Failures of safety-critical electronic systems can result in loss of life, substantial financial damage or severe harm to the environment.
Safe computer systems are typically used in avionics or railway applications requiring particularly high reliability. This also goes for the medical market, while industrial automation environments demand more and more functional safety as technology becomes readily available.
A secure system is one where the features are relatively inaccessible to unauthorized users, therefore the system is protected.
A safe system needs to be secure, whereas, a secure system may not need to be safe depending on the application.
5 Application Examples Using Wireless Communication in Harsh IoT EnvironmentsMEN Mikro Elektronik GmbH
IoT systems for data-intensive computing in harsh industrial applications carry with them a range of reliability and security issues for the network components. Secure data transmission and the wireless transport of data is a precondition for any device to communicate within the mobile Internet of Things.
Discover 5 Interesting Application Examples Using Wireless Communication in Harsh IoT Environments, and the standard components used.
5 Techniques to Achieve Functional Safety for Embedded SystemsAngela Hauber
Failures of safety-critical electronic systems can result in loss of life, substantial financial damage or severe harm to the environment.
Safe computer systems are typically used in avionics or railway applications requiring particularly high reliability. This also goes for the medical market, while industrial automation environments demand more and more functional safety as technology becomes readily available.
Topics covered in this presentation:
What is an Embedded system ?
What are MISRA C rules ?
MISRA C conformance and deviations
Tools for MISRA C conformance
Embedded Security Rules
An embedded system is a computer system with a dedicated function within a larger mechanical or electrical system, often with real-time computing constraints. It is embedded as part of a complete device often including hardware and mechanical parts. Embedded systems control many devices in common use today. Ninety-eight percent of all microprocessors are manufactured as components of embedded systems.
Introduction
Embedded Operating Systems
Applications of Embedded Systems
Characteristics of Embedded Systems
Architecture of Real Embedded Systems
Embedded Operating System
Real Time Operating Systems (RTOS)
A secure system is one where the features are relatively inaccessible to unauthorized users, therefore the system is protected.
A safe system needs to be secure, whereas, a secure system may not need to be safe depending on the application.
5 Application Examples Using Wireless Communication in Harsh IoT EnvironmentsMEN Mikro Elektronik GmbH
IoT systems for data-intensive computing in harsh industrial applications carry with them a range of reliability and security issues for the network components. Secure data transmission and the wireless transport of data is a precondition for any device to communicate within the mobile Internet of Things.
Discover 5 Interesting Application Examples Using Wireless Communication in Harsh IoT Environments, and the standard components used.
5 Techniques to Achieve Functional Safety for Embedded SystemsAngela Hauber
Failures of safety-critical electronic systems can result in loss of life, substantial financial damage or severe harm to the environment.
Safe computer systems are typically used in avionics or railway applications requiring particularly high reliability. This also goes for the medical market, while industrial automation environments demand more and more functional safety as technology becomes readily available.
Topics covered in this presentation:
What is an Embedded system ?
What are MISRA C rules ?
MISRA C conformance and deviations
Tools for MISRA C conformance
Embedded Security Rules
An embedded system is a computer system with a dedicated function within a larger mechanical or electrical system, often with real-time computing constraints. It is embedded as part of a complete device often including hardware and mechanical parts. Embedded systems control many devices in common use today. Ninety-eight percent of all microprocessors are manufactured as components of embedded systems.
Introduction
Embedded Operating Systems
Applications of Embedded Systems
Characteristics of Embedded Systems
Architecture of Real Embedded Systems
Embedded Operating System
Real Time Operating Systems (RTOS)
For Students & whose Interested In Embedded Systems & Embedded Technology Starting Topics of "What is embedded System and its Applications And Embedded Systems Introduction & Differentness Types of Embedded Operating Systems.
Embedded system, basic structure, characteristics, advantages, disadvantages of Embedded system, open source Embedded platforms and its benefits, sensors, actuators, DAS.
This presentation is about -
embedded system programming,
What are device drivers?,
Types of device driver,
Recognizing device drivers,
Character Device Drivers,
Features of kernel programming,
In this talk I explore the concepts of Failsafe Design and an example of implementing failsafe at the firmware/hardware interface, using LTSpice as a system tool to model and verify the failsafe approach. This has been applied to real systems that really exhibit the modeled failsafe behavior.
