SlideShare a Scribd company logo

Adaptive MILS Evidential Tool Bus

R
RamnGonzlezRuiz2

Adaptive MILS Evidential Tool Bus slides.

Engineering
1 of 32
Download to read offline
Adaptive MILS Evidential Tool Bus University Grenoble Alpes Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 1
Certification Assurance Plane  Interactions and role in CITADEL Adaptive–MILS Evidential Tool Bus  Concept and Objectives  Design, Interfaces and Workflows  Implementation Examples Outline Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 2
 create and maintain the certification evidence for the system  two usages foreseen for evidence construction  a-priori construction, before startup and/or before a reconfiguration step  just-in-time construction, for the current running configuration Certification Assurance Plane Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 3
The CITADEL vision Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 4
 certification assurance artifact repository  rely on the prior D-MILS work on assurance case construction in GSN  develop modular assurance cases for Dynamic-MILS systems  develop assurance case patterns and pattern instantiation mechanisms  separation of concerns  construction and manipulation of evidence  extraction and presentation through specific documents required for certification AM-ETB Evidence Database Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 5
 run verification/other tools  according to specific workflows  create/update parts of the assurance case  offline/online verification tools need  (annotated) models of the policy architecture, platform, configuration, …  properties to be checked  access to monitoring results / properties, …  platform introspection facilities, … AM-ETB Functionality Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 6
View of Certification Assurance Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 7 Assurance Case Top Goals/Props Platf Arg(s) Comp’t Arg(s) Compos’n Arg(s) Sub-Goals/Props Provenance of Evidence . . . Config’n Correctness Arg(s) Conformance Property Evidence Certification Assurance Artifact Repository AM-ETB Verification Tools Models Props Configs A.C. Patterns Tool Flows Models Models Props Props Configs Configs
 D2.4 - ETB – Evidential Tool Bus Overall coordination for the production and maintenance of an assurance case for Adaptive-MILS systems  D2.4 - AR - Assurance Repository Manage concrete representation and access to assurance case during its construction by AM-ETB Two Categories of Requirements Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 8
Certification Assurance Plane  Interactions and role in CITADEL Adaptive–MILS Evidential Tool Bus  Concept and Objectives  Design, Interfaces and Workflows  Implementation Examples Outline Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 9
 relationship to other CITADEL components Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 10 AM-ETB Architecture Patterns Repository Evidence Repository AM-ETB Core Workflow Assurance Case Assurance Case Pattern System Models System Properties AM-ETB Tool Agent External Tool Error Log
 AC Patterns  generic fragments of AC arguments  decouple the AC argument from concrete system information / evidence  GSN with formal parameters denoting  system/modelling concepts and  techniques/tools for building evidence  a textual representation defined  term-based Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 11 Assurance Case Patterns
Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 12 Assurance Case Patterns Goal Policy {P} is deadlock-free Strategy: for all modes {M} of {P} Goal Policy {P} in mode {M} is deadlock-free Assumption: finite number of modes Evidence formal verification : policy {P} in mode {M} is deadlock free
 structured textual representation Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 13 Assurance Case Patterns pattern(policy_deadlock_freedom, [ P : Policy ], goal(g1, "policy {P} is deadlock-free", [], [ strategy(s1, "adress all operating modes", [ M : Mode in P.modes() ], [ assumption(finite number of operating modes) ], [ goal(g2, "policy {P} is deadlock-free in mode {M}", [], [ evidence("Policy-Verification", "formal verification of deadlock-freedom for {P} in mode {M}", []) ]) ]) ]) )
 instantiation of AC patterns  develop/instantiate recursively the pattern goals for given parameters (system model and properties, tools)  produce a flat assurance case  track errors  when evidence nodes are encountered trigger evidence (re-)construction and (re-)validation Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 14 AM-ETB Core Workflow
Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 15 AC Pattern Instantiation: Example {P} is safe {P} is deadlock-free foreach standard {X} in iso- xxx, iso-yyy {P} conforms to {X} {X} certificate for {P} S2S1 Policy architecture « A » {P} is deadlock-free foreach subject {S} of {P} {P} composition is deadlock-free {S} is deadlock-free Proof-of- deadlock- freedom {S} Deadlock-free composition {P} Top (main) AC pattern
Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 16 AC Pattern Instantiation: Example {P} is safe {P} is deadlock-free foreach standard {X} in iso- xxx, iso-yyy {P} conforms to {X} {X} certificate for {P} S2S1 Policy architecture « A » A is safe A is deadlock-free foreach standard A conforms to iso- xxx A certificate for iso-xxx A conforms to iso- yyy A certificate for iso-yyy Pattern « call » needing to be further instantiated…
Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 17 AC Pattern Instantiation: Example {P} is deadlock-free foreach subject {S} of {P} {P} composition is deadlock-free {S} is deadlock-free Proof-of- deadlock- freedom {S} Deadlock-free composition {P} S2S1 Policy architecture « A » A is deadlock-free foreach subject S of A A composition is deadlock-free S1 is deadlock-free Proof-of- deadlock- freedom S1 Deadlock-free composition of A S2 is deadlock-free Proof-of- deadlock- freedom S2
Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 18 AC Pattern Instantiation: Example A is deadlock-free foreach subject S of A A composition is deadlock-free S1 is deadlock-free Proof-of- deadlock- freedom S1 Deadlock-free composition of A S2 is deadlock-free Proof-of- deadlock- freedom S2 S2S1 Policy architecture « A » A is safe A is deadlock-free foreach standard A conforms to iso- xxx A certificate for iso-xxx A conforms to iso- yyy A certificate for iso-yyy Assurance Case for « A » Current implementation available at svn/Tech-Notes/ETB1/code/v1/
 instantiation of AC patterns  structure preserving  storage of intermediate results – avoid re- instantiation / evidence checking of the same AC fragment  workflow execution control  sequential / concurrent instantiation  synchronous / asynchronous evidence checking  time budget, etc Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 19 AM-ETB Core Workflow
 thin wrappers for invocation of verification/analysis tools (evidence construction)  provide an unified view on tool interactions from AM-ETB perspective  initiate/perform the analysis  provide the validity of the analysis result (VALID / NOT VALID)  record (justification of) valid results in the evidence artefact repository  one tool agent for a category of evidence Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 20 Tool Agents
 21 evidence categories have been identified, organized into  specification (5)  configuration (3)  verification & validation (4)  safety analysis (2)  FDIR (4)  performability (1)  standards compliance (2) Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 21 Assurance Evidence
 provide persistent storage  define generic API access to the AC representation / store  provide AC inspection and export to different notations/standards (e.g., text / GSN / SACM) Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 22 Assurance Cases
Certification Assurance Plane  Interactions and role in CITADEL Adaptive–MILS Evidential Tool Bus  Concept and Objectives  Design, Interfaces and Workflows  Implementation Examples Outline Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 23
 textual syntax for AC patterns  instantiation workflow, including protocols for interaction with tool agents  repository of assurance cases  repository of evidence artifacts  assurance case export (txt, html)  integration within the CITADEL framework  re-uses some software components developed in the D-MILS project  fully documented in Deliverable D5.2 Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 24 AM-ETB Implementation
AMT-ETB major modes and actions Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 25  nb: evidence update is desynchronized
A list of AC patterns and associated arguments: APList = [ ’foundational_plane’-[Platform], ’person’-[’Alice’, ’AC Patterns Definition’], ’person’-[’Bob’, ’AM-ETB Development’], ’invariant_property’-[ModelId, ’p1’], ’invariant_property’-[ModelId, ’p2’]], Output trace of AM-ETB: ?- instantiate:instantiate_pattern_list(APList, ’ac2’) *** instantiating pattern foundational_plane ... done. *** instantiating pattern foundational_plane_node ... done. *** instantiating pattern foundational_plane_node ... done. *** instantiating pattern foundational_plane_nsm ... done. *** instantiating pattern foundational_plane_tsn ... done. *** instantiating pattern person ... done. *** instantiating pattern person ... done. *** instantiating pattern invariant_property ... done. *** instantiating pattern invariant_property ... done. ?- AC Pattern list instantiation Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 26
AC export as HTML Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 27  representation preserving the structure of the patterns  record information about the instantiation process
 D2.4 - Requirements for CITADEL Technology  D5.1 – Interfaces and Workflow Definition for AM-ETB  D5.2 – AM-ETB Tool Bus for Tool Integration and Assurance  Koelemeijer et al: A Model-based Approach to Certification of Adaptive MILS. MILS@DSN 2018 References Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 28
Questions ? Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 29
Principal Objective:  Assurance case presents the argument that a system will be acceptably safe in a given context An assurance case requires two elements:  Supporting Evidence Results of observing, analysing, testing, simulating and estimating the properties of a system that provide the fundamental information from which safety can be inferred  High Level Argument Explanation of how the available evidence can be reasonably interpreted as indicating acceptable safety – usually by demonstrating compliance with requirements, sufficient mitigation / avoidance of hazards etc Argument without Evidence is unfounded Evidence without Argument is unexplained Assurance Cases Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 30
Purpose of a Goal Structure To show how goals are broken down into sub-goals, and eventually supported by evidence (solutions) whilst making clear the strategies adopted, the rationale for the approach (assumptions, justifications) and the context in which goals are stated The Goal Structuring Notation Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 31 A/J
A Simple GSN Example Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 32 G1 Press is acceptably safe to operate within Whatford Plant C1 Press specification C2 Press operation C3 Whatford Plant S1 Argument by addressing all identified operating hazards S2 Argument of compliance with all applicable safety standards and regulations C4 All identified operating hazards C5 All applicable safety standards and regulations G2 Hazard of 'Operator Hands Trapped by Press Plunger' sufficiently mitigated G3 Hazard of 'Operator Upper Body trapped by Press Plunger' sufficiently mitigated G4 Hazard of 'Operator Hands Caught in Press Drive Machinery' sufficiently mitigated G5 Press compliant with UK HSE Provision and Use of Work Equipment Regulations G6 Press compliant with UK enactment of EU Machinery Directive G7 PES element of press design compliant with IEC1508 Sn1 FTA analysis Sn2 Formal verification Sn3 SIL3 certificate Sn4 Audit report Sn5 Compliance sheet

