ERTMS Katja Schuitemaker, G. Maarten Bonnema, Marco Kuijsten, Heidi van Spaandonk and Mohammad Rajabali Nejad 19/12/2018 Katja Schuitemaker 2012

385 views • 15 slides
Safety Management System Next step to safety The ICAO SMS framework toolkit Including Quality

Safety Management System Next step to safety The ICAO SMS framework toolkit Including Quality

Safety Management System Next step to safety The ICAO SMS framework toolkit Including Quality System The SMS solution for value creation Designed per the specifications of the ICAO SMS framework Client / server architecture entirely Delivered

110 views • 10 slides
Software-Defined Networking Architecture Framework for Multi-Tenant Enterprise Cloud Environments

Software-Defined Networking Architecture Framework for Multi-Tenant Enterprise Cloud Environments

Introduction Solutions Evaluation Summary Software-Defined Networking Architecture Framework for Multi-Tenant Enterprise Cloud Environments Aryan TaheriMonfared Department of Electrical Engineering and Computer Science University of

1.51k views • 92 slides
Software Architecture Jay Urbain, Ph.D. urbain@msoe.edu 1 Software Architecture (SA) 1. SA: How

Software Architecture Jay Urbain, Ph.D. urbain@msoe.edu 1 Software Architecture (SA) 1. SA: How

Software Architecture Jay Urbain, Ph.D. urbain@msoe.edu 1 Software Architecture (SA) 1. SA: How a software system is structured. Consists of software components , their external properties , and their relationships with one another. 2. Also

263 views • 24 slides
Failure Modelling in Software Architecture Design for Safety Weihang Wu Tim Kelly Presented by

Failure Modelling in Software Architecture Design for Safety Weihang Wu Tim Kelly Presented by

Failure Modelling in Software Architecture Design for Safety Weihang Wu Tim Kelly Presented by George Despotou High Integrity Systems Engineering Group Department of Computer Science Failure Modelling - 1 WADS ICSE05 Outline

156 views • 12 slides
SATIRE: A Software Introduction to SATIRE Architecture for Smart Software Architecture

SATIRE: A Software Introduction to SATIRE Architecture for Smart Software Architecture

Presentation Outline SATIRE: A Software Introduction to SATIRE Architecture for Smart Software Architecture Implementation AtTIRE Design Challenges Critique & Comparison Authors: Raghu Ganti, Praveen Jayachandran, Tarek

76 views • 3 slides
From Requirements to Architecture Ana Moreira Software Architecture - Basics 1 Goals

From Requirements to Architecture Ana Moreira Software Architecture - Basics 1 Goals

From Requirements to Architecture Ana Moreira Software Architecture - Basics 1 Goals Understanding the importance of software architecture what is software architecture Discussing emerging issues in the transition from requirements to

521 views • 24 slides
A lthough architecture has be- Five core concepts and relationships metaphor for the design of

A lthough architecture has be- Five core concepts and relationships metaphor for the design of

S T A N D A R D S Software product lines, and product families in which software plays a substantial role in development, operation, or evolution. Architecture: WHAT IS AN ARCHITECTURE? Although defining architecture in the context of

314 views • 3 slides
SOFTWARE ARCHITECTURE SOFTWARE ARCHITECTURE OF AI-ENABLED SYSTEMS OF AI-ENABLED SYSTEMS

SOFTWARE ARCHITECTURE SOFTWARE ARCHITECTURE OF AI-ENABLED SYSTEMS OF AI-ENABLED SYSTEMS

SOFTWARE ARCHITECTURE SOFTWARE ARCHITECTURE OF AI-ENABLED SYSTEMS OF AI-ENABLED SYSTEMS Christian Kaestner Required reading: Hulten, Geoff. " Building Intelligent Systems: A Guide to Machine Learning Engineering. " Apress, 2018,

924 views • 79 slides
SOFTWARE ARCHITECTURE SOFTWARE ARCHITECTURE OF AI-ENABLED SYSTEMS OF AI-ENABLED SYSTEMS

SOFTWARE ARCHITECTURE SOFTWARE ARCHITECTURE OF AI-ENABLED SYSTEMS OF AI-ENABLED SYSTEMS

SOFTWARE ARCHITECTURE SOFTWARE ARCHITECTURE OF AI-ENABLED SYSTEMS OF AI-ENABLED SYSTEMS Christian Kaestner Required reading: Hulten, Geoff. " Building Intelligent Systems: A Guide to Machine Learning Engineering. " Apress, 2018,

