Florian Leitner-Fischer

A collection of books discussing functional safety according to ISO61508 and ISO26262.

English:

Functional Safety
The Safety Critical Systems Handbook

German:

Funktionale Sicherheit
Funktionale Sicherheit in der Praxis

It’s december and a new year will start a few days from now. It’s that time of the year where we think of thinks we want to achieve or do more often the next year. Often theses things include sports, losing weight or spending more time with loved ones.
These are all valid and important new years resolutions and you should go for them. But there is one more thing, let’s think about how we can sharpen our saws to become better at our work. This list is primarily intended for computer scientists and software engineers, developers and architects but probably can be adapted for other professions as well.

Here’s some ideas, some mine, some are inspired by a similar post of Scott Hanselman:

• Set-aside time, like one or two hours per week, to read technical books or papers related to your field of work.
• Set-aside time to read one technical paper or book that is not related to your field of work per month.
• Listen to podcasts, or watch screencasts about new technologies and approaches.
• Attend conferences and talks and most importantly try to ask questions or at least write down questions and try to figure out the answer for your self.
• Discuss problems with your co-workers, you might be surprised how much you can learn from a good discussion.
• Help others, sometimes there is no better and satisfactory way than helping someone to solve a technical problem.
• Try something new! Whether it is a new programmin language, new software architecting tool or a new software process model you’ll never know when you need it.

The last few months I had not much time to blog, but today I want to write about a current research project
I’m involved in.

The QuantUM Approach

When developing a safety-critical system it is essential to obtain an assessment of different design alternatives. In particular, an early safety assessment of the architectural design of a system is desirable. In spite of the plethora of available formal quantitative analysis methods it is still difficult for software and system architects to integrate these techniques into their every day work. This is mainly due to the lack of methods that can be directly applied to architecture level models, for instance given as UML diagrams. Also, it is necessary that the description methods used do not require a profound knowledge of formal methods. Our approach bridges this gap and improves the integration of quantitative safety analysis methods into the development process. All inputs of the analysis are specified at the level of a UML model. This model is then automatically translated into the analysis model, and the results of the analysis are consequently represented on the level of the UML model. Thus the analysis model and the formal methods used during the analysis are hidden from the user.

Our approach depicted in the Figure above can be summarized by identifying the following steps:

• Our UML extension is used to annotate the UML model with all information that is needed to perform a dependability analysis.
• The annotated UML model is then exported in the XML Metadata Interchange (XMI) format which is the standard format for exchanging UML models.
• Subsequently, our QuantUM Tool parses the generated XMI file and generates the analysis model in the input language of the probabilistic model checker PRISM as well the properties to be verified.
• For the analysis we use the probabilistic model checker PRISM together with DiPro in order to compute probabilistic counterexamples representing paths leading to a hazard state.
• The resulting counterexamples can then be transformed into a fault tree that can be interpreted at the level of the UML model. Alternatively, they can be mapped onto a UML sequence diagram which can be displayed in the UML modeling tool containing the original UML model.

Key Features of QuantUM

QuantUM Profile for UML and SysML

Extension of the UML and SysML with stereotypes. Specification of safety requirements, dependability characteristics (failure modes, …), failure propagation, component dependencies, safety mechanisms (repair management, redundancy structures) directly in the architectural model with your existing UML / SysML CASE tool.

Probabilistic Analsysis / pFMEA

The annotated UML Model is automatically translated into the input language of a probabilistic model checker, which computes the probability of  safety requirements of hazards. In addition a probabilistic FMEA can be performed automatically.

Automated Fault Tree Generation

(Quantitative) Fault Trees identifying the events causing the violation of a safety requirement or a hazard are automatically generated the analysis.

Result Representation in UML / SysML

System executions violating safety requirements or causing a hazard can be displayed as UML sequence diagrams.

Industrial Usage

The QuantUM approach was applied in several industrial case studies and can be used with all major UML / SysML case tools (e.g. IBM Rational Rhapsody, IBM Rational Software Architect, Sparxsystem Enterprise Architect, …)

More Information

More Information on the theory and methods behind QuantUM can be found on the publications site. As soon as the first prototype is available
it will be announced here! Stay tuned!

My master’s thesis is now available online here.

Abstract

When developing a safety-critical system it is essential to obtain an assessment of different design alternatives. In particular, an early safety assessment of the architectural design of a system is desirable. In spite of the plethora of available formal quantitative analysis methods it is still difficult for software and system architects to integrate these techniques into their every day work. This is mainly due to the lack of methods that can be directly applied to architecture level models, for instance given as UML diagrams. Another obstacle is, that the methods often require a profound knowledge of formal methods, which can rarely be found in industrial practice. Our approach bridges this gap and improves the integration of quantitative safety analysis methods into the development process. We propose a UML profile that allows for the specification of all inputs needed for the analysis at the level of a UML model. The QuantUM tool which we have developed, automatically translates an UML model into an analysis model. Furthermore, the results gained from the analysis are lifted to the level of the UML specification or other high-level formalism to further facilitate the process. Thus the analysis model and the formal methods used during the analysis are hidden from the user.

I just found this Matrix which helps in assessing the competency of a programmer in different fields such as computer science, software engineering, programming,  experience and knowledge. While the programming part is pretty detailed, in my opinion the computer science and software engineering part fall short.

Software Engineering is not just source control and automated build and testing, important things like process knowledge, knowledge about requirements engineering and the knowledge about architecting a complex software system are missing. I agree that a programmer is not the software architect, but s/he should at least have a rough idea of what the software architect does. (This holds also the other way round).

But if you want to asses your programming skills, or those of a prospective knew hire, the matrix is a good start.