System Security Plans are part of the required documentation for certification and accreditation package. Documenting your SSP can be a daunting task, so how can you make it easy? This overview session covers; who is responsible for the SSP, plan contents, overview of implementation detail for selected controls, flexibility of the SSP, plan maintenance issues, and what a SSP is not
@Station is an Integrated Control and Protection designed for the operation of transmission and distribution substations. The system incorporates the latest technology in the field of substation automation to provide its users with innovative solutions to their requirements.
FAULT DETECTION AND DIAGNOSIS OF INDUCTION MACHINE WITH ON-LINE PARAMETER PR...Sheikh R Manihar Ahmed
Today all instrumentation system pertaining to industrial process controls as well as domestic application involve automatic fault finding facility. This facility detects the faulty condition of the system and draws operator’s attention towards it enabling him to take suitable remedial action to ensure proper operation of the system. The main purpose of all FDI method is to monitor the system operations and in case of faults accommodate the source of faults so that timely corrective actions are taken. Fault detection simply involves a decision based on the monitored data as to whether there is a fault or the system is running normally. Fault isolation is then executed to identify the type and location of a fault after the fault detection has triggered an alarm so that corrective actions can be made. These two steps are known as Fault Detection and Isolation. Fault diagnosis is referred to as the combination of fault detection, identification and isolation. One such method of annunciation in which activation of visual or mechanical variable takes place when a removed switch or device has been activated as a result of fault in certain system, an audio alarm may also be associated with annunciations. This FDI system is defined and the existing technique to detect & isolate the fault with on-line parameter programming facility. The main advantage of the proposed approach of Control System based fault detection and isolation is its low cost. Low cost in terms of components used makes affordable in terms of easy handling and maintenance and various sensors can be used to give different types of input signals to circuit. An additional advantage is that the real time system still works when the host crashes, the matter that increases the reliability of the system & Data-logging facility can also be provided. A data-logger captures any measurement values which can be represented by a voltage. Nowadays, sensors and transducers are available for, practically, any physical quantity. The function of data-logger is to capture and store a specified number of specified number of sensor measurement values at predefined intervals and transfer the data including date and time to a PC in the form of file.
For Students & whose Interested In Embedded Systems & Embedded Technology Starting Topics of "What is embedded System and its Applications And Embedded Systems Introduction & Differentness Types of Embedded Operating Systems.
Embedded system, basic structure, characteristics, advantages, disadvantages of Embedded system, open source Embedded platforms and its benefits, sensors, actuators, DAS.
This presentation is about -
embedded system programming,
What are device drivers?,
Types of device driver,
Recognizing device drivers,
Character Device Drivers,
Features of kernel programming,
In this talk I explore the concepts of Failsafe Design and an example of implementing failsafe at the firmware/hardware interface, using LTSpice as a system tool to model and verify the failsafe approach. This has been applied to real systems that really exhibit the modeled failsafe behavior.
System Security Plans are part of the required documentation for certification and accreditation package. Documenting your SSP can be a daunting task, so how can you make it easy? This overview session covers; who is responsible for the SSP, plan contents, overview of implementation detail for selected controls, flexibility of the SSP, plan maintenance issues, and what a SSP is not
@Station is an Integrated Control and Protection designed for the operation of transmission and distribution substations. The system incorporates the latest technology in the field of substation automation to provide its users with innovative solutions to their requirements.
FAULT DETECTION AND DIAGNOSIS OF INDUCTION MACHINE WITH ON-LINE PARAMETER PR...Sheikh R Manihar Ahmed
Today all instrumentation system pertaining to industrial process controls as well as domestic application involve automatic fault finding facility. This facility detects the faulty condition of the system and draws operator’s attention towards it enabling him to take suitable remedial action to ensure proper operation of the system. The main purpose of all FDI method is to monitor the system operations and in case of faults accommodate the source of faults so that timely corrective actions are taken. Fault detection simply involves a decision based on the monitored data as to whether there is a fault or the system is running normally. Fault isolation is then executed to identify the type and location of a fault after the fault detection has triggered an alarm so that corrective actions can be made. These two steps are known as Fault Detection and Isolation. Fault diagnosis is referred to as the combination of fault detection, identification and isolation. One such method of annunciation in which activation of visual or mechanical variable takes place when a removed switch or device has been activated as a result of fault in certain system, an audio alarm may also be associated with annunciations. This FDI system is defined and the existing technique to detect & isolate the fault with on-line parameter programming facility. The main advantage of the proposed approach of Control System based fault detection and isolation is its low cost. Low cost in terms of components used makes affordable in terms of easy handling and maintenance and various sensors can be used to give different types of input signals to circuit. An additional advantage is that the real time system still works when the host crashes, the matter that increases the reliability of the system & Data-logging facility can also be provided. A data-logger captures any measurement values which can be represented by a voltage. Nowadays, sensors and transducers are available for, practically, any physical quantity. The function of data-logger is to capture and store a specified number of specified number of sensor measurement values at predefined intervals and transfer the data including date and time to a PC in the form of file.
