On the Exploration of Model-Based Support for DO-178C-COMPLIANT - - PowerPoint PPT Presentation

on the exploration of model based support for
SMART_READER_LITE
LIVE PREVIEW

On the Exploration of Model-Based Support for DO-178C-COMPLIANT - - PowerPoint PPT Presentation

Mar 13, 2024 172 likes •523 views

On the Exploration of Model-Based Support for DO-178C-COMPLIANT AIRBORNE SOFTWARE D E V E L O P M E N T A N D C E R T I F I C A T I O N Andres Paz and Ghizlane El Boussaidi cole de Technologie Suprieure Universit du Qubec

slide-1
SLIDE 1

WoSoCer2016

On the Exploration of Model-Based Support for

DO-178C-COMPLIANT AIRBORNE SOFTWARE D E V E L O P M E N T A N D C E R T I F I C A T I O N Andres Paz and Ghizlane El Boussaidi

École de Technologie Supérieure – Université du Québec

WoSoCer2016

The 6th IEEE International Workshop on Software Certification

slide-2
SLIDE 2

WoSoCer2016

2

Outline

  • Research context
  • Related work
  • Research objective
  • Proposal and results
  • Conclusions and future work
slide-3
SLIDE 3

WoSoCer2016

3

DO-178C

  • Most recent version of the Software Considerations

in Airborne Systems and Equipment Certification

  • Set of required practices to produce software that is

validated and verified for its airworthiness.

  • Certification is evidence-based → data items
  • e.g., plans, standards, software requirements data, design

descriptions, verification cases and trace data.

slide-4
SLIDE 4

WoSoCer2016

4

New in DO-178C

  • DO-178C now includes particular practices for

contemporary technologies and techniques.

  • Model-based development and verification
  • Object oriented technologies and related techniques
  • Formal methods
slide-5
SLIDE 5

WoSoCer2016

5

New in DO-178C

  • DO-178C now includes particular practices for

contemporary technologies and techniques.

  • Model-based development and verification
  • Object oriented technologies and related techniques
  • Formal methods

What is the level of support for DO-178C-compliant software development and certification provided by existing model-based approaches?

slide-6
SLIDE 6

WoSoCer2016

6

Outline

  • Research context
  • Related work
  • Research objective
  • Proposal and results
  • Conclusions and future work
slide-7
SLIDE 7

WoSoCer2016

7

Some Existing Literature Reviews

Study Objective Pros Cons Huhn et al., 2007 Review UML profiles for supporting software safety design and assurance. Takes into account norms and standards on software development for safety-critical systems. Only UML-based approaches. Zoughbi et al., 2011 Review UML-based solutions to support modeling under DO-178B. Information requirements specification with 54 information modeling requirements extracted from DO-178B. Only UML-based approaches. Focus on DO-178B. Focus only on requirements and design. Nair et al., 2014 Review approaches for provision of evidence for safety certification. Taxonomy of evidence of compliance with safety standards. Identified techniques used for structuring evidence. Some evidences missing in the taxonomy (e.g., software standards, trace data). Model-based support only for structuring evidence. De la Vara et al., 2016 Review (briefly) model-based approaches for the specification of safety-critical systems aimed at safety compliance. Classification based on modeling streams. Brief and only classifying approaches as regulation modeling, standard-specific modeling, standard-independent modeling. Biggs et al., 2016 Review existing approaches for modeling system safety properties. Classification based on purpose. Review support for modeling safety hazards. Model-based support only for modeling hazards.

slide-8
SLIDE 8

WoSoCer2016

8

Outline

  • Research context
  • Related work
  • Research objective
  • Proposal and results
  • Conclusions and future work
slide-9
SLIDE 9

WoSoCer2016

9

Research Objective

  • Assess the support of model-based approaches for the

production and certification aspects of software for airborne systems in compliance with DO-178C.

  • Provide a comprehensive tool that allows the assessment of

compliance with DO-178C.

