SlideShare a Scribd company logo

Software Development for Safety Critical Systems

Download as PPTX, PDF
Ákos Horváth
Ákos Horváth

This document discusses software development for safety critical systems. It covers: - Special considerations for safety critical systems where malfunctions can cause injury, including design, verification, validation, certification to standards. - The increasing complexity of avionics software over time with aircraft like the A380 and B787 having hundreds of millions of lines of code. - Key aeronautical certification bodies and standards like the FAA, EASA, ICAO, DO-178B/C, and ARP-4754. - Methodologies used in aeronautical system certification like fault tree analysis, common cause analysis, and design assurance levels (DAL). - How certification aspects apply to both software and hardware and

1 of 13
Budapest University of Technology and Economics Department of Measurement and Information Systems Software Development for Safety Critical Systems Ákos Horváth Dept. of Measurement and Information Systems Fault Tolerant Systems Research Group FRENCH-HUNGARIAN WORKSHOP ON OUTER-SPACE
How to avoid? Safety Critical Software Development 2
Specialities of safety critical systems  Safety-critical systems o Informal definition: Malfunction may cause injury of people  Special solutions to achieve safe operation o Design: Requirements, architecture, tools, … o Verification, validation, and independent assessment o Certification (by safety authorities)  Basis of certification: Standards o IEC 61508: Generic standard (for electrical, electronic or programmable electronic systems) o DO178B/C: Software in airborne systems and equipment o EN50129: Railway (control systems) o EN50128: Railway (software) o ISO26262: Automotive o Other sector-specific standards: Medical, process control, etc. 3
History of avionics SW complexity 4 0 50 100 150 200 250 300 350 400 MIPS LOC Mbyte/10 Digital links A-310 (1983) A-320 (1988) A-340 (1993) Exponential Growth Both A380 and B 787 have 100’s of millions LOC Ref: Subra de Salafa and Paquier
ARP-4754 Aeronautical Certification Bodies and Standards 5 ICAO EASA EASA EASANational Aviation Authority EASA CS-25 ARP-4754 define supervise supervise EASA EASAStandardization Body harmonize with regulations adopt accepted mean define
ARP-4754 Aeronautical Certification Bodies and Standards 6 ICAO EASA EASA EASANational Aviation Authority EASA CS-25 ARP-4754 define supervise supervise EASA EASAStandardization Body harmonize with regulations adopt accepted mean define International Civil Aviation Organization (1944) European Aviation Safety Agency (2006)
ARP-4754 Aeronautical Certification Bodies and Standards 7 ICAO EASA EASA EASANational Aviation Authorities EASA CS-25 ARP-4754 define supervise supervise EASA EASAStandardization Body sarmonize with regulations adopt accepted mean define EASA CS 25.1309: The airplane systems and associated components, considered separately and in relation to other systems, must be designed so that- 1. Any catastrophic failure condition a) is extremely improbable; and b) does not result from a single failure; and 2. Any hazardous failure condition is extremely remote; and 3. Any major failure condition is remote.
Aeronautical System Certification 8
Aeronautical System Certification 9 Methodologies for safety assessment processes are guidelines E.g., fault tree analysis, common cause analysis Certififcation aspects of complex aircraft system  cannot be shown by test only. Design Assurance Level (DAL)
Aeronautical System Certification 10 Methodologies for safety assessment processes are guidelines E.g., fault tree analysis, common cause analysis Certififcation aspects of complex aircraft system  cannot be shown by test only. Design Assurance Level (DAL)
Aeronautical System Certification 11 Provide guidelines for production of software for airborne systems. Objectives, activities and evidences Certififcation aspects of hardware elements from concept to airworthy equipment development
Aeronautical System Certification 12
Future and Related Fields  Automotive industry o Drive-by-wire o Automated parking/driving o No strict authorities for SW certification • EU pushing for standards • Safety related issues  UAV o In the same civil airspace o Needs to take into consideration the environment o Equipment can fail 13  Space and Satellite o Uses avionics concepts o Similar certification processes by ESA o How advanced concepts will appear?  Avionics o Modern development methods (DO-178C annexes, 2013) o MDE, OO languages, formal methods, tool certification o Flightpath 2050 o Passengers/year from 2.5bn to 16bn o 31000 new aircrafts

Recommended

090422 Techsphere X
090422 Techsphere X090422 Techsphere X
090422 Techsphere X기성 문
 
IncQuery gets Sirius: faster and better diagrams
IncQuery gets Sirius: faster and better diagramsIncQuery gets Sirius: faster and better diagrams
IncQuery gets Sirius: faster and better diagrams
Ákos Horváth
 
VIATRA 3: A reactive model transformation platform
VIATRA 3: A reactive model transformation platformVIATRA 3: A reactive model transformation platform
VIATRA 3: A reactive model transformation platform
Ákos Horváth
 
An Alternative Approach to DO-178B
An Alternative Approach to DO-178BAn Alternative Approach to DO-178B
An Alternative Approach to DO-178B
AdaCore
 
Validation and Verification using Rational DOORS for Aerospace
Validation and Verification using Rational DOORS for AerospaceValidation and Verification using Rational DOORS for Aerospace
Validation and Verification using Rational DOORS for Aerospace
Hellasserve
 