Recommended

Software Modeling and Verification
Software Modeling and VerificationSoftware Modeling and Verification
Software Modeling and VerificationRamnGonzlezRuiz2
 
Citadel training on context awareness solution
Citadel training on context awareness solutionCitadel training on context awareness solution
Citadel training on context awareness solutionRamnGonzlezRuiz2
 
Communications monitoring
Communications monitoringCommunications monitoring
Communications monitoringRamnGonzlezRuiz2
 
CITADEL configuration and reconfiguration synthesis
CITADEL configuration and reconfiguration synthesisCITADEL configuration and reconfiguration synthesis
CITADEL configuration and reconfiguration synthesisRamnGonzlezRuiz2
 
Modeling, Specification and Verification Tools
Modeling, Specification and Verification ToolsModeling, Specification and Verification Tools
Modeling, Specification and Verification ToolsRamnGonzlezRuiz2
 
Citadel Platform Architecture
Citadel Platform ArchitectureCitadel Platform Architecture
Citadel Platform ArchitectureRamnGonzlezRuiz2
 
Configuring monitoring
Configuring monitoringConfiguring monitoring
Configuring monitoringRamnGonzlezRuiz2
 
State monitoring configuration
State monitoring configurationState monitoring configuration
State monitoring configurationRamnGonzlezRuiz2
 

Recommended

Software Modeling and Verification
Software Modeling and VerificationSoftware Modeling and Verification
Software Modeling and VerificationRamnGonzlezRuiz2
 
Citadel training on context awareness solution
Citadel training on context awareness solutionCitadel training on context awareness solution
Citadel training on context awareness solutionRamnGonzlezRuiz2
 
Communications monitoring
Communications monitoringCommunications monitoring
Communications monitoringRamnGonzlezRuiz2
 
CITADEL configuration and reconfiguration synthesis
CITADEL configuration and reconfiguration synthesisCITADEL configuration and reconfiguration synthesis
CITADEL configuration and reconfiguration synthesisRamnGonzlezRuiz2
 