An Efficient Approach Towards Mitigating Soft Errors Riskssipij
Smaller feature size, higher clock frequency and lower power consumption are of core concerns of today’s nano-technology, which has been resulted by continuous downscaling of CMOS technologies. The resultant‘device shrinking’ reduces the soft error tolerance of the VLSI circuits, as very little energy is needed to change their states. Safety critical systems are very sensitive to soft errors. A bit flip due to soft error can change the value of critical variable and consequently the system control flow can completely be changed which leads to system failure. To minimize soft error risks, a novel methodology is proposed to detect and recover from soft errors considering only ‘critical code blocks’ and ‘critical variables’ rather than considering all variables and/or blocks in the whole program. The proposed method shortens space and time overhead in comparison to existing dominant approaches.
Proposed Algorithm for Surveillance ApplicationsEditor IJCATR
Technological systems are vulnerable to faults. In many fault situations, the system operation has to be stopped to avoid
damage to machinery and humans. As a consequence, the detection and the handling of faults play an increasing role in modern
technology, where many highly automated components interact in a complex way such that a fault in a single component may cause
the malfunction of the whole system. This work introduces the main ideas of fault diagnosis and fault-tolerant control under the optics
of various research work done in this area. It presents the Arduino technology in both hardware and software sides. The purpose of this
paper is to propose a diagnostic algorithm based on this technology. A case study is proposed for this setting. Moreover, we explained
and discussed the result of our algorithm.
[White paper] detecting problems in industrial networks though continuous mon...TI Safe
Automation networks offer a range of real-time applications and data, making necessary the continuous monitoring of the quality of services. The parameters of QoS (Quality of Service) seek to address priorities, bandwidth allocation and network latency control. There are several QoS parameters to characterize a computer network, and that can be used for monitoring purposes.
Each SCADA network, in a healthy state, presents a specific QoS which rarely changes given the repetitive process of the IACS operations. The continuous monitoring of QoS parameters of an automation network may anticipate problems such as malware contamination and equipment failures like switches and routers. It is very important to be aware of these changes in behavior in order to receive alerts and promptly handle them, avoiding incidents that could compromise the operation of the network and be financially or environmentally costly.
In addition to the monitoring of network traffic, it is also necessary to monitor resource consumption of critical servers, such as the processing (CPU), memory, storage capacity and hard disk failures, among others.
This work aims to establish a method by which SCADA security professionals can differentiate and qualify any problems that may be occurring through continuous monitoring of the automation network performance parameters giving a more behavioral approach than current signature-based ones.
We presented a series of tests conducted in our laboratories in order to measure the performance of a simulated automation network parameters using a small SCADA network sandbox. First we measured the normal operating parameters of the network and reap its main graphics obtained with the proper tools. In a second step we practiced several attacks against the simulated automation network. During all attacks we collected the operating parameters of the network and its main graphics.
At the conclusion of the work we compared the graphs of the network in healthy state with the graphs of the network with the security incidents described above. We detailed how the network parameters were affected by each kind of incident and built a table showing the way the main parameters of an automation network were affected by the attacks
Evolution of protective systems in petro chemGlen Alleman
Electrical protective or emergency shutdown systems are utilized
throughout the petrochemical industry for safety and to avoid severe environmental and/or economic events. Requirements
fur these critical systems are that they work every time, on demand, and do not initiate nuisance events. These requirements were difficult to achieve in most early systems but the systems have improved over the years. Emergency shutdown system design has been unregulated in the U.S., but new standards will require strict guidelines for design, application, docllmentation, and software testing and control.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...IJERA Editor
A conventional traffic light control system is designed by using devices such as timers, relays and
contactors etc. The critical timing operation is required to be carried out under the existence of heavy
traffic situations. This conventional practice leads to many problems that need additional maintenance
cost and subsequent delay for a long time. With the help of a PLC, the requirement of fast automation
and effective optimization of traffic light control system can be achieved. Use of PLC helps us to
develop this process not only for traffic signal on the roads, but also on the movement of trains and
the transfer of containers in ports in maritime works. In order to provide a solution to the above
problem, this paper introduces an execution and implementation of T-junction traffic control system
using SEIMENS S7-200 PLC. Programming in PLC is written in ladder logic with the help of STEP7
MICROWIN software
Similar to 5 Techniques to Achieve Functional Safety for Embedded Systems (20)
Wherever electrical power is generated, there is also power dissipation, which heats up the components. This heat needs to be transferred away to prevent overheating. For semiconductors there is a maximum junction temperature, above which the semiconductor ceases to work. The right method to dissipate excess heat heavily depends on the mechanical and environmental conditions, as well as the field of application.