  • Compile a knowledge base of existing model-based

approaches.

slide-10
SLIDE 10

WoSoCer2016

10

Outline

  • Research context
  • Related work
  • Research objective
  • Proposal and results
  • Conclusions and future work
slide-11
SLIDE 11

WoSoCer2016

11

Characterization Framework

Legend: Feature Or-relationship Alternative Mandatory Optional

Usage Philosophy DO-178C Coverage Information Handling Model-Based Approach for the Production and Certification

  • f Airborne Software in compliance with DO-178C

Development Planning Verification

slide-12
SLIDE 12

WoSoCer2016

Reviewed Model-Based Approaches

  • Architectural design and analysis:
  • AADL, 2006; Wu et al., 2015; OMEGA-RT, 2006; MARTE, 2011.
  • Testing:
  • Stallbaum et al., 2010; RT-Tester, 2013.
  • System specification:
  • RDAL, 2011; Zoughbi et al., 2011; Nejati et al., 2012; Biggs et al., 2016.
  • Meta-approaches:
  • Panesar-Walawege et al., 2013; de la Vara et al., 2016.

12

slide-13
SLIDE 13

WoSoCer2016

Analysis of Model-Based Approaches

13

  • Planning

Legend:

⊕ Provides

support Provides reduced support

Enables provisioning support

Data items Software life cycle

slide-14
SLIDE 14

WoSoCer2016

Analysis of Model-Based Approaches

14

  • Planning

Legend:

⊕ Provides

support Provides reduced support

Enables provisioning support

Data items Software life cycle

ReferenceActivity ReferenceArtifact subactivities * successor * predecessor * producer

  • utputArtifact

inputArtifact user * * * *

Fragment of de la Vara et al.’s metamodel

slide-15
SLIDE 15

WoSoCer2016

Analysis of Model-Based Approaches

15

  • Requirements

Software functional requirements

Legend: ⊕ Provides support Provides reduced support

Enables provisioning support

Derived requirements HLR-LLR LLR-Source Code

slide-16
SLIDE 16

WoSoCer2016

Analysis of Model-Based Approaches

16

  • Requirements

Software functional requirements

Legend: ⊕ Provides support Provides reduced support

Enables provisioning support

Derived requirements HLR-LLR LLR-Source Code

Requirement Partition isRequirementOf * references 1..* references * Rationale Deviation 1..* references

Fragment of Zoughbi et al.’s UML profile

RequirementsGroup derivedFrom 1..* requirements 0..* Specification requirementGroups Requirement

Fragment of RDAL

slide-17
SLIDE 17

WoSoCer2016

Analysis of Model-Based Approaches

17

  • Requirements

Safety monitoring Timing Failure detection Quality attributes

Legend: ⊕ Provides support Provides reduced support

Enables provisioning support

slide-18
SLIDE 18

WoSoCer2016

Analysis of Model-Based Approaches

18

  • Requirements

Safety monitoring Timing Failure detection Quality attributes

Legend: ⊕ Provides support Provides reduced support

Enables provisioning support

reqDetection 1..* deriveReqt ContextDetector Requirement detect HarmContext 0..*

Fragment of Biggs et al.’s SysML profile

slide-19
SLIDE 19

WoSoCer2016

Analysis of Model-Based Approaches

  • Requirements

19

Modes of operation

Legend: ⊕ Provides support Provides reduced support

Enables provisioning support

Precision and accuracy criteria Deviations Interfaces

slide-20
SLIDE 20

WoSoCer2016

Analysis of Model-Based Approaches

20

  • Software architecture

Legend:

⊕ Provides

support Provides reduced support

Enables provisioning support

Software structure Data flow

slide-21
SLIDE 21

WoSoCer2016

Analysis of Model-Based Approaches

21

  • Software architecture

Legend:

⊕ Provides

support Provides reduced support

Enables provisioning support

Software structure Data flow

SafetyComponent * Component SafetyPort SafetyChannel SafetyInterface * safetyChannel port 1..* supplier * client 1..* interface

Fragment of Wu et al.’s UML profile

slide-22
SLIDE 22

WoSoCer2016

Analysis of Model-Based Approaches

22

  • Software architecture

Legend:

⊕ Provides

support Provides reduced support

Enables provisioning support

Resource limitations Control flow Partitioning

slide-23
SLIDE 23

WoSoCer2016

Analysis of Model-Based Approaches

23

  • Software architecture

Legend:

⊕ Provides

support Provides reduced support

Enables provisioning support

Resource limitations Control flow Partitioning

thread data_processing features raw_speed_in : in data port; speed_out : out data port; properties Period => 20 ms; end data_processing; data_processing 20 ms

Fragment of an AADL example

slide-24
SLIDE 24

WoSoCer2016

Analysis of Model-Based Approaches

  • Verification

24

Legend:

⊕ Provides

support Provides reduced support

Enables provisioning support

Test cases

slide-25
SLIDE 25

WoSoCer2016

Analysis of Model-Based Approaches

  • Verification

25

Legend:

⊕ Provides

support Provides reduced support

Enables provisioning support

Obtained Expected Verification results

slide-26
SLIDE 26

WoSoCer2016

Analysis of Model-Based Approaches

26

  • Verification

Legend:

⊕ Provides

support Provides reduced support

Enables provisioning support

Traceability Analyses Coverage

slide-27
SLIDE 27

WoSoCer2016

Analysis of Model-Based Approaches

27

  • Verification

Legend:

⊕ Provides

support Provides reduced support

Enables provisioning support

Traceability Analyses Coverage

TestModelElement 0..* SoftwareComponent SourceCodeStructure Requirement SafetyRationale Interface 0..* reference satisfaction 0..* isRequirementOf 0..* verification 0..* coverage

Fragment of Stallbaum et al.’s UML profile

slide-28
SLIDE 28

WoSoCer2016

Analysis of Model-Based Approaches

  • Verification

28

Legend:

⊕ Provides

support Provides reduced support

Enables provisioning support

Reqmts.-Test cases (TC) / TC-Test procedures (TP) / TP-Test results Traces

slide-29
SLIDE 29

WoSoCer2016

Summary of Results

  • Philosophy dimension:
  • High attention to specification of requirements, architecture and tests.
  • Various approaches integrate analysis capabilities for architecture.
  • DO-178C coverage dimension:
  • Planning: Only de la Vara et al.’s approach offer some coverage.
  • Development: Most approaches focus on functional requirements,

data flow and software structure.

  • Verification: Coverage and traceability analyses are not well

supported.

29

The detailed analysis may be found at https://goo.gl/0zvGBS

slide-30
SLIDE 30

WoSoCer2016

Summary of Results

  • Information handling dimension:
  • Predominance of graphical notations for creating structural views.
  • Most of the approaches are semi-formal.
  • Generally, no inclusion or highlight of elements for traceability.
  • Usage dimension:
  • Validations in academic and industrial contexts through case studies.
  • Poor documentation to assist in deployment and use.

30

The detailed analysis may be found at https://goo.gl/0zvGBS

slide-31
SLIDE 31

WoSoCer2016

Outline

  • Research context
  • Related work
  • Research objective
  • Proposal and results
  • Conclusions and future work

31

slide-32
SLIDE 32

WoSoCer2016

32

Conclusions

  • Lack of support for various DO-178C data items.
  • Low support for traceability.
  • Crucial for DO-178C certification and to enable integration of approaches.
  • Lack of integrated solutions covering the entire (or most
  • f the) life cycle of airborne software development.
  • No information of an approach’s impact during a

certification.

slide-33
SLIDE 33

WoSoCer2016

33

Future Work

  • Extension and refinement of our characterization

framework.

  • Include criteria from DO-178C supplement DO-331

Model-Based Development and Verification

  • Ensure criteria are mutually exclusive and collectively

exhaustive.

  • Review more model-based approaches.
slide-34
SLIDE 34

WoSoCer2016

34

Thank you

Questions?

Ghizlane El Boussaidi

ghizlane.elboussaidi@etsmtl.ca

Andres Paz

andres.paz-loboguerrero.1@etsmtl.net