Modeling, Specification and Verification Tools
Modeling, Specification and Verification ToolsModeling, Specification and Verification Tools
Modeling, Specification and Verification ToolsRamnGonzlezRuiz2
 
Citadel Platform Architecture
Citadel Platform ArchitectureCitadel Platform Architecture
Citadel Platform ArchitectureRamnGonzlezRuiz2
 
Configuring monitoring
Configuring monitoringConfiguring monitoring
Configuring monitoringRamnGonzlezRuiz2
 
State monitoring configuration
State monitoring configurationState monitoring configuration
State monitoring configurationRamnGonzlezRuiz2
 
Advanced tech module - state monitoring
Advanced tech module - state monitoringAdvanced tech module - state monitoring
Advanced tech module - state monitoringRamnGonzlezRuiz2
 
Adaptation-Engine traning
Adaptation-Engine traningAdaptation-Engine traning
Adaptation-Engine traningRamnGonzlezRuiz2
 
safety assurence in process control
safety assurence in process controlsafety assurence in process control
safety assurence in process controlNathiya Vaithi
 
Lot Completion Estimation Using Self-Configuring Equipment Model-based Applic...
Lot Completion Estimation Using Self-Configuring Equipment Model-based Applic...Lot Completion Estimation Using Self-Configuring Equipment Model-based Applic...
Lot Completion Estimation Using Self-Configuring Equipment Model-based Applic...Kimberly Daich
 
Formal Model Based Design of Control Software
Formal Model Based Design of Control SoftwareFormal Model Based Design of Control Software
Formal Model Based Design of Control SoftwareVadim Alimguzhin
 
RTI-CODES+ISSS-2012-Submission-1
RTI-CODES+ISSS-2012-Submission-1RTI-CODES+ISSS-2012-Submission-1
RTI-CODES+ISSS-2012-Submission-1Serge Amougou
 
To Perform SIL And PIL Testing on Fast Dynamic System using Economical AVR Co...
To Perform SIL And PIL Testing on Fast Dynamic System using Economical AVR Co...To Perform SIL And PIL Testing on Fast Dynamic System using Economical AVR Co...
To Perform SIL And PIL Testing on Fast Dynamic System using Economical AVR Co...ijsrd.com
 
PRFC SysML 1.4
PRFC SysML 1.4PRFC SysML 1.4
PRFC SysML 1.4Pascal Roques
 
SysML for embedded system engineering - Academy Camp 2015
SysML for embedded system engineering - Academy Camp 2015SysML for embedded system engineering - Academy Camp 2015
SysML for embedded system engineering - Academy Camp 2015Régis Castéran
 
PAM software guide V12
PAM software guide V12PAM software guide V12
PAM software guide V12Ralph Overbeck
 
system verilog
system verilogsystem verilog
system verilogVinchipsytm Vlsitraining
 
Model Based Design of Hybrid and Electric Powertrains
Model Based Design of Hybrid and Electric PowertrainsModel Based Design of Hybrid and Electric Powertrains
Model Based Design of Hybrid and Electric PowertrainsSandeep Sovani, Ph.D.
 
Dv con us-2018-formal-fpu-verif-xilinx-onespin
Dv con us-2018-formal-fpu-verif-xilinx-onespinDv con us-2018-formal-fpu-verif-xilinx-onespin
Dv con us-2018-formal-fpu-verif-xilinx-onespinSergio Marchese
 
Matthew Hause Building Bridges between Systems and Software with SysML and UML
Matthew Hause Building Bridges between Systems and Software with SysML and UMLMatthew Hause Building Bridges between Systems and Software with SysML and UML
Matthew Hause Building Bridges between Systems and Software with SysML and UMLINCOSE Colorado Front Range Chapter
 
Session 8 assertion_based_verification_and_interfaces
Session 8 assertion_based_verification_and_interfacesSession 8 assertion_based_verification_and_interfaces
Session 8 assertion_based_verification_and_interfacesNirav Desai
 
Introduction to SysML af Finn Overgaard Hansen, AU
Introduction to SysML af Finn Overgaard Hansen, AUIntroduction to SysML af Finn Overgaard Hansen, AU
Introduction to SysML af Finn Overgaard Hansen, AUInfinIT - Innovationsnetværket for it
 
System Concept Simulation for Concurrent Engineering
System Concept Simulation for Concurrent EngineeringSystem Concept Simulation for Concurrent Engineering
System Concept Simulation for Concurrent EngineeringFinmeccanica
 
Dr. Bernd GRAHLMANN and NXP automating testing with Telelogic DOORS @ NXP pre...
Dr. Bernd GRAHLMANN and NXP automating testing with Telelogic DOORS @ NXP pre...Dr. Bernd GRAHLMANN and NXP automating testing with Telelogic DOORS @ NXP pre...
Dr. Bernd GRAHLMANN and NXP automating testing with Telelogic DOORS @ NXP pre...Bernd Grahlmann
 
[Capella Day 2019] Model execution and system simulation in Capella
[Capella Day 2019] Model execution and system simulation in Capella[Capella Day 2019] Model execution and system simulation in Capella
[Capella Day 2019] Model execution and system simulation in CapellaObeo
 
Reverse Engineering of Software Architecture
Reverse Engineering of Software ArchitectureReverse Engineering of Software Architecture
Reverse Engineering of Software ArchitectureDharmalingam Ganesan
 
Hardware-Software allocation specification of IMA systems for early simulation
Hardware-Software allocation specification of IMA systems for early simulationHardware-Software allocation specification of IMA systems for early simulation
Hardware-Software allocation specification of IMA systems for early simulationÁkos Horváth
 
Migrating Legacy Spreadsheets-based Systems to Web MVC architecture: an Indus...
Migrating Legacy Spreadsheets-based Systems to Web MVC architecture: an Indus...Migrating Legacy Spreadsheets-based Systems to Web MVC architecture: an Indus...
Migrating Legacy Spreadsheets-based Systems to Web MVC architecture: an Indus...REvERSE University of Naples Federico II
 

