Your search keyword '"Safety certification"' showing total 71 results

1. A Strong Identity Authentication Scheme for Electric Power Internet of Things Based on SM9 Algorithm

Author

Deng, Ji, Zhang, Lili, Jiao, Lili, Ren, Yongjin, Lin, Qiutong, Xhafa, Fatos, Series Editor, and Barolli, Leonard, editor

Published

2023

2. Research on Network Security Authentication Method Based on Data Mining Technology

Author

Ma, Xiao-gang, Wang, Huan-yu, Akan, Ozgur, Editorial Board Member, Bellavista, Paolo, Editorial Board Member, Cao, Jiannong, Editorial Board Member, Coulson, Geoffrey, Editorial Board Member, Dressler, Falko, Editorial Board Member, Ferrari, Domenico, Editorial Board Member, Gerla, Mario, Editorial Board Member, Kobayashi, Hisashi, Editorial Board Member, Palazzo, Sergio, Editorial Board Member, Sahni, Sartaj, Editorial Board Member, Shen, Xuemin, Editorial Board Member, Stan, Mircea, Editorial Board Member, Jia, Xiaohua, Editorial Board Member, Zomaya, Albert Y., Editorial Board Member, Wang, Shuihua, editor, Zhang, Zheng, editor, and Xu, Yuan, editor

Published

2022

3. 'Rules of the Road' for Launch and Operation of Small Satellites and Related Issues

Author

Jakhu, Ram S., Pelton, Joseph N., Mishra, Nishith, Pelton, Joseph N., editor, and Madry, Scott, editor

Published

2020

4. An Integrated Approach to Support the Process-Based Certification of Variant-Intensive Systems

Author

Bressan, Lucas, de Oliveira, André L., Campos, Fernanda, Papadopoulos, Yiannis, Parker, David, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Zeller, Marc, editor, and Höfig, Kai, editor

Published

2020

5. IEEE P1547 Series of Standards for Interconnection: Preprint

Author

DeBlasio, R

Published

2003

6. INFLUENCE OF SAFETY CERTIFICATION OF FRESH FRUITS ON PURCHASE DECISION OF ONLINE CONSUMERS: AN ANALYSIS BASED ON BRAIN NEURAL MECHANISM.

Author

Hong Lin and Xujun Zhai

Published

2020

7. Standards for medical devices: Electroconvulsive therapy machine.

Author

Gangadhar, Bangalore N., Sreeraj, Vanteemar S., Sinha, Preeti, and Thirthalli, Jagadisha

Abstract

The manuscript calls for establishing a standard for electroconvulsive devices by manufacturers for better regulation in India. This is most relevant in the context of two recent developments, (a) Notification of medical devices rules, 2017 with classification of ECT as Class C and (b) Recent change in classification of ECT devices by US-FDA in 2018. The establishment of standards would help in upregulating the standard of ECT devices as well as ECT practices. [ABSTRACT FROM AUTHOR]

Published

2024

8. Effectiveness of Direct Safety Regulations on Manufacturers and Users of Industrial Machines: Its Implications on Industrial Safety Policies in Republic of Korea

Author

Gi Heung Choi

Subjects

direct regulation, safety certification, self-declaration of conformity, safety device regulation, safety inspection, Public aspects of medicine, RA1-1270

Abstract

Background: Despite considerable efforts made in recent years, the industrial accident rate and the fatality rate in the Republic of Korea are much higher than those in most developed countries in Europe and North America. Industrial safety policies and safety regulations are also known to be ineffective and inefficient in some cases. Methods: This study focuses on the quantitative evaluation of the effectiveness of direct safety regulations such as safety certification, self-declaration of conformity, and safety inspection of industrial machines in the Republic of Korea. Implications on safety policies to restructure the industrial safety system associated with industrial machines are also explored. Results: Analysis of causes in industrial accidents associated with industrial machines confirms that technical causes need to be resolved to reduce both the frequency and the severity of such industrial accidents. Statistical analysis also confirms that the indirect effects of safety device regulation on users are limited for a variety of reasons. Safety device regulation needs to be shifted to complement safety certification and self-declaration of conformity for more balanced direct regulations on manufacturers and users. An example of cost-benefit analysis on conveyor justifies such a transition. Conclusion: Industrial safety policies and regulations associated with industrial machines must be directed towards eliminating the sources of danger at the stage of danger creation, thereby securing the safe industrial machines. Safety inspection further secures the safety of workers at the stage of danger use. The overall balance between such safety regulations is achieved by proper distribution of industrial machines subject to such regulations and the intensity of each regulation. Rearrangement of industrial machines subject to safety certification and self-declaration of conformity to include more movable industrial machines and other industrial machines with a high level of danger is also suggested.