Conduction Cooling is a way of transporting the heat without needing fans, and also providing a metal frame makes the solution even more rugged!
Partout où de l'énergie électrique est générée, il y a aussi une dissipation d'énergie qui chauffe les composants. Cette chaleur doit être évacuée pour éviter la surchauffe. Pour les semi-conducteurs, il existe une température de jonction maximale au-dessus de laquelle le semi-conducteur cesse de fonctionner. La bonne méthode pour dissiper l'excès de chaleur dépend fortement des conditions mécaniques et environnementales, ainsi que du domaine d'application. Le refroidissement par conduction est un moyen de transporter la chaleur sans avoir besoin de ventilateurs, et le fait de fournir un cadre métallique rend la solution encore plus robuste !
Überall dort, wo elektrische Energie erzeugt wird, gibt es auch eine Verlustleistung, die die Komponenten erwärmt. Diese Wärme muss abgeführt werden, um eine Überhitzung zu vermeiden. Bei Halbleitern gibt es eine maximale Oberflächentemperatur, oberhalb derer der Halbleiter nicht mehr arbeitet. Die richtige Methode, überschüssige Wärme abzuführen, hängt stark von den mechanischen und Umgebungsbedingungen sowie dem Einsatzbereich ab.
Konduktionskühlung, also Conduction Cooling, ist eine Möglichkeit, die Wärme lüfterlos zu transportieren, wobei der dazu verwendete Metallrahmen die Lösung noch robuster macht.
5 Fakten über den F75P: Embedded Computer für sicherheitskritische AnwendungenMEN Mikro Elektronik GmbH
Der F75P ist ein SIL-4-zertifizierbarer Embedded Single-Board-Computer
basierend auf dem CompactPCI-PlusIO-Standard. Es wird mit Zertifikaten
von TÜV SÜD für Hard- und Software geliefert, was Kosten und Zeit bei
der Entwicklung und Zertifizierung eines funktionsfähigen, sicheren Computersystems
spart.
5 Things to Know about the F75P: a Vital Embedded Computer for Safety-Critica...MEN Mikro Elektronik GmbH
The F75P is a SIL 4 certifiable embedded single board computer based on the CompactPCI PlusIO Standard. It comes with certificates from TÜV SÜD for hardware and software, saving cost and time to market during the development and certification process of a functional safe computer system.
Visualisieren Sie Ihre Anwendung und vernetzen Sie sich mit dem Internet der Dinge (IoT) – mit zuverlässigen lüfterlosen Display-Computern und HMIs von MEN. Die robusten Panel-PCs von MEN sind auf den Betrieb unter rauen Bedingungen ausgelegt und eignen sich so hervorragend für Display-Lösungen in Führerständen von Zügen.
Visualisez votre application et connectez-vous au monde de l'IoT à l'aide des ordinateurs d'affichage sans ventilateur et des IHM fiables de MEN. Conçus pour fonctionner dans des environnements difficiles, les Panel PC robustes de MEN sont parfaitement adaptés aux solutions d'affichage dans la cabine conducteur des trains.
MEN delivers a flexible range of Ethernet switches especially designed for use in extremely rugged environmental conditions, e.g. found in the rail and public transportation market.
The NMxx family is built on a compact box PC format, coming with a rugged aluminum enclosure. This is not just for conduction cooling - turning the box into a maintenance-free device - but also protects the enclosed electronics, meeting requirements up to IP40.
The portfolio of our Ethernet switch boards and devices has been designed for mission-critical applications in harsh and mobile environments. They are offered as CompactPCI or CompactPCI Serial board, as modular 19“ system switch or as compact box switch, in order to complete our solution-oriented offering of rugged embedded computers.
Read 9 Interesting Things to Know about MEN’s Rugged Industrial & Railway Ethernet Switches!