More Related Content

What's hot

Advanced tech module - state monitoring
Advanced tech module - state monitoringAdvanced tech module - state monitoring
Advanced tech module - state monitoringRamnGonzlezRuiz2
 
safety assurence in process control
safety assurence in process controlsafety assurence in process control
safety assurence in process controlNathiya Vaithi
 
Lot Completion Estimation Using Self-Configuring Equipment Model-based Applic...
Lot Completion Estimation Using Self-Configuring Equipment Model-based Applic...Lot Completion Estimation Using Self-Configuring Equipment Model-based Applic...
Lot Completion Estimation Using Self-Configuring Equipment Model-based Applic...Kimberly Daich
 
Formal Model Based Design of Control Software
Formal Model Based Design of Control SoftwareFormal Model Based Design of Control Software
Formal Model Based Design of Control SoftwareVadim Alimguzhin
 
RTI-CODES+ISSS-2012-Submission-1
RTI-CODES+ISSS-2012-Submission-1RTI-CODES+ISSS-2012-Submission-1
RTI-CODES+ISSS-2012-Submission-1Serge Amougou
 
To Perform SIL And PIL Testing on Fast Dynamic System using Economical AVR Co...
To Perform SIL And PIL Testing on Fast Dynamic System using Economical AVR Co...To Perform SIL And PIL Testing on Fast Dynamic System using Economical AVR Co...
To Perform SIL And PIL Testing on Fast Dynamic System using Economical AVR Co...ijsrd.com
 
SysML for embedded system engineering - Academy Camp 2015
SysML for embedded system engineering - Academy Camp 2015SysML for embedded system engineering - Academy Camp 2015
SysML for embedded system engineering - Academy Camp 2015Régis Castéran
 
PAM software guide V12
PAM software guide V12PAM software guide V12
PAM software guide V12Ralph Overbeck
 
Model Based Design of Hybrid and Electric Powertrains
Model Based Design of Hybrid and Electric PowertrainsModel Based Design of Hybrid and Electric Powertrains
Model Based Design of Hybrid and Electric PowertrainsSandeep Sovani, Ph.D.
 
Dv con us-2018-formal-fpu-verif-xilinx-onespin
Dv con us-2018-formal-fpu-verif-xilinx-onespinDv con us-2018-formal-fpu-verif-xilinx-onespin
Dv con us-2018-formal-fpu-verif-xilinx-onespinSergio Marchese
 
Matthew Hause Building Bridges between Systems and Software with SysML and UML
Matthew Hause Building Bridges between Systems and Software with SysML and UMLMatthew Hause Building Bridges between Systems and Software with SysML and UML
Matthew Hause Building Bridges between Systems and Software with SysML and UMLINCOSE Colorado Front Range Chapter
 
Session 8 assertion_based_verification_and_interfaces
Session 8 assertion_based_verification_and_interfacesSession 8 assertion_based_verification_and_interfaces
Session 8 assertion_based_verification_and_interfacesNirav Desai
 
System Concept Simulation for Concurrent Engineering
System Concept Simulation for Concurrent EngineeringSystem Concept Simulation for Concurrent Engineering
System Concept Simulation for Concurrent EngineeringFinmeccanica
 
Dr. Bernd GRAHLMANN and NXP automating testing with Telelogic DOORS @ NXP pre...
Dr. Bernd GRAHLMANN and NXP automating testing with Telelogic DOORS @ NXP pre...Dr. Bernd GRAHLMANN and NXP automating testing with Telelogic DOORS @ NXP pre...
Dr. Bernd GRAHLMANN and NXP automating testing with Telelogic DOORS @ NXP pre...Bernd Grahlmann
 
[Capella Day 2019] Model execution and system simulation in Capella
[Capella Day 2019] Model execution and system simulation in Capella[Capella Day 2019] Model execution and system simulation in Capella
[Capella Day 2019] Model execution and system simulation in CapellaObeo
 
Reverse Engineering of Software Architecture
Reverse Engineering of Software ArchitectureReverse Engineering of Software Architecture
Reverse Engineering of Software ArchitectureDharmalingam Ganesan
 

What's hot (20)

Advanced tech module - state monitoring
Advanced tech module - state monitoringAdvanced tech module - state monitoring
Advanced tech module - state monitoring
 
Adaptation-Engine traning
Adaptation-Engine traningAdaptation-Engine traning
Adaptation-Engine traning
 
safety assurence in process control
safety assurence in process controlsafety assurence in process control
safety assurence in process control
 
Lot Completion Estimation Using Self-Configuring Equipment Model-based Applic...
Lot Completion Estimation Using Self-Configuring Equipment Model-based Applic...Lot Completion Estimation Using Self-Configuring Equipment Model-based Applic...
Lot Completion Estimation Using Self-Configuring Equipment Model-based Applic...
 
Formal Model Based Design of Control Software
Formal Model Based Design of Control SoftwareFormal Model Based Design of Control Software
Formal Model Based Design of Control Software
 
RTI-CODES+ISSS-2012-Submission-1
RTI-CODES+ISSS-2012-Submission-1RTI-CODES+ISSS-2012-Submission-1
RTI-CODES+ISSS-2012-Submission-1
 
To Perform SIL And PIL Testing on Fast Dynamic System using Economical AVR Co...
To Perform SIL And PIL Testing on Fast Dynamic System using Economical AVR Co...To Perform SIL And PIL Testing on Fast Dynamic System using Economical AVR Co...
To Perform SIL And PIL Testing on Fast Dynamic System using Economical AVR Co...
 