Published

2017

9. Probabilistic Risk Assessment of an Obstacle Detection System for GoA 4 Freight Trains

Author

Gleirscher, Mario, Haxthausen, Anne E., Peleska, Jan, Gleirscher, Mario, Haxthausen, Anne E., and Peleska, Jan

Abstract

We propose a quantitative risk assessment approach for the design of an obstacle detection function for low-speed freight trains with grade of automation 4. In this five-step approach, starting with single detection channels and ending with a three-out-of-three model comprised of three independent dual-channel modules and a voter, we exemplify a probabilistic assessment, using a combination of statistical methods and parametric stochastic model checking. We illustrate that, under certain not unreasonable assumptions, the resulting hazard rate becomes acceptable for the discussed application setting. The statistical approach for assessing the residual risk of misclassifications in convolutional neural networks and conventional image processing software suggests that high confidence can be placed into the safety-critical obstacle detection function, even though its implementation involves realistic machine learning uncertainties.

Published

2023

10. Exposure to Electro-Magnetic Fields: Global Standards for Packaging, Safety Certification and Handling of Magnetic Material

Author

Warhate, Vijay V.

Subjects

Superconducting electromagnets, Electro-magnetic Fields Exposure, Biological effects, Global Standards, Safety Certification

Abstract

Superconducting electromagnets, ambient temperature electromagnets, permanent magnets, rare-earth magnets are Hazardous Magnetic Materials. According to Biological effects and epidemiological studies (100 kHz–300 GHz), available experimental evidence indicates that the exposure of resting humans for approximately 30 min to EMF producing a whole-body SAR of between 1 and 4 W kg-1. Individuals with pacemakers or internal medical devices should use caution when handling strong magnets. Magnetic fields may affect the operation of these devices. Packaging, Labelling and Safety Certification are important global standards for Handling of Magnetic Materials. Researchers and magnet manufacturers have been put many efforts into the recycling of bulk magnet wastes due to the concerns of environmental protection and rare-earth resource supplies. Rare-earth magnets should be disposed of in compliance with local, state, and Federal law. All strong permanent magnets should be thermally demagnetized prior to disposal. Alternatively, all strong permanent magnets should be placed in a steel container prior to disposal so the magnets do not attract waste disposal equipment or refuse containers.&nbsp

Published

2023

11. Safety considerations and time constant determined extended operations for fuel cell-powered aircrafts

Author

Kösters, Lennart and Gao, Xin

Published

2021

12. Regulatory challenges for road vehicle automation: Lessons from the California experience.

Author

Shladover, Steven E. and Nowakowski, Christopher

Subjects

*TRAFFIC violations, *TRAFFIC monitoring, *TRAFFIC regulations, *LEGAL liability, *GOVERNMENT agencies, *PUBLIC safety

Abstract

Abstract The development of automated driving systems presents a special challenge to the existing regulatory regimes for road vehicles. Automated driving systems shift the responsibility for roadway and traffic monitoring, decision making, and vehicle control from the driver to the automated driving system, which will necessitate a shift of the responsibility for traffic law violations and crashes from the individual driver toward the manufacturers of the automated driving systems. However, the opportunities for automated driving systems to improve transportation system performance and safety are great, and rapid innovation needs to be balanced against the risks to public safety from poorly engineered or hastily released systems competing for first-on-the-market status. Furthermore, in the absence of clearly defined standards and testing procedures, it is not yet clear how safety can be certified by the developer, a regulatory agency, or a third party. This paper describes California's pioneering efforts to grapple with these challenges after its legislature passed a law requiring the development of regulations to govern the testing and operation of automated vehicles on public roads, and it provides recommendations regarding what should and should not be incorporated into such regulations. [ABSTRACT FROM AUTHOR]

Published

2019

13. Virtualizing mixed-criticality systems: A survey on industrial trends and issues

Author

Marcello Cinque, Domenico Cotroneo, Luigi De Simone, Stefano Rosiello, Cinque, M., Cotroneo, D., De Simone, L., and Rosiello, S.

Subjects

FOS: Computer and information sciences, Mixed-criticality system, Operating Systems (cs.OS), Computer Networks and Communications, Real-time application, Dependability, Software Engineering (cs.SE), Safety certification, Computer Science - Software Engineering, Computer Science - Operating Systems, Virtualization, Hardware and Architecture, Software, Resource isolation

Abstract

Virtualization is gaining attraction in the industry as it promises a flexible way to integrate, manage, and re-use heterogeneous software components with mixed-criticality levels, on a shared hardware platform, while obtaining isolation guarantees. This work surveys the state-of-the-practice of real-time virtualization technologies by discussing common issues in the industry. In particular, we analyze how different virtualization approaches and solutions can impact isolation guarantees and testing/certification activities, and how they deal with dependability challenges. The aim is to highlight current industry trends and support industrial practitioners to choose the most suitable solution according to their application domains., Accepted for publication in Elsevier Future Generation Computer Systems

