Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Software Development for Safety Critical Systems
1. Budapest University of Technology and Economics
Department of Measurement and Information Systems
Software Development for
Safety Critical Systems
Ákos Horváth
Dept. of Measurement and Information Systems
Fault Tolerant Systems Research Group
FRENCH-HUNGARIAN WORKSHOP ON OUTER-SPACE
3. Specialities of safety critical systems
Safety-critical systems
o Informal definition: Malfunction may cause injury of people
Special solutions to achieve safe operation
o Design: Requirements, architecture, tools, …
o Verification, validation, and independent assessment
o Certification (by safety authorities)
Basis of certification: Standards
o IEC 61508: Generic standard (for electrical, electronic or
programmable electronic systems)
o DO178B/C: Software in airborne systems and equipment
o EN50129: Railway (control systems)
o EN50128: Railway (software)
o ISO26262: Automotive
o Other sector-specific standards: Medical, process control, etc.
3
4. History of avionics SW complexity
4
0
50
100
150
200
250
300
350
400
MIPS LOC Mbyte/10 Digital links
A-310 (1983)
A-320 (1988)
A-340 (1993)
Exponential
Growth
Both A380 and B 787 have
100’s of millions LOC
Ref: Subra de
Salafa and
Paquier
5. ARP-4754
Aeronautical Certification Bodies and Standards
5
ICAO
EASA
EASA
EASANational
Aviation
Authority
EASA CS-25
ARP-4754
define
supervise
supervise
EASA
EASAStandardization
Body
harmonize with
regulations
adopt
accepted
mean
define
6. ARP-4754
Aeronautical Certification Bodies and Standards
6
ICAO
EASA
EASA
EASANational
Aviation
Authority
EASA CS-25
ARP-4754
define
supervise
supervise
EASA
EASAStandardization
Body
harmonize with
regulations
adopt
accepted
mean
define
International Civil Aviation
Organization (1944)
European
Aviation Safety
Agency (2006)
7. ARP-4754
Aeronautical Certification Bodies and Standards
7
ICAO
EASA
EASA
EASANational
Aviation
Authorities
EASA CS-25
ARP-4754
define
supervise
supervise
EASA
EASAStandardization
Body
sarmonize with
regulations
adopt
accepted
mean
define
EASA CS 25.1309:
The airplane systems and associated
components, considered separately and
in relation to other systems, must be
designed so that-
1. Any catastrophic failure condition
a) is extremely improbable; and
b) does not result from a single failure;
and
2. Any hazardous failure condition is
extremely remote; and
3. Any major failure condition is remote.
9. Aeronautical System Certification
9
Methodologies for safety assessment
processes are guidelines
E.g., fault tree analysis, common cause
analysis
Certififcation aspects of complex aircraft
system cannot be shown by test only.
Design Assurance Level (DAL)
10. Aeronautical System Certification
10
Methodologies for safety assessment
processes are guidelines
E.g., fault tree analysis, common cause
analysis
Certififcation aspects of complex aircraft
system cannot be shown by test only.
Design Assurance Level (DAL)
11. Aeronautical System Certification
11
Provide guidelines for production of
software for airborne systems.
Objectives, activities and evidences
Certififcation aspects of hardware elements
from concept to airworthy equipment
development
13. Future and Related Fields
Automotive industry
o Drive-by-wire
o Automated parking/driving
o No strict authorities for SW
certification
• EU pushing for standards
• Safety related issues
UAV
o In the same civil airspace
o Needs to take into consideration
the environment
o Equipment can fail
13
Space and Satellite
o Uses avionics concepts
o Similar certification processes
by ESA
o How advanced concepts will
appear?
Avionics
o Modern development methods
(DO-178C annexes, 2013)
o MDE, OO languages, formal
methods, tool certification
o Flightpath 2050
o Passengers/year
from 2.5bn to 16bn
o 31000 new aircrafts
Editor's Notes
ICAO - International Civil Aviation Organization (1944 Chicago agreement)
FAA Federal Aviation Administration or EASA European Aviation Safety Agency (2006) –> works as a mointoring and codification organization, conrete implementation by national Aviation Authorities
3 main points
Formal recognition and legal statement
Certification process, documented assurance
Three questions: Does the system meet regulations? Is the system fit for flight? Is the system safe for flight?
Certification requirements derived from legal duties and regulations EASA CS-25 (airplanes) –> ARP 4754 DO-178B
In compliance with certiVcation and safety regulations there are several organizations that develop standards for authorities, which may adopt those as acceptable means of compli-ance with their rules and regulations.
RTCA -> DO standards, SAE –> ARP standards, ARINC
ICAO - International Civil Aviation Organization (1944 Chicago agreement)
FAA Federal Aviation Administration or EASA European Aviation Safety Agency (2006) –> works as a mointoring and codification organization, conrete implementation by national Aviation Authorities
EASA European Aviation Safety Agency (2006) –> works as a mointoring and codification organization, conrete implementation by national Aviation Authorities
3 main points
Formal recognition and legal statement
Certification process, documented assurance
Three questions: Does the system meet regulations? Is the system fit for flight? Is the system safe for flight?
Certification requirements derived from legal duties and regulations EASA CS-25 (airplanes) –> ARP 4754 DO-178B
In compliance with certification and safety regulations there are several organizations that develop standards for authorities, which may adopt those as acceptable means of compliance with their rules and regulations.
RTCA -> DO standards, SAE –> ARP standards, ARINC
ARP-4761 [SAEd] provides general guidance in evaluating the safety aspects of a design. For this
purpose, it describes guidelines and methods of performing the safety assessment for certiVcation
of civil aircraft. This standard is a collection of all safety analysis methods that can be used as
part of the functions, systems and equipment assessment for safety. The intent of this document is
to identify typical activities, methods, and documentation that may be used in the performance of
safety assessments for civil aircraft and their associated systems and equipment
ARP 4754 discusses the certiVcation aspects ofhighly-integrated– refers to systems that per-form or contribute to multiple aircraft-level functions – andcomplex– refers to systems whose safety
cannot be shown solely by test and whose logic is diXcult to comprehend without the aid of analytical
tools
ARP-4761 [SAEd] provides general guidance in evaluating the safety aspects of a design. For this
purpose, it describes guidelines and methods of performing the safety assessment for certification
of civil aircraft. This standard is a collection of all safety analysis methods that can be used as
part of the functions, systems and equipment assessment for safety. The intent of this document is
to identify typical activities, methods, and documentation that may be used in the performance of
safety assessments for civil aircraft and their associated systems and equipment
ARP 4754 discusses the certification aspects of highly-integrated– refers to systems that per-form or contribute to multiple aircraft-level functions – and complex– refers to systems whose safety
cannot be shown solely by test and whose logic is difficult to comprehend without the aid of analytical
tools
66 Objectives for Level A
65 Objectives for Level B only one difference MC/DC code coverage
Flightpath 2050’ 16bn report
31000 new aircraft will be neede in the upcoming 20-25 yeards.
Capacity -> Airbus + Boeing 3000 and booked for 9 years!
Responsability will beon you -> push a button.