Critical Systems
Critical SystemsCritical Systems
Critical Systems
Usman Bin Saad
 
DMAP\'s Brochure
DMAP\'s BrochureDMAP\'s Brochure
DMAP\'s Brochure
DMAP
 
V model presentation
V model presentationV model presentation
V model presentation
Niat Murad
 

Recommended

090422 Techsphere X
090422 Techsphere X090422 Techsphere X
090422 Techsphere X기성 문
 
IncQuery gets Sirius: faster and better diagrams
IncQuery gets Sirius: faster and better diagramsIncQuery gets Sirius: faster and better diagrams
IncQuery gets Sirius: faster and better diagrams
Ákos Horváth
 
VIATRA 3: A reactive model transformation platform
VIATRA 3: A reactive model transformation platformVIATRA 3: A reactive model transformation platform
VIATRA 3: A reactive model transformation platform
Ákos Horváth
 
An Alternative Approach to DO-178B
An Alternative Approach to DO-178BAn Alternative Approach to DO-178B
An Alternative Approach to DO-178B
AdaCore
 
Validation and Verification using Rational DOORS for Aerospace
Validation and Verification using Rational DOORS for AerospaceValidation and Verification using Rational DOORS for Aerospace
Validation and Verification using Rational DOORS for Aerospace
Hellasserve
 
Critical Systems
Critical SystemsCritical Systems
Critical Systems
Usman Bin Saad
 
DMAP\'s Brochure
DMAP\'s BrochureDMAP\'s Brochure
DMAP\'s Brochure
DMAP
 
V model presentation
V model presentationV model presentation
V model presentation
Niat Murad
 
Verification of IVI Over-The-Air using UML/OCL
Verification of IVI Over-The-Air using UML/OCLVerification of IVI Over-The-Air using UML/OCL
Verification of IVI Over-The-Air using UML/OCL
Seungjoo Kim
 
13_CES_DO-178B.pdf
13_CES_DO-178B.pdf13_CES_DO-178B.pdf
13_CES_DO-178B.pdf
AbdulQadeerKhan72
 
HND Graded Unit - GalbraithJ
HND Graded Unit - GalbraithJHND Graded Unit - GalbraithJ
HND Graded Unit - GalbraithJJon Galbraith
 
Towards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industryTowards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industry
Ashley Zupkus
 
Breinstorm@HUMIQ - Automotive functionalsafety
Breinstorm@HUMIQ - Automotive functionalsafetyBreinstorm@HUMIQ - Automotive functionalsafety
Breinstorm@HUMIQ - Automotive functionalsafety
ipebesma
 
CE Mark: Where to Start
CE Mark: Where to StartCE Mark: Where to Start
CE Mark: Where to Start
f2labs13
 
Safety Integrity Levels
Safety Integrity LevelsSafety Integrity Levels
Safety Integrity LevelsSandeep Patalay
 
Way To Use Autel Maxiscan JP701 Scanner | VtoolShop
Way To Use Autel Maxiscan JP701 Scanner | VtoolShopWay To Use Autel Maxiscan JP701 Scanner | VtoolShop
Way To Use Autel Maxiscan JP701 Scanner | VtoolShop
Amy joe
 
How to use Abs Airbag Scanner Tool | VtoolShop
How to use Abs Airbag Scanner Tool | VtoolShopHow to use Abs Airbag Scanner Tool | VtoolShop
How to use Abs Airbag Scanner Tool | VtoolShopAmy joe
 
Introduction to Functional Safety and SIL Certification
Introduction to Functional Safety and SIL CertificationIntroduction to Functional Safety and SIL Certification
Introduction to Functional Safety and SIL Certification
ISA Boston Section
 
[Skolkovo Robotics V] Перспективы и ограничения использования бас на немецком...
[Skolkovo Robotics V] Перспективы и ограничения использования бас на немецком...[Skolkovo Robotics V] Перспективы и ограничения использования бас на немецком...
[Skolkovo Robotics V] Перспективы и ограничения использования бас на немецком...
Skolkovo Robotics Center
 
T06 machine safetyachievingandmaintainingregulatorycompliance-canada
T06 machine safetyachievingandmaintainingregulatorycompliance-canadaT06 machine safetyachievingandmaintainingregulatorycompliance-canada
T06 machine safetyachievingandmaintainingregulatorycompliance-canada
Vo Quoc Hieu
 
Machine safety-guide
Machine safety-guideMachine safety-guide
Machine safety-guide
Vo Quoc Hieu
 
Data and Power Isolation (Design Conference 2013)
Data and Power Isolation (Design Conference 2013)Data and Power Isolation (Design Conference 2013)
Data and Power Isolation (Design Conference 2013)
Analog Devices, Inc.
 