4 Things to Know about Real-Time Ethernet Communication of Safe Train Control...MEN Mikro Elektronik GmbH
Especially in safety-critical applications real-time (RT) communication is a must. Ethernet networks come into the game when price is an issue and high-performance standardized protocols are needed. Fieldbusses used today are partly based on industrial real-time Ethernet variants with standardized safety protocols like Profinet, EtherCAT, Ethernet Powerlink, and others.
The safe train control system family also uses a real-time Ethernet communication within the network. This piece gives answers to the questions:
- 1: How is Communication within menTCS Organized?
2: Which RT Ethernet Standard is Used for menTCS?
3: Why EtherCAT for menTCS?
4: What are the Extension Possibilities for menTCS?
A number of innovations and changes deliver new capabilities to aircraft operations. Modern aircraft are equipped with a multitude of electronic components. There is also a multitude of standards that must be fulfilled when designing an avionics hardware solution.
Some questions may come to your mind, before designing a safety-critical aerospace system.
Based on a completely new concept menTCS is an open and modular railway computer platform based exclusively on standard hardware and software. It is certifiable up to SIL 4 in all its single parts and complies with the EN 50155 and EN 50126, EN 50128, and EN 50129 railway standards.
But what is the difference to other safety-critical rail systems? What do we mean, when we say menTCS is open and modular? Where can I use menTCS?
Read our 10 Frequently asked Questions about Safe Train Control System menTCS to get a better understanding of our versatile computer platform for rolling-stock and wayside.
The modular architecture of the well-known CompactPCI Serial industry platform (PICMG CPCI-S) is an ideal prerequisite for the configuration of flexible open standard virtualization solutions. One of the most powerful server hardware components for virtualization systems is the 3U CompactPCI Serial embedded single-board computer G25A, featuring the Intel XEON D-1500 family (Broadwell DE) with up to 16 processor cores.
The portfolio of our Ethernet switch boards and devices has been designed for mission-critical applications in harsh and mobile environments. Being offered as CompactPCI or CompactPCI Serial board, as modular 19“ system or compact box switch – the scope of these components lies in the completion of our solution-oriented offering of rugged embedded computers for the rail and public transport, avionics, heavy vehicles, marine, medical, industrial automation, and power and energy markets.
The BL51E is a rugged, fanless EN 50155 railway and E-Mark automotive box computer for in-vehicle functions like Passenger Information Systems (PIS), surveillance and storage based on Intel Atom E3900.
The F26L is an extremely low-power x86 PC based embedded computer for industrial automation and railway transportation, featuring the Intel Atom Apollo Lake-I (Goldmont architecture) with 2- and 4-core E3930, E3940 and E3950 processors and improved graphics performance. The SBC is compliant with the PICMG 2.30 standard and as such a perfect migration path from CompactPCI to CompactPCI Serial.
The CB30C is a safe Rugged COM Express module based on
NXP/Qualcomm QorIQ (single-core P1013 or dual-core P1022)
for safety-related applications meeting EN 50129 SIL 2,
for rolling-stock or industrial control systems.
menTCS is an open computer platform based upon modern IT standards that covers all safety-critical applications on a train and wayside. It is SIL 4 certifiable and comes with pre-certified hardware in combination with pre-certified software and corresponding certificates from TÜV SÜD, drastically reducing the time of the certification process.
menRDC is an open computer platform based on modern IT standards that covers all data processing and communication on a train and in train-land communication, and meets all the requirements of EN 50155. In the spirit of “Mobility 4.0”, the menRDC is a “connected device” that interacts with the participants in the IoT (Internet of Things).
Modular General Purpose Platform for Mobile Office IT Applications
Modern trains are equipped with increasingly complex embedded systems to run and monitor onboard equipment, enhance passenger comfort, and deliver new functions.
Not only does each independent application have its own hardware, but many also require a unique operating system and application software. This means railway management must deal with a host of different suppliers as well as communication and interoperability issues between systems or obsolescence problems.
menRDC is the one mobile office IT computer system for virtually all non-vital train applications.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
5 Techniques to Achieve Functional Safety for Embedded Systems
1. Textmasterformat bearbeiten
▪ Second Level
▪ Third Level
▪ Fourth Level
Fifth Level
August 24, 2017
5 Techniques to Achieve Functional Safety for
Embedded Systems
2. 2
The Need for Safe Computing
Failures of safety-critical electronic systems can result in loss of life, substantial
financial damage or severe harm to the environment.