1.51k views • 88 slides
Analyzing Architectures Introduction to Software Architecture Jay Urbain, PhD Credits: Software

Analyzing Architectures Introduction to Software Architecture Jay Urbain, PhD Credits: Software

Analyzing Architectures Introduction to Software Architecture Jay Urbain, PhD Credits: Software Architecture in Practice, 2 nd . Ed., Len Bass, Paul Clements, Rick Kazman 1 ATAM Architecture Tradeoff Analysis Method A thorough and

512 views • 32 slides
Trust-Related Activities: Internet Certification Authorities Revocation and SSL

Trust-Related Activities: Internet Certification Authorities Revocation and SSL

83 - Paris Trust-Related Activities: Internet Certification Authorities Revocation and SSL Replacements/Enhancements Massimiliano Pala <pala@nyu.edu> Scott Rea <Scott@DigCert.com> CRISSP NYU Poly DigiCert OpenCA Labs

403 views • 18 slides
functional thinking applying the philosophy of functional programming to system design &

functional thinking applying the philosophy of functional programming to system design &

functional thinking applying the philosophy of functional programming to system design & architecture Jed Wesley-Smith @jedws please, ask questions functional programming has many bene fj ts: better program reasonability, composition,

787 views • 67 slides
Market changes and digitalisation as path to true sustainability SMART - Sustainable Market

Market changes and digitalisation as path to true sustainability SMART - Sustainable Market

Market changes and digitalisation as path to true sustainability SMART - Sustainable Market Actors For Responsible Trade Jukka M h nen University of Oslo Time and Sustainability: What are we missing and what do we need to do?

603 views • 42 slides
Three Steps Forward Two Steps Back Innovation and implementation of e-assessment in high stakes

Three Steps Forward Two Steps Back Innovation and implementation of e-assessment in high stakes

Three Steps Forward Two Steps Back Innovation and implementation of e-assessment in high stakes mathematics tests for 14-19 year olds The Future Turn of the century high expectations of a technological revolution in high stakes assessment:

878 views • 44 slides
Lecture6.1: Whatwewillnot betalkingabout Optimization and Computational Linear Algebra for Data

Lecture6.1: Whatwewillnot betalkingabout Optimization and Computational Linear Algebra for Data

Lecture6.1: Whatwewillnot betalkingabout Optimization and Computational Linear Algebra for Data Science Lo Miolane Warning / Home works 1 exams . 1/6 The determinant There exists a function det : R n n R called the determinant

262 views • 7 slides
The FCCs Wireless Infrastructure Notice of Proposed Rulemaking Process and Procedure Tribal

The FCCs Wireless Infrastructure Notice of Proposed Rulemaking Process and Procedure Tribal

The FCCs Wireless Infrastructure Notice of Proposed Rulemaking Process and Procedure Tribal Participation and Consultation Jeffrey Steinberg, Deputy Chief Competition and Infrastructure Policy Division Wireless Telecommunications Bureau

317 views • 10 slides
SGIP Energy Storage Rebate Opportunities on Tribal Lands in California JUNE 2020 1 Agenda

SGIP Energy Storage Rebate Opportunities on Tribal Lands in California JUNE 2020 1 Agenda

SGIP Energy Storage Rebate Opportunities on Tribal Lands in California JUNE 2020 1 Agenda Introductions Overview and Benefits of Energy Storage Systems for Buildings CPUC SGIP Battery Rebate Program Overview Recent SGIP Battery

683 views • 20 slides
Streamlet: A Textbook Blockchain Protocol Elaine Shi Joint work with Benjamin Chan Blockchain

Streamlet: A Textbook Blockchain Protocol Elaine Shi Joint work with Benjamin Chan Blockchain

Streamlet: A Textbook Blockchain Protocol Elaine Shi Joint work with Benjamin Chan Blockchain (a.k.a. state machine replication, consensus) Blockchain (a.k.a. state machine replication, consensus) Consistency: Honest nodes agree on log

513 views • 15 slides

More recommend