Design of Low Cost Line Impedance Stabilization Network Using RLC Components ...
Design of Low Cost Line Impedance Stabilization Network Using RLC Components ...Design of Low Cost Line Impedance Stabilization Network Using RLC Components ...
Design of Low Cost Line Impedance Stabilization Network Using RLC Components ...
IRJET Journal
 
W09 safety risk-assessments-pls-and-sils
W09 safety risk-assessments-pls-and-silsW09 safety risk-assessments-pls-and-sils
W09 safety risk-assessments-pls-and-sils
Vo Quoc Hieu
 
Unified Systems Engineering feasibility
Unified Systems Engineering feasibilityUnified Systems Engineering feasibility
Unified Systems Engineering feasibility
Eric Verhulst
 
5b50dc69-4ca7-41ee-a9dd-b4e8b220b4fe.pdf
5b50dc69-4ca7-41ee-a9dd-b4e8b220b4fe.pdf5b50dc69-4ca7-41ee-a9dd-b4e8b220b4fe.pdf
5b50dc69-4ca7-41ee-a9dd-b4e8b220b4fe.pdf
SrinidhirkGowda
 
Profile E Burian Jan2016
Profile E Burian Jan2016Profile E Burian Jan2016
Profile E Burian Jan2016Eduard Burian
 
SLG_EMC
SLG_EMCSLG_EMC
SLG_EMCFrank Schulz
 
Next-Generation Completeness and Consistency Management in the Digital Threa...
Next-Generation Completeness and Consistency Management in the Digital Threa...Next-Generation Completeness and Consistency Management in the Digital Threa...
Next-Generation Completeness and Consistency Management in the Digital Threa...
Ákos Horváth
 
Natural Language Understanding of Systems Engineering Artifacts
Natural Language Understanding of Systems Engineering ArtifactsNatural Language Understanding of Systems Engineering Artifacts
Natural Language Understanding of Systems Engineering Artifacts
Ákos Horváth
 

More Related Content

Similar to Software Development for Safety Critical Systems

Verification of IVI Over-The-Air using UML/OCL
Verification of IVI Over-The-Air using UML/OCLVerification of IVI Over-The-Air using UML/OCL
Verification of IVI Over-The-Air using UML/OCL
Seungjoo Kim
 
13_CES_DO-178B.pdf
13_CES_DO-178B.pdf13_CES_DO-178B.pdf
13_CES_DO-178B.pdf
AbdulQadeerKhan72
 
HND Graded Unit - GalbraithJ
HND Graded Unit - GalbraithJHND Graded Unit - GalbraithJ
HND Graded Unit - GalbraithJJon Galbraith
 
Towards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industryTowards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industry
Ashley Zupkus
 
Breinstorm@HUMIQ - Automotive functionalsafety
Breinstorm@HUMIQ - Automotive functionalsafetyBreinstorm@HUMIQ - Automotive functionalsafety
Breinstorm@HUMIQ - Automotive functionalsafety
ipebesma
 
CE Mark: Where to Start
CE Mark: Where to StartCE Mark: Where to Start
CE Mark: Where to Start
f2labs13
 
Way To Use Autel Maxiscan JP701 Scanner | VtoolShop
Way To Use Autel Maxiscan JP701 Scanner | VtoolShopWay To Use Autel Maxiscan JP701 Scanner | VtoolShop
Way To Use Autel Maxiscan JP701 Scanner | VtoolShop
Amy joe
 
How to use Abs Airbag Scanner Tool | VtoolShop
How to use Abs Airbag Scanner Tool | VtoolShopHow to use Abs Airbag Scanner Tool | VtoolShop
How to use Abs Airbag Scanner Tool | VtoolShopAmy joe
 
Introduction to Functional Safety and SIL Certification
Introduction to Functional Safety and SIL CertificationIntroduction to Functional Safety and SIL Certification
Introduction to Functional Safety and SIL Certification
ISA Boston Section
 
[Skolkovo Robotics V] Перспективы и ограничения использования бас на немецком...
[Skolkovo Robotics V] Перспективы и ограничения использования бас на немецком...[Skolkovo Robotics V] Перспективы и ограничения использования бас на немецком...
[Skolkovo Robotics V] Перспективы и ограничения использования бас на немецком...
Skolkovo Robotics Center
 
T06 machine safetyachievingandmaintainingregulatorycompliance-canada
T06 machine safetyachievingandmaintainingregulatorycompliance-canadaT06 machine safetyachievingandmaintainingregulatorycompliance-canada
T06 machine safetyachievingandmaintainingregulatorycompliance-canada
Vo Quoc Hieu
 
Machine safety-guide
Machine safety-guideMachine safety-guide
Machine safety-guide
Vo Quoc Hieu
 
Data and Power Isolation (Design Conference 2013)
Data and Power Isolation (Design Conference 2013)Data and Power Isolation (Design Conference 2013)
Data and Power Isolation (Design Conference 2013)
Analog Devices, Inc.
 