Published

2022

14. Introduction: ERCIM/EWICS/ARTEMIS Workshop on Dependable Embedded and Cyberphysical Systems and Systems-of-Systems (DECSoS’14) at SAFECOMP 2014 : A European Approach to Critical Systems Engineering

Author

Schoitsch, Erwin, Skavhaug, Amund, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Kobsa, Alfred, Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Bondavalli, Andrea, editor, Ceccarelli, Andrea, editor, and Ortmeier, Frank, editor

Published

2014

15. Safety Evidence Traceability: Problem Analysis and Model

Author

Nair, Sunil, de la Vara, Jose Luis, Melzi, Alberto, Tagliaferri, Giorgio, de-la-Beaujardiere, Laurent, Belmonte, Fabien, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Salinesi, Camille, editor, and van de Weerd, Inge, editor

Published

2014

16. SafetyMet: A Metamodel for Safety Standards

Author

de la Vara, Jose Luis, Panesar-Walawege, Rajwinder Kaur, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Moreira, Ana, editor, Schätz, Bernhard, editor, Gray, Jeff, editor, Vallecillo, Antonio, editor, and Clarke, Peter, editor

Published

2013

17. The Research on Influence of Secure Authentication Mechanism for Quality of Service in Heterogeneous Wireless Network

Author

ShaoBo, Wu, ChengShu, Li, Mao, Elwin, editor, Xu, Linli, editor, and Tian, Wenya, editor

Published

2012

18. Towards a Model-Based Evolutionary Chain of Evidence for Compliance with Safety Standards

Author

de la Vara, Jose Luis, Nair, Sunil, Verhulst, Eric, Studzizba, Janusz, Pepek, Piotr, Lambourg, Jerome, Sabetzadeh, Mehrdad, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Ortmeier, Frank, editor, and Daniel, Peter, editor

Published

2012

19. Using UML Profiles for Sector-Specific Tailoring of Safety Evidence Information

Author

Panesar-Walawege, Rajwinder Kaur, Sabetzadeh, Mehrdad, Briand, Lionel, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Sudan, Madhu, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Vardi, Moshe Y., Series editor, Weikum, Gerhard, Series editor, Jeusfeld, Manfred, editor, Delcambre, Lois, editor, and Ling, Tok-Wang, editor

Published

2011

20. CRESCO: Construction of Evidence Repositories for Managing Standards Compliance

Author

Panesar-Walawege, Rajwinder Kaur, Skyberg Knutsen, Torbjørn, Sabetzadeh, Mehrdad, Briand, Lionel, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Sudan, Madhu, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Vardi, Moshe Y., Series editor, Weikum, Gerhard, Series editor, De Troyer, Olga, editor, Bauzer Medeiros, Claudia, editor, Billen, Roland, editor, Hallot, Pierre, editor, Simitsis, Alkis, editor, and Van Mingroot, Hans, editor

Published

2011

21. Prevention in dangerous industries: does safety certification prevent tree-faller injuries?

Author

Christopher B McLeod, Daniel Sarkany, Hugh Davies, Kevin Lyons, and Mieke Koehoorn

Subjects

occupational injury, prevention, program evaluation, safety, forestry, dangerous industry, safety certification, certification, tree-faller injury, tree-faller, Public aspects of medicine, RA1-1270

Abstract

OBJECTIVES: The aim of this study was to evaluate if safety certification reduces the risk of work injury among experienced manual tree-fallers. METHODS: This study used a retrospective cohort study design. Experienced manual tree-fallers employed in the Canadian province of British Columbia (N=3251) between 2003–2008 were enumerated from a mandatory faller registry. Registry records with demographic and certification data were linked to workers’ compensation claims for injury outcomes. Data were analyzed using discrete time survival analysis over a two-year period, centered on certification date with pre- and post-certification demarcated into four three-month periods. Models were adjusted for demographic, occupation/industry, previous injury, and seasonal/temporal effects. RESULTS: The relative risk (RR) of work injury during the post certification periods were elevated in comparison to the pre-certification reference period, but the 95% confidence intervals included “1” for all estimates by the end of follow-up, suggesting no statistically significant increased risk of injury. Results were consistent across different outcome measures of acute injury (ie, fracture or amputations) (N=186), musculoskeletal injury (ie, back strain) (N=137), and serious injury claims (ie, long duration, high cost and/or fatal) (N=155). CONCLUSION: Certification did not reduce the risk of work injury among experienced tree-fallers in the province of British Columbia. Non-statistically significant increases in the observed risk of work injury in the months immediately following certification may be attributable to an intervention effect or a methodological limitation related to a lack of individual-level, time-at-risk exposure data.

Published

2015

22. Fitting Software Execution-Time Exceedance