PRFC SysML 1.4
PRFC SysML 1.4PRFC SysML 1.4
PRFC SysML 1.4
 
SysML for embedded system engineering - Academy Camp 2015
SysML for embedded system engineering - Academy Camp 2015SysML for embedded system engineering - Academy Camp 2015
SysML for embedded system engineering - Academy Camp 2015
 
PAM software guide V12
PAM software guide V12PAM software guide V12
PAM software guide V12
 
system verilog
system verilogsystem verilog
system verilog
 
Model Based Design of Hybrid and Electric Powertrains
Model Based Design of Hybrid and Electric PowertrainsModel Based Design of Hybrid and Electric Powertrains
Model Based Design of Hybrid and Electric Powertrains
 
Dv con us-2018-formal-fpu-verif-xilinx-onespin
Dv con us-2018-formal-fpu-verif-xilinx-onespinDv con us-2018-formal-fpu-verif-xilinx-onespin
Dv con us-2018-formal-fpu-verif-xilinx-onespin
 
Matthew Hause Building Bridges between Systems and Software with SysML and UML
Matthew Hause Building Bridges between Systems and Software with SysML and UMLMatthew Hause Building Bridges between Systems and Software with SysML and UML
Matthew Hause Building Bridges between Systems and Software with SysML and UML
 
Session 8 assertion_based_verification_and_interfaces
Session 8 assertion_based_verification_and_interfacesSession 8 assertion_based_verification_and_interfaces
Session 8 assertion_based_verification_and_interfaces
 
Introduction to SysML af Finn Overgaard Hansen, AU
Introduction to SysML af Finn Overgaard Hansen, AUIntroduction to SysML af Finn Overgaard Hansen, AU
Introduction to SysML af Finn Overgaard Hansen, AU
 
System Concept Simulation for Concurrent Engineering
System Concept Simulation for Concurrent EngineeringSystem Concept Simulation for Concurrent Engineering
System Concept Simulation for Concurrent Engineering
 
Dr. Bernd GRAHLMANN and NXP automating testing with Telelogic DOORS @ NXP pre...
Dr. Bernd GRAHLMANN and NXP automating testing with Telelogic DOORS @ NXP pre...Dr. Bernd GRAHLMANN and NXP automating testing with Telelogic DOORS @ NXP pre...
Dr. Bernd GRAHLMANN and NXP automating testing with Telelogic DOORS @ NXP pre...
 
[Capella Day 2019] Model execution and system simulation in Capella
[Capella Day 2019] Model execution and system simulation in Capella[Capella Day 2019] Model execution and system simulation in Capella
[Capella Day 2019] Model execution and system simulation in Capella
 
Reverse Engineering of Software Architecture
Reverse Engineering of Software ArchitectureReverse Engineering of Software Architecture
Reverse Engineering of Software Architecture
 

Similar to Adaptive MILS Evidential Tool Bus

Hardware-Software allocation specification of IMA systems for early simulation
Hardware-Software allocation specification of IMA systems for early simulationHardware-Software allocation specification of IMA systems for early simulation
Hardware-Software allocation specification of IMA systems for early simulationÁkos Horváth
 
Migrating Legacy Spreadsheets-based Systems to Web MVC architecture: an Indus...
Migrating Legacy Spreadsheets-based Systems to Web MVC architecture: an Indus...Migrating Legacy Spreadsheets-based Systems to Web MVC architecture: an Indus...
Migrating Legacy Spreadsheets-based Systems to Web MVC architecture: an Indus...REvERSE University of Naples Federico II
 
Research on UVM Verification Platform Based on AXI4 Protocol Intellectual Pro...
Research on UVM Verification Platform Based on AXI4 Protocol Intellectual Pro...Research on UVM Verification Platform Based on AXI4 Protocol Intellectual Pro...
Research on UVM Verification Platform Based on AXI4 Protocol Intellectual Pro...IJRESJOURNAL
 
Brian muirhead v1-27-12
Brian muirhead v1-27-12Brian muirhead v1-27-12
Brian muirhead v1-27-12NASAPMC
 
Validation and Verification of SYSML Activity Diagrams Using HOARE Logic
Validation and Verification of SYSML Activity Diagrams Using HOARE Logic Validation and Verification of SYSML Activity Diagrams Using HOARE Logic
Validation and Verification of SYSML Activity Diagrams Using HOARE Logic ijseajournal
 
Combining fUML and profiles for non-functional analysis based on model execut...
Combining fUML and profiles for non-functional analysis based on model execut...Combining fUML and profiles for non-functional analysis based on model execut...
Combining fUML and profiles for non-functional analysis based on model execut...Luca Berardinelli
 
Dsd int 2014 - open mi symposium - federated modelling of critical infrastruc...
Dsd int 2014 - open mi symposium - federated modelling of critical infrastruc...Dsd int 2014 - open mi symposium - federated modelling of critical infrastruc...
Dsd int 2014 - open mi symposium - federated modelling of critical infrastruc...Deltares
 
Vizer_MSc_Thesis_2011
Vizer_MSc_Thesis_2011Vizer_MSc_Thesis_2011
Vizer_MSc_Thesis_2011Daniel Vizer
 
Automatic Test Generation for Space
Automatic Test Generation for SpaceAutomatic Test Generation for Space
Automatic Test Generation for SpaceUlisses Costa
 
Testware Hierarchy for Test Automation
Testware Hierarchy for Test AutomationTestware Hierarchy for Test Automation
Testware Hierarchy for Test AutomationGregory Solovey
 
CONCEPT OF OPERATIONS TO SYSTEM DESIGN AND DEVELOPMENT-AN INTEGRATED SYSTEM F...
CONCEPT OF OPERATIONS TO SYSTEM DESIGN AND DEVELOPMENT-AN INTEGRATED SYSTEM F...CONCEPT OF OPERATIONS TO SYSTEM DESIGN AND DEVELOPMENT-AN INTEGRATED SYSTEM F...
CONCEPT OF OPERATIONS TO SYSTEM DESIGN AND DEVELOPMENT-AN INTEGRATED SYSTEM F...ijcisjournal
 
CONCEPT OF OPERATIONS TO SYSTEM DESIGN AND DEVELOPMENT-AN INTEGRATED SYSTEM F...
CONCEPT OF OPERATIONS TO SYSTEM DESIGN AND DEVELOPMENT-AN INTEGRATED SYSTEM F...CONCEPT OF OPERATIONS TO SYSTEM DESIGN AND DEVELOPMENT-AN INTEGRATED SYSTEM F...
CONCEPT OF OPERATIONS TO SYSTEM DESIGN AND DEVELOPMENT-AN INTEGRATED SYSTEM F...ijics
 
Research & Innovations at Car Lab
Research & Innovations at Car LabResearch & Innovations at Car Lab
Research & Innovations at Car Labcarlabrut
 
DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Model based analysis of wireless sys...
DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Model based analysis of wireless sys...DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Model based analysis of wireless sys...
DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Model based analysis of wireless sys...IEEEGLOBALSOFTTECHNOLOGIES
 
Michael_Joshua_Validation
Michael_Joshua_ValidationMichael_Joshua_Validation
Michael_Joshua_ValidationMichaelJoshua
 
MBSE and Model-Based Testing with Capella
MBSE and Model-Based Testing with CapellaMBSE and Model-Based Testing with Capella
MBSE and Model-Based Testing with CapellaObeo
 
Advanced Verification Methodology for Complex System on Chip Verification
Advanced Verification Methodology for Complex System on Chip VerificationAdvanced Verification Methodology for Complex System on Chip Verification
Advanced Verification Methodology for Complex System on Chip VerificationVLSICS Design
 
Innovate with confidence – Functional Verification of Embedded Algorithms
Innovate with confidence – Functional Verification of Embedded AlgorithmsInnovate with confidence – Functional Verification of Embedded Algorithms
Innovate with confidence – Functional Verification of Embedded AlgorithmsJoachim Schlosser
 
Verification of the protection services in antivirus systems by using nusmv m...
Verification of the protection services in antivirus systems by using nusmv m...Verification of the protection services in antivirus systems by using nusmv m...
Verification of the protection services in antivirus systems by using nusmv m...ijfcstjournal
 
05 fse requirementsengineering
05 fse requirementsengineering05 fse requirementsengineering
05 fse requirementsengineeringMohesh Chandran
 

Similar to Adaptive MILS Evidential Tool Bus (20)

Hardware-Software allocation specification of IMA systems for early simulation
Hardware-Software allocation specification of IMA systems for early simulationHardware-Software allocation specification of IMA systems for early simulation
Hardware-Software allocation specification of IMA systems for early simulation
 
Migrating Legacy Spreadsheets-based Systems to Web MVC architecture: an Indus...
Migrating Legacy Spreadsheets-based Systems to Web MVC architecture: an Indus...Migrating Legacy Spreadsheets-based Systems to Web MVC architecture: an Indus...
Migrating Legacy Spreadsheets-based Systems to Web MVC architecture: an Indus...
 
Research on UVM Verification Platform Based on AXI4 Protocol Intellectual Pro...
Research on UVM Verification Platform Based on AXI4 Protocol Intellectual Pro...Research on UVM Verification Platform Based on AXI4 Protocol Intellectual Pro...
Research on UVM Verification Platform Based on AXI4 Protocol Intellectual Pro...
 
Brian muirhead v1-27-12
Brian muirhead v1-27-12Brian muirhead v1-27-12
Brian muirhead v1-27-12
 
Validation and Verification of SYSML Activity Diagrams Using HOARE Logic
Validation and Verification of SYSML Activity Diagrams Using HOARE Logic Validation and Verification of SYSML Activity Diagrams Using HOARE Logic
Validation and Verification of SYSML Activity Diagrams Using HOARE Logic
 
Combining fUML and profiles for non-functional analysis based on model execut...
Combining fUML and profiles for non-functional analysis based on model execut...Combining fUML and profiles for non-functional analysis based on model execut...
Combining fUML and profiles for non-functional analysis based on model execut...
 
Dsd int 2014 - open mi symposium - federated modelling of critical infrastruc...
Dsd int 2014 - open mi symposium - federated modelling of critical infrastruc...Dsd int 2014 - open mi symposium - federated modelling of critical infrastruc...
Dsd int 2014 - open mi symposium - federated modelling of critical infrastruc...
 
Vizer_MSc_Thesis_2011
Vizer_MSc_Thesis_2011Vizer_MSc_Thesis_2011
Vizer_MSc_Thesis_2011
 
Automatic Test Generation for Space
Automatic Test Generation for SpaceAutomatic Test Generation for Space
Automatic Test Generation for Space
 
Testware Hierarchy for Test Automation
Testware Hierarchy for Test AutomationTestware Hierarchy for Test Automation
Testware Hierarchy for Test Automation
 
CONCEPT OF OPERATIONS TO SYSTEM DESIGN AND DEVELOPMENT-AN INTEGRATED SYSTEM F...
CONCEPT OF OPERATIONS TO SYSTEM DESIGN AND DEVELOPMENT-AN INTEGRATED SYSTEM F...CONCEPT OF OPERATIONS TO SYSTEM DESIGN AND DEVELOPMENT-AN INTEGRATED SYSTEM F...
CONCEPT OF OPERATIONS TO SYSTEM DESIGN AND DEVELOPMENT-AN INTEGRATED SYSTEM F...
 
CONCEPT OF OPERATIONS TO SYSTEM DESIGN AND DEVELOPMENT-AN INTEGRATED SYSTEM F...
CONCEPT OF OPERATIONS TO SYSTEM DESIGN AND DEVELOPMENT-AN INTEGRATED SYSTEM F...CONCEPT OF OPERATIONS TO SYSTEM DESIGN AND DEVELOPMENT-AN INTEGRATED SYSTEM F...
CONCEPT OF OPERATIONS TO SYSTEM DESIGN AND DEVELOPMENT-AN INTEGRATED SYSTEM F...
 
Research & Innovations at Car Lab
Research & Innovations at Car LabResearch & Innovations at Car Lab
Research & Innovations at Car Lab
 
DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Model based analysis of wireless sys...
DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Model based analysis of wireless sys...DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Model based analysis of wireless sys...
DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Model based analysis of wireless sys...
 