Design of Low Cost Line Impedance Stabilization Network Using RLC Components ...
Design of Low Cost Line Impedance Stabilization Network Using RLC Components ...Design of Low Cost Line Impedance Stabilization Network Using RLC Components ...
Design of Low Cost Line Impedance Stabilization Network Using RLC Components ...
IRJET Journal
 
W09 safety risk-assessments-pls-and-sils
W09 safety risk-assessments-pls-and-silsW09 safety risk-assessments-pls-and-sils
W09 safety risk-assessments-pls-and-sils
Vo Quoc Hieu
 
Unified Systems Engineering feasibility
Unified Systems Engineering feasibilityUnified Systems Engineering feasibility
Unified Systems Engineering feasibility
Eric Verhulst
 
5b50dc69-4ca7-41ee-a9dd-b4e8b220b4fe.pdf
5b50dc69-4ca7-41ee-a9dd-b4e8b220b4fe.pdf5b50dc69-4ca7-41ee-a9dd-b4e8b220b4fe.pdf
5b50dc69-4ca7-41ee-a9dd-b4e8b220b4fe.pdf
SrinidhirkGowda
 
Profile E Burian Jan2016
Profile E Burian Jan2016Profile E Burian Jan2016
Profile E Burian Jan2016Eduard Burian
 

Similar to Software Development for Safety Critical Systems (20)

Verification of IVI Over-The-Air using UML/OCL
Verification of IVI Over-The-Air using UML/OCLVerification of IVI Over-The-Air using UML/OCL
Verification of IVI Over-The-Air using UML/OCL
 
13_CES_DO-178B.pdf
13_CES_DO-178B.pdf13_CES_DO-178B.pdf
13_CES_DO-178B.pdf
 
HND Graded Unit - GalbraithJ
HND Graded Unit - GalbraithJHND Graded Unit - GalbraithJ
HND Graded Unit - GalbraithJ
 
Towards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industryTowards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industry
 
Breinstorm@HUMIQ - Automotive functionalsafety
Breinstorm@HUMIQ - Automotive functionalsafetyBreinstorm@HUMIQ - Automotive functionalsafety
Breinstorm@HUMIQ - Automotive functionalsafety
 
CE Mark: Where to Start
CE Mark: Where to StartCE Mark: Where to Start
CE Mark: Where to Start
 
Safety Integrity Levels
Safety Integrity LevelsSafety Integrity Levels
Safety Integrity Levels
 
Way To Use Autel Maxiscan JP701 Scanner | VtoolShop
Way To Use Autel Maxiscan JP701 Scanner | VtoolShopWay To Use Autel Maxiscan JP701 Scanner | VtoolShop
Way To Use Autel Maxiscan JP701 Scanner | VtoolShop
 
How to use Abs Airbag Scanner Tool | VtoolShop
How to use Abs Airbag Scanner Tool | VtoolShopHow to use Abs Airbag Scanner Tool | VtoolShop
How to use Abs Airbag Scanner Tool | VtoolShop
 
Introduction to Functional Safety and SIL Certification
Introduction to Functional Safety and SIL CertificationIntroduction to Functional Safety and SIL Certification
Introduction to Functional Safety and SIL Certification
 
[Skolkovo Robotics V] Перспективы и ограничения использования бас на немецком...
[Skolkovo Robotics V] Перспективы и ограничения использования бас на немецком...[Skolkovo Robotics V] Перспективы и ограничения использования бас на немецком...
[Skolkovo Robotics V] Перспективы и ограничения использования бас на немецком...
 
T06 machine safetyachievingandmaintainingregulatorycompliance-canada
T06 machine safetyachievingandmaintainingregulatorycompliance-canadaT06 machine safetyachievingandmaintainingregulatorycompliance-canada
T06 machine safetyachievingandmaintainingregulatorycompliance-canada
 
Machine safety-guide
Machine safety-guideMachine safety-guide
Machine safety-guide
 
Data and Power Isolation (Design Conference 2013)
Data and Power Isolation (Design Conference 2013)Data and Power Isolation (Design Conference 2013)
Data and Power Isolation (Design Conference 2013)
 
Design of Low Cost Line Impedance Stabilization Network Using RLC Components ...
Design of Low Cost Line Impedance Stabilization Network Using RLC Components ...Design of Low Cost Line Impedance Stabilization Network Using RLC Components ...
Design of Low Cost Line Impedance Stabilization Network Using RLC Components ...
 
W09 safety risk-assessments-pls-and-sils
W09 safety risk-assessments-pls-and-silsW09 safety risk-assessments-pls-and-sils
W09 safety risk-assessments-pls-and-sils
 
Unified Systems Engineering feasibility
Unified Systems Engineering feasibilityUnified Systems Engineering feasibility
Unified Systems Engineering feasibility
 
5b50dc69-4ca7-41ee-a9dd-b4e8b220b4fe.pdf
5b50dc69-4ca7-41ee-a9dd-b4e8b220b4fe.pdf5b50dc69-4ca7-41ee-a9dd-b4e8b220b4fe.pdf
5b50dc69-4ca7-41ee-a9dd-b4e8b220b4fe.pdf
 
Profile E Burian Jan2016
Profile E Burian Jan2016Profile E Burian Jan2016
Profile E Burian Jan2016
 
SLG_EMC
SLG_EMCSLG_EMC
SLG_EMC
 

More from Ákos Horváth

Next-Generation Completeness and Consistency Management in the Digital Threa...
Next-Generation Completeness and Consistency Management in the Digital Threa...Next-Generation Completeness and Consistency Management in the Digital Threa...
Next-Generation Completeness and Consistency Management in the Digital Threa...
Ákos Horváth
 