Safe computer systems are typically used in avionics or railway applications
requiring particularly high reliability. This also goes for the medical market, while
industrial automation environments demand more and more functional safety as
technology becomes readily available.
One of the key design elements of a safety-critical system is redundancy. Other
techniques are diversity in components, determinism and predictable behavior,
clustering to increase availability and supervisor and event logging features.
Considerations about mission-critical computer architectures are complex and
include safety-critical characteristics, reliability questions, error behavior modes,
Safety Integrity Levels (up to SIL 3 or SIL 4) and the major IEC and EN standards,
e.g., EN 50128 / EN 50129 for railways or DO-254 for avionics (up to DAL-A).
4. 4
Redundancy
Redundancy. Multiplying critical components, such as the CPU, increases the
function's reliability.
The most important strategy to make a system less vulnerable to risk is to
multiply significant components. A component that by failing brings the entire
system to a halt is called a "Single Point of Failure" (SPOF). If critical components,
such as the CPU, are redundant, the availability and/or reliability of the functions
increase.
Depending on what you want to achieve, you can use different redundancy
configurations. To do this, you name the number of functions that must be in
working order in case of a failure (M) compared to the total number of
redundant functions (N). This results in “M out of N”, abbreviated as MooN.
5. 5
Redundancy - MooN Constellations
With safe redundant functions, all
components must also deliver the same
computing results, to allow for the detection
of errors, in the simplest case in a 2oo2
system. This reduces availability (fail-safe)
Inputs Controller Outputs
M
Inputs Controller Outputs
Inputs Controller Outputs
M
Inputs Controller Outputs
Inputs Controller Outputs
Inputs Controller Outputs
Inputs Controller Outputs
2oo3
Voter
M
A 1oo2 constellation increases availability of
the system and, by consequence, the Mean
Time Between Failures (MTBF). If one of two
processors fails, a 1oo2 system can still go on
operating (fail-operational).
The 2oo3 set-up is used frequently, because it
increases both safety and availability. With
such a level of complexity, a voting
mechanism, or voter, is an inherent part of
the system. It permanently compares and
analyzes computing results.
6. 6
Diversity
Diversity. If redundant components are identical, a common cause can make
them fail. This is why a system must support dissimilarities both in hardware and
in software.
For instance, you can run different,
independently designed software applications
on the subsystems. On the hardware side you
could use different I/O interfaces. Identical
functions are implemented in varying ways. In
the end the two dissimilar set-ups must lead to
the same result, so that the system can act in a
defined way. Diversity is even possible on one
single board: memory management of the
processors allows to partition the resources,
which is in turn supported by real-time
operating systems like PikeOS.
Safe Application Safe Application
Linux Windows
Linux Drivers Windows Drivers
x86 Architecture RISC Architecture
7. 7
Clustering
Clustering. This does not increase a subsystem's safety, but it raises availability.
Backing up a system is using redundancy on a higher level with the aim of
keeping your system up even in case of a failure.
It is possible to combine two assemblies to form a highly available computer
cluster. In a set-up like this, every channel – being redundant itself – works
independently, but only one channel is active. If the active channel fails, the
system automatically switches to the second channel. The boards can be
connected using dedicated serial interfaces:
Sensors
1
2
3
Cluster
Active Computer
Stand-By Computer Stand-By Output
Active Output
Actor
UARTs (DEX) make for communication
between the two channels. A direct
connection between the Board
Management Controllers (BMCX)
controls the switch-over from the active
to the inactive channel.
8. 8
Determinism
Determinism. The need for predictable behavior forbids a number of
mechanisms, like interrupts, common in non-critical applications. Design
engineers need particular expertise in this respect.
Next to failure safety, mission-critical environments also demand calculable
execution times. The system must react to an external event within a defined
time, even under worst case conditions.
Engineers need to consider possible behavior and its consequences in detail at
an early stage, in preparation for their actual design. In terms of hardware and
firmware, BITE components are used here – Built-In Test Equipment. Errors
handling techniques such as ECC (Error Correcting Code) or the monitoring of
internal voltages play an important role, here, too.
When it comes to software, system integrators in need of deterministic behavior
select a real-time system like VxWorks or PikeOS.
9. 9
Supervisors, Event Logging
Supervisors. Board management and supervision in safe computers need to go
beyond the usual CPU functions. A reliable CPU should have a dedicated monitor
at its side rather than supervise itself.
Event Logging. While this is not a necessary safety function, it can help track back
faults in critical systems in case of an incident. Chances are higher to avoid the
error cause in the future by taking precautions.