Michael_Joshua_Validation
Michael_Joshua_ValidationMichael_Joshua_Validation
Michael_Joshua_Validation
 
MBSE and Model-Based Testing with Capella
MBSE and Model-Based Testing with CapellaMBSE and Model-Based Testing with Capella
MBSE and Model-Based Testing with Capella
 
Advanced Verification Methodology for Complex System on Chip Verification
Advanced Verification Methodology for Complex System on Chip VerificationAdvanced Verification Methodology for Complex System on Chip Verification
Advanced Verification Methodology for Complex System on Chip Verification
 
Innovate with confidence – Functional Verification of Embedded Algorithms
Innovate with confidence – Functional Verification of Embedded AlgorithmsInnovate with confidence – Functional Verification of Embedded Algorithms
Innovate with confidence – Functional Verification of Embedded Algorithms
 
Verification of the protection services in antivirus systems by using nusmv m...
Verification of the protection services in antivirus systems by using nusmv m...Verification of the protection services in antivirus systems by using nusmv m...
Verification of the protection services in antivirus systems by using nusmv m...
 
05 fse requirementsengineering
05 fse requirementsengineering05 fse requirementsengineering
05 fse requirementsengineering
 

Recently uploaded

VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130Suhani Kapoor
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort servicejennyeacort
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxPoojaBan
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...srsj9000
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfAsst.prof M.Gokilavani
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.eptoze12
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionDr.Costas Sachpazis
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineeringmalavadedarshan25
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AIabhishek36461
 
HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2RajaP95
 
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSCAESB
 
microprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingmicroprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingjaychoudhary37
 
Introduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxIntroduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxvipinkmenon1
 
power system scada applications and uses
power system scada applications and usespower system scada applications and uses
power system scada applications and usesDevarapalliHaritha
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxwendy cai
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 

Recently uploaded (20)

VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptx
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineering
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AI
 
HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2
 
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentation
 
microprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingmicroprocessor 8085 and its interfacing
microprocessor 8085 and its interfacing
 
Introduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxIntroduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptx
 
power system scada applications and uses
power system scada applications and usespower system scada applications and uses
power system scada applications and uses
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptx
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 