Natural Language Understanding of Systems Engineering Artifacts
Natural Language Understanding of Systems Engineering ArtifactsNatural Language Understanding of Systems Engineering Artifacts
Natural Language Understanding of Systems Engineering Artifacts
Ákos Horváth
 
IoT Meetup Budapest - The Open-CPS approach
IoT Meetup Budapest - The Open-CPS approachIoT Meetup Budapest - The Open-CPS approach
IoT Meetup Budapest - The Open-CPS approach
Ákos Horváth
 
Multi-disciplinary simulation of Cyber-Physical Systems – The OpenCPS approach
Multi-disciplinary simulation of Cyber-Physical Systems – The OpenCPS approachMulti-disciplinary simulation of Cyber-Physical Systems – The OpenCPS approach
Multi-disciplinary simulation of Cyber-Physical Systems – The OpenCPS approach
Ákos Horváth
 
V for visualization: VIATRA finally goes graphical thanks to Sirius!
V for visualization: VIATRA finally goes graphical thanks to Sirius!V for visualization: VIATRA finally goes graphical thanks to Sirius!
V for visualization: VIATRA finally goes graphical thanks to Sirius!
Ákos Horváth
 
DemoCamp Budapest 2016 - Introdcution
DemoCamp Budapest 2016 - IntrodcutionDemoCamp Budapest 2016 - Introdcution
DemoCamp Budapest 2016 - Introdcution
Ákos Horváth
 
Incremental model compiler for executable UML
Incremental model compiler for executable UMLIncremental model compiler for executable UML
Incremental model compiler for executable UML
Ákos Horváth
 
MoDeS3 - Model-based Demonstrator for Smart and Safe Systems
MoDeS3 - Model-based Demonstrator for Smart and Safe SystemsMoDeS3 - Model-based Demonstrator for Smart and Safe Systems
MoDeS3 - Model-based Demonstrator for Smart and Safe Systems
Ákos Horváth
 
Incremental Queries and Transformations for Engineering Critical Systems
Incremental Queries and Transformations for Engineering Critical SystemsIncremental Queries and Transformations for Engineering Critical Systems
Incremental Queries and Transformations for Engineering Critical Systems
Ákos Horváth
 
EMF-IncQuery: Blazing-fast reaction time even for very large diagrams (Sirius...
EMF-IncQuery: Blazing-fast reaction time even for very large diagrams (Sirius...EMF-IncQuery: Blazing-fast reaction time even for very large diagrams (Sirius...
EMF-IncQuery: Blazing-fast reaction time even for very large diagrams (Sirius...
Ákos Horváth
 
Local search-based pattern matching features in EMF-IncQuery
Local search-based pattern matching features in EMF-IncQueryLocal search-based pattern matching features in EMF-IncQuery
Local search-based pattern matching features in EMF-IncQuery
Ákos Horváth
 
Model visualization made easy: Incremental query-driven views in modeling tools
Model visualization made easy: Incremental query-driven views in modeling toolsModel visualization made easy: Incremental query-driven views in modeling tools
Model visualization made easy: Incremental query-driven views in modeling tools
Ákos Horváth
 
CPS(M): Constraint Satisfaction Problem over Models (a.k.a rule based design ...
CPS(M): Constraint Satisfaction Problem over Models (a.k.a rule based design ...CPS(M): Constraint Satisfaction Problem over Models (a.k.a rule based design ...
CPS(M): Constraint Satisfaction Problem over Models (a.k.a rule based design ...
Ákos Horváth
 
Szoftverfejlesztés a repülőgépiparban
Szoftverfejlesztés a repülőgépiparbanSzoftverfejlesztés a repülőgépiparban
Szoftverfejlesztés a repülőgépiparban
Ákos Horváth
 
Guaranteed Component Assembly with Round Trip Analysis for Energy Efficient H...
Guaranteed Component Assembly with Round Trip Analysis for Energy Efficient H...Guaranteed Component Assembly with Round Trip Analysis for Energy Efficient H...
Guaranteed Component Assembly with Round Trip Analysis for Energy Efficient H...
Ákos Horváth
 
Incremental Model Queries for Model-Dirven Software Engineering
Incremental Model Queries for Model-Dirven Software EngineeringIncremental Model Queries for Model-Dirven Software Engineering
Incremental Model Queries for Model-Dirven Software Engineering
Ákos Horváth
 
Model-Driven Development of ARINC 653 Configuration tables
Model-Driven Development of ARINC 653 Configuration tablesModel-Driven Development of ARINC 653 Configuration tables
Model-Driven Development of ARINC 653 Configuration tables
Ákos Horváth
 
Hardware-Software allocation specification of IMA systems for early simulation
Hardware-Software allocation specification of IMA systems for early simulationHardware-Software allocation specification of IMA systems for early simulation
Hardware-Software allocation specification of IMA systems for early simulation
Ákos Horváth
 
Massif - the love child of Matlab Simulink and Eclipse
Massif - the love child of Matlab Simulink and EclipseMassif - the love child of Matlab Simulink and Eclipse
Massif - the love child of Matlab Simulink and Eclipse
Ákos Horváth
 
Decreasing your Coffe Consumption by Incremental Code regeneration
Decreasing your Coffe Consumption by Incremental Code regenerationDecreasing your Coffe Consumption by Incremental Code regeneration
Decreasing your Coffe Consumption by Incremental Code regeneration
Ákos Horváth
 

More from Ákos Horváth (20)

Next-Generation Completeness and Consistency Management in the Digital Threa...
Next-Generation Completeness and Consistency Management in the Digital Threa...Next-Generation Completeness and Consistency Management in the Digital Threa...
Next-Generation Completeness and Consistency Management in the Digital Threa...
 
Natural Language Understanding of Systems Engineering Artifacts
Natural Language Understanding of Systems Engineering ArtifactsNatural Language Understanding of Systems Engineering Artifacts
Natural Language Understanding of Systems Engineering Artifacts
 
IoT Meetup Budapest - The Open-CPS approach
IoT Meetup Budapest - The Open-CPS approachIoT Meetup Budapest - The Open-CPS approach
IoT Meetup Budapest - The Open-CPS approach
 
Multi-disciplinary simulation of Cyber-Physical Systems – The OpenCPS approach
Multi-disciplinary simulation of Cyber-Physical Systems – The OpenCPS approachMulti-disciplinary simulation of Cyber-Physical Systems – The OpenCPS approach
Multi-disciplinary simulation of Cyber-Physical Systems – The OpenCPS approach
 
V for visualization: VIATRA finally goes graphical thanks to Sirius!
V for visualization: VIATRA finally goes graphical thanks to Sirius!V for visualization: VIATRA finally goes graphical thanks to Sirius!
V for visualization: VIATRA finally goes graphical thanks to Sirius!
 
DemoCamp Budapest 2016 - Introdcution
DemoCamp Budapest 2016 - IntrodcutionDemoCamp Budapest 2016 - Introdcution
DemoCamp Budapest 2016 - Introdcution
 
Incremental model compiler for executable UML
Incremental model compiler for executable UMLIncremental model compiler for executable UML
Incremental model compiler for executable UML
 
MoDeS3 - Model-based Demonstrator for Smart and Safe Systems
MoDeS3 - Model-based Demonstrator for Smart and Safe SystemsMoDeS3 - Model-based Demonstrator for Smart and Safe Systems
MoDeS3 - Model-based Demonstrator for Smart and Safe Systems
 
Incremental Queries and Transformations for Engineering Critical Systems
Incremental Queries and Transformations for Engineering Critical SystemsIncremental Queries and Transformations for Engineering Critical Systems
Incremental Queries and Transformations for Engineering Critical Systems
 
EMF-IncQuery: Blazing-fast reaction time even for very large diagrams (Sirius...
EMF-IncQuery: Blazing-fast reaction time even for very large diagrams (Sirius...EMF-IncQuery: Blazing-fast reaction time even for very large diagrams (Sirius...
EMF-IncQuery: Blazing-fast reaction time even for very large diagrams (Sirius...
 
Local search-based pattern matching features in EMF-IncQuery
Local search-based pattern matching features in EMF-IncQueryLocal search-based pattern matching features in EMF-IncQuery
Local search-based pattern matching features in EMF-IncQuery
 
Model visualization made easy: Incremental query-driven views in modeling tools
Model visualization made easy: Incremental query-driven views in modeling toolsModel visualization made easy: Incremental query-driven views in modeling tools
Model visualization made easy: Incremental query-driven views in modeling tools
 
CPS(M): Constraint Satisfaction Problem over Models (a.k.a rule based design ...
CPS(M): Constraint Satisfaction Problem over Models (a.k.a rule based design ...CPS(M): Constraint Satisfaction Problem over Models (a.k.a rule based design ...
CPS(M): Constraint Satisfaction Problem over Models (a.k.a rule based design ...
 
Szoftverfejlesztés a repülőgépiparban
Szoftverfejlesztés a repülőgépiparbanSzoftverfejlesztés a repülőgépiparban
Szoftverfejlesztés a repülőgépiparban
 
Guaranteed Component Assembly with Round Trip Analysis for Energy Efficient H...
Guaranteed Component Assembly with Round Trip Analysis for Energy Efficient H...Guaranteed Component Assembly with Round Trip Analysis for Energy Efficient H...
Guaranteed Component Assembly with Round Trip Analysis for Energy Efficient H...
 