Adaptive MILS Evidential Tool Bus

  • 1. Adaptive MILS Evidential Tool Bus University Grenoble Alpes Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 1
  • 2. Certification Assurance Plane  Interactions and role in CITADEL Adaptive–MILS Evidential Tool Bus  Concept and Objectives  Design, Interfaces and Workflows  Implementation Examples Outline Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 2
  • 3.  create and maintain the certification evidence for the system  two usages foreseen for evidence construction  a-priori construction, before startup and/or before a reconfiguration step  just-in-time construction, for the current running configuration Certification Assurance Plane Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 3
  • 4. The CITADEL vision Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 4
  • 5.  certification assurance artifact repository  rely on the prior D-MILS work on assurance case construction in GSN  develop modular assurance cases for Dynamic-MILS systems  develop assurance case patterns and pattern instantiation mechanisms  separation of concerns  construction and manipulation of evidence  extraction and presentation through specific documents required for certification AM-ETB Evidence Database Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 5
  • 6.  run verification/other tools  according to specific workflows  create/update parts of the assurance case  offline/online verification tools need  (annotated) models of the policy architecture, platform, configuration, …  properties to be checked  access to monitoring results / properties, …  platform introspection facilities, … AM-ETB Functionality Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 6
  • 7. View of Certification Assurance Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 7 Assurance Case Top Goals/Props Platf Arg(s) Comp’t Arg(s) Compos’n Arg(s) Sub-Goals/Props Provenance of Evidence . . . Config’n Correctness Arg(s) Conformance Property Evidence Certification Assurance Artifact Repository AM-ETB Verification Tools Models Props Configs A.C. Patterns Tool Flows Models Models Props Props Configs Configs
  • 8.  D2.4 - ETB – Evidential Tool Bus Overall coordination for the production and maintenance of an assurance case for Adaptive-MILS systems  D2.4 - AR - Assurance Repository Manage concrete representation and access to assurance case during its construction by AM-ETB Two Categories of Requirements Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 8
  • 9. Certification Assurance Plane  Interactions and role in CITADEL Adaptive–MILS Evidential Tool Bus  Concept and Objectives  Design, Interfaces and Workflows  Implementation Examples Outline Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 9
  • 10.  relationship to other CITADEL components Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 10 AM-ETB Architecture Patterns Repository Evidence Repository AM-ETB Core Workflow Assurance Case Assurance Case Pattern System Models System Properties AM-ETB Tool Agent External Tool Error Log
  • 11.  AC Patterns  generic fragments of AC arguments  decouple the AC argument from concrete system information / evidence  GSN with formal parameters denoting  system/modelling concepts and  techniques/tools for building evidence  a textual representation defined  term-based Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 11 Assurance Case Patterns
  • 12. Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 12 Assurance Case Patterns Goal Policy {P} is deadlock-free Strategy: for all modes {M} of {P} Goal Policy {P} in mode {M} is deadlock-free Assumption: finite number of modes Evidence formal verification : policy {P} in mode {M} is deadlock free
  • 13.  structured textual representation Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 13 Assurance Case Patterns pattern(policy_deadlock_freedom, [ P : Policy ], goal(g1, "policy {P} is deadlock-free", [], [ strategy(s1, "adress all operating modes", [ M : Mode in P.modes() ], [ assumption(finite number of operating modes) ], [ goal(g2, "policy {P} is deadlock-free in mode {M}", [], [ evidence("Policy-Verification", "formal verification of deadlock-freedom for {P} in mode {M}", []) ]) ]) ]) )
  • 14.  instantiation of AC patterns  develop/instantiate recursively the pattern goals for given parameters (system model and properties, tools)  produce a flat assurance case  track errors  when evidence nodes are encountered trigger evidence (re-)construction and (re-)validation Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 14 AM-ETB Core Workflow
  • 15. Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 15 AC Pattern Instantiation: Example {P} is safe {P} is deadlock-free foreach standard {X} in iso- xxx, iso-yyy {P} conforms to {X} {X} certificate for {P} S2S1 Policy architecture « A » {P} is deadlock-free foreach subject {S} of {P} {P} composition is deadlock-free {S} is deadlock-free Proof-of- deadlock- freedom {S} Deadlock-free composition {P} Top (main) AC pattern
  • 16. Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 16 AC Pattern Instantiation: Example {P} is safe {P} is deadlock-free foreach standard {X} in iso- xxx, iso-yyy {P} conforms to {X} {X} certificate for {P} S2S1 Policy architecture « A » A is safe A is deadlock-free foreach standard A conforms to iso- xxx A certificate for iso-xxx A conforms to iso- yyy A certificate for iso-yyy Pattern « call » needing to be further instantiated…
  • 17. Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 17 AC Pattern Instantiation: Example {P} is deadlock-free foreach subject {S} of {P} {P} composition is deadlock-free {S} is deadlock-free Proof-of- deadlock- freedom {S} Deadlock-free composition {P} S2S1 Policy architecture « A » A is deadlock-free foreach subject S of A A composition is deadlock-free S1 is deadlock-free Proof-of- deadlock- freedom S1 Deadlock-free composition of A S2 is deadlock-free Proof-of- deadlock- freedom S2
  • 18. Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 18 AC Pattern Instantiation: Example A is deadlock-free foreach subject S of A A composition is deadlock-free S1 is deadlock-free Proof-of- deadlock- freedom S1 Deadlock-free composition of A S2 is deadlock-free Proof-of- deadlock- freedom S2 S2S1 Policy architecture « A » A is safe A is deadlock-free foreach standard A conforms to iso- xxx A certificate for iso-xxx A conforms to iso- yyy A certificate for iso-yyy Assurance Case for « A » Current implementation available at svn/Tech-Notes/ETB1/code/v1/
  • 19.  instantiation of AC patterns  structure preserving  storage of intermediate results – avoid re- instantiation / evidence checking of the same AC fragment  workflow execution control  sequential / concurrent instantiation  synchronous / asynchronous evidence checking  time budget, etc Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 19 AM-ETB Core Workflow
  • 20.  thin wrappers for invocation of verification/analysis tools (evidence construction)  provide an unified view on tool interactions from AM-ETB perspective  initiate/perform the analysis  provide the validity of the analysis result (VALID / NOT VALID)  record (justification of) valid results in the evidence artefact repository  one tool agent for a category of evidence Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 20 Tool Agents
  • 21.  21 evidence categories have been identified, organized into  specification (5)  configuration (3)  verification & validation (4)  safety analysis (2)  FDIR (4)  performability (1)  standards compliance (2) Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 21 Assurance Evidence
  • 22.  provide persistent storage  define generic API access to the AC representation / store  provide AC inspection and export to different notations/standards (e.g., text / GSN / SACM) Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 22 Assurance Cases
  • 23. Certification Assurance Plane  Interactions and role in CITADEL Adaptive–MILS Evidential Tool Bus  Concept and Objectives  Design, Interfaces and Workflows  Implementation Examples Outline Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 23
  • 24.  textual syntax for AC patterns  instantiation workflow, including protocols for interaction with tool agents  repository of assurance cases  repository of evidence artifacts  assurance case export (txt, html)  integration within the CITADEL framework  re-uses some software components developed in the D-MILS project  fully documented in Deliverable D5.2 Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 24 AM-ETB Implementation
  • 25. AMT-ETB major modes and actions Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 25  nb: evidence update is desynchronized
  • 26. A list of AC patterns and associated arguments: APList = [ ’foundational_plane’-[Platform], ’person’-[’Alice’, ’AC Patterns Definition’], ’person’-[’Bob’, ’AM-ETB Development’], ’invariant_property’-[ModelId, ’p1’], ’invariant_property’-[ModelId, ’p2’]], Output trace of AM-ETB: ?- instantiate:instantiate_pattern_list(APList, ’ac2’) *** instantiating pattern foundational_plane ... done. *** instantiating pattern foundational_plane_node ... done. *** instantiating pattern foundational_plane_node ... done. *** instantiating pattern foundational_plane_nsm ... done. *** instantiating pattern foundational_plane_tsn ... done. *** instantiating pattern person ... done. *** instantiating pattern person ... done. *** instantiating pattern invariant_property ... done. *** instantiating pattern invariant_property ... done. ?- AC Pattern list instantiation Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 26
  • 27. AC export as HTML Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 27  representation preserving the structure of the patterns  record information about the instantiation process
  • 28.  D2.4 - Requirements for CITADEL Technology  D5.1 – Interfaces and Workflow Definition for AM-ETB  D5.2 – AM-ETB Tool Bus for Tool Integration and Assurance  Koelemeijer et al: A Model-based Approach to Certification of Adaptive MILS. MILS@DSN 2018 References Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 28
  • 29. Questions ? Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 29
  • 30. Principal Objective:  Assurance case presents the argument that a system will be acceptably safe in a given context An assurance case requires two elements:  Supporting Evidence Results of observing, analysing, testing, simulating and estimating the properties of a system that provide the fundamental information from which safety can be inferred  High Level Argument Explanation of how the available evidence can be reasonably interpreted as indicating acceptable safety – usually by demonstrating compliance with requirements, sufficient mitigation / avoidance of hazards etc Argument without Evidence is unfounded Evidence without Argument is unexplained Assurance Cases Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 30
  • 31. Purpose of a Goal Structure To show how goals are broken down into sub-goals, and eventually supported by evidence (solutions) whilst making clear the strategies adopted, the rationale for the approach (assumptions, justifications) and the context in which goals are stated The Goal Structuring Notation Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 31 A/J
  • 32. A Simple GSN Example Univ. Grenoble Alpes Adaptive MILS Evidential Tool Bus 32 G1 Press is acceptably safe to operate within Whatford Plant C1 Press specification C2 Press operation C3 Whatford Plant S1 Argument by addressing all identified operating hazards S2 Argument of compliance with all applicable safety standards and regulations C4 All identified operating hazards C5 All applicable safety standards and regulations G2 Hazard of 'Operator Hands Trapped by Press Plunger' sufficiently mitigated G3 Hazard of 'Operator Upper Body trapped by Press Plunger' sufficiently mitigated G4 Hazard of 'Operator Hands Caught in Press Drive Machinery' sufficiently mitigated G5 Press compliant with UK HSE Provision and Use of Work Equipment Regulations G6 Press compliant with UK enactment of EU Machinery Directive G7 PES element of press design compliant with IEC1508 Sn1 FTA analysis Sn2 Formal verification Sn3 SIL3 certificate Sn4 Audit report Sn5 Compliance sheet