Incremental Model Queries for Model-Dirven Software Engineering
Incremental Model Queries for Model-Dirven Software EngineeringIncremental Model Queries for Model-Dirven Software Engineering
Incremental Model Queries for Model-Dirven Software Engineering
 
Model-Driven Development of ARINC 653 Configuration tables
Model-Driven Development of ARINC 653 Configuration tablesModel-Driven Development of ARINC 653 Configuration tables
Model-Driven Development of ARINC 653 Configuration tables
 
Hardware-Software allocation specification of IMA systems for early simulation
Hardware-Software allocation specification of IMA systems for early simulationHardware-Software allocation specification of IMA systems for early simulation
Hardware-Software allocation specification of IMA systems for early simulation
 
Massif - the love child of Matlab Simulink and Eclipse
Massif - the love child of Matlab Simulink and EclipseMassif - the love child of Matlab Simulink and Eclipse
Massif - the love child of Matlab Simulink and Eclipse
 
Decreasing your Coffe Consumption by Incremental Code regeneration
Decreasing your Coffe Consumption by Incremental Code regenerationDecreasing your Coffe Consumption by Incremental Code regeneration
Decreasing your Coffe Consumption by Incremental Code regeneration
 

Recently uploaded

OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
takuyayamamoto1800
 
Navigating the Metaverse: A Journey into Virtual Evolution"
Navigating the Metaverse: A Journey into Virtual Evolution"Navigating the Metaverse: A Journey into Virtual Evolution"
Navigating the Metaverse: A Journey into Virtual Evolution"
Donna Lenk
 
GlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote sessionGlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote session
Globus
 
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
informapgpstrackings
 
May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdfMay Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
Adele Miller
 
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxTop Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
rickgrimesss22
 
Enterprise Software Development with No Code Solutions.pptx
Enterprise Software Development with No Code Solutions.pptxEnterprise Software Development with No Code Solutions.pptx
Enterprise Software Development with No Code Solutions.pptx
QuickwayInfoSystems3
 
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...
Globus
 
Developing Distributed High-performance Computing Capabilities of an Open Sci...
Developing Distributed High-performance Computing Capabilities of an Open Sci...Developing Distributed High-performance Computing Capabilities of an Open Sci...
Developing Distributed High-performance Computing Capabilities of an Open Sci...
Globus
 
Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024
Globus
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
Fermin Galan
 
GraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph TechnologyGraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph Technology
Neo4j
 
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket ManagementUtilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate
 
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Globus
 
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdfDominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
AMB-Review
 
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
Juraj Vysvader
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
Matt Welsh
 
Graphic Design Crash Course for beginners
Graphic Design Crash Course for beginnersGraphic Design Crash Course for beginners
Graphic Design Crash Course for beginners
e20449
 
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Mind IT Systems
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
Georgi Kodinov
 

Recently uploaded (20)

OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
 
Navigating the Metaverse: A Journey into Virtual Evolution"
Navigating the Metaverse: A Journey into Virtual Evolution"Navigating the Metaverse: A Journey into Virtual Evolution"
Navigating the Metaverse: A Journey into Virtual Evolution"
 
GlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote sessionGlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote session
 
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
 
May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdfMay Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
 
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxTop Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
 
Enterprise Software Development with No Code Solutions.pptx
Enterprise Software Development with No Code Solutions.pptxEnterprise Software Development with No Code Solutions.pptx
Enterprise Software Development with No Code Solutions.pptx
 
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...
 
Developing Distributed High-performance Computing Capabilities of an Open Sci...
Developing Distributed High-performance Computing Capabilities of an Open Sci...Developing Distributed High-performance Computing Capabilities of an Open Sci...
Developing Distributed High-performance Computing Capabilities of an Open Sci...
 
Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
 
GraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph TechnologyGraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph Technology
 
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket ManagementUtilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
 
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
 
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdfDominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
 
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
 
Graphic Design Crash Course for beginners
Graphic Design Crash Course for beginnersGraphic Design Crash Course for beginners
Graphic Design Crash Course for beginners
 
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
 

Software Development for Safety Critical Systems

  • 1. Budapest University of Technology and Economics Department of Measurement and Information Systems Software Development for Safety Critical Systems Ákos Horváth Dept. of Measurement and Information Systems Fault Tolerant Systems Research Group FRENCH-HUNGARIAN WORKSHOP ON OUTER-SPACE
  • 2. How to avoid? Safety Critical Software Development 2
  • 3. Specialities of safety critical systems  Safety-critical systems o Informal definition: Malfunction may cause injury of people  Special solutions to achieve safe operation o Design: Requirements, architecture, tools, … o Verification, validation, and independent assessment o Certification (by safety authorities)  Basis of certification: Standards o IEC 61508: Generic standard (for electrical, electronic or programmable electronic systems) o DO178B/C: Software in airborne systems and equipment o EN50129: Railway (control systems) o EN50128: Railway (software) o ISO26262: Automotive o Other sector-specific standards: Medical, process control, etc. 3
  • 4. History of avionics SW complexity 4 0 50 100 150 200 250 300 350 400 MIPS LOC Mbyte/10 Digital links A-310 (1983) A-320 (1988) A-340 (1993) Exponential Growth Both A380 and B 787 have 100’s of millions LOC Ref: Subra de Salafa and Paquier
  • 5. ARP-4754 Aeronautical Certification Bodies and Standards 5 ICAO EASA EASA EASANational Aviation Authority EASA CS-25 ARP-4754 define supervise supervise EASA EASAStandardization Body harmonize with regulations adopt accepted mean define
  • 6. ARP-4754 Aeronautical Certification Bodies and Standards 6 ICAO EASA EASA EASANational Aviation Authority EASA CS-25 ARP-4754 define supervise supervise EASA EASAStandardization Body harmonize with regulations adopt accepted mean define International Civil Aviation Organization (1944) European Aviation Safety Agency (2006)
  • 7. ARP-4754 Aeronautical Certification Bodies and Standards 7 ICAO EASA EASA EASANational Aviation Authorities EASA CS-25 ARP-4754 define supervise supervise EASA EASAStandardization Body sarmonize with regulations adopt accepted mean define EASA CS 25.1309: The airplane systems and associated components, considered separately and in relation to other systems, must be designed so that- 1. Any catastrophic failure condition a) is extremely improbable; and b) does not result from a single failure; and 2. Any hazardous failure condition is extremely remote; and 3. Any major failure condition is remote.
  • 9. Aeronautical System Certification 9 Methodologies for safety assessment processes are guidelines E.g., fault tree analysis, common cause analysis Certififcation aspects of complex aircraft system  cannot be shown by test only. Design Assurance Level (DAL)
  • 10. Aeronautical System Certification 10 Methodologies for safety assessment processes are guidelines E.g., fault tree analysis, common cause analysis Certififcation aspects of complex aircraft system  cannot be shown by test only. Design Assurance Level (DAL)
  • 11. Aeronautical System Certification 11 Provide guidelines for production of software for airborne systems. Objectives, activities and evidences Certififcation aspects of hardware elements from concept to airworthy equipment development
  • 13. Future and Related Fields  Automotive industry o Drive-by-wire o Automated parking/driving o No strict authorities for SW certification • EU pushing for standards • Safety related issues  UAV o In the same civil airspace o Needs to take into consideration the environment o Equipment can fail 13  Space and Satellite o Uses avionics concepts o Similar certification processes by ESA o How advanced concepts will appear?  Avionics o Modern development methods (DO-178C annexes, 2013) o MDE, OO languages, formal methods, tool certification o Flightpath 2050 o Passengers/year from 2.5bn to 16bn o 31000 new aircrafts

Editor's Notes

  1. ICAO - International Civil Aviation Organization (1944 Chicago agreement) FAA Federal Aviation Administration or EASA European Aviation Safety Agency (2006) –> works as a mointoring and codification organization, conrete implementation by national Aviation Authorities 3 main points Formal recognition and legal statement Certification process, documented assurance Three questions: Does the system meet regulations? Is the system fit for flight? Is the system safe for flight? Certification requirements derived from legal duties and regulations  EASA CS-25 (airplanes) –> ARP 4754  DO-178B In compliance with certiVcation and safety regulations there are several organizations that develop standards for authorities, which may adopt those as acceptable means of compli-ance with their rules and regulations. RTCA -> DO standards, SAE –> ARP standards, ARINC
  2. ICAO - International Civil Aviation Organization (1944 Chicago agreement) FAA Federal Aviation Administration or EASA European Aviation Safety Agency (2006) –> works as a mointoring and codification organization, conrete implementation by national Aviation Authorities
  3. EASA European Aviation Safety Agency (2006) –> works as a mointoring and codification organization, conrete implementation by national Aviation Authorities 3 main points Formal recognition and legal statement Certification process, documented assurance Three questions: Does the system meet regulations? Is the system fit for flight? Is the system safe for flight? Certification requirements derived from legal duties and regulations  EASA CS-25 (airplanes) –> ARP 4754  DO-178B In compliance with certification and safety regulations there are several organizations that develop standards for authorities, which may adopt those as acceptable means of compliance with their rules and regulations. RTCA -> DO standards, SAE –> ARP standards, ARINC
  4. ARP-4761 [SAEd] provides general guidance in evaluating the safety aspects of a design. For this purpose, it describes guidelines and methods of performing the safety assessment for certiVcation of civil aircraft. This standard is a collection of all safety analysis methods that can be used as part of the functions, systems and equipment assessment for safety. The intent of this document is to identify typical activities, methods, and documentation that may be used in the performance of safety assessments for civil aircraft and their associated systems and equipment ARP 4754 discusses the certiVcation aspects ofhighly-integrated– refers to systems that per-form or contribute to multiple aircraft-level functions – andcomplex– refers to systems whose safety cannot be shown solely by test and whose logic is diXcult to comprehend without the aid of analytical tools
  5. ARP-4761 [SAEd] provides general guidance in evaluating the safety aspects of a design. For this purpose, it describes guidelines and methods of performing the safety assessment for certification of civil aircraft. This standard is a collection of all safety analysis methods that can be used as part of the functions, systems and equipment assessment for safety. The intent of this document is to identify typical activities, methods, and documentation that may be used in the performance of safety assessments for civil aircraft and their associated systems and equipment ARP 4754 discusses the certification aspects of highly-integrated– refers to systems that per-form or contribute to multiple aircraft-level functions – and complex– refers to systems whose safety cannot be shown solely by test and whose logic is difficult to comprehend without the aid of analytical tools
  6. 66 Objectives for Level A 65 Objectives for Level B only one difference MC/DC code coverage
  7. Flightpath 2050’ 16bn report 31000 new aircraft will be neede in the upcoming 20-25 yeards. Capacity -> Airbus + Boeing 3000 and booked for 9 years! Responsability will beon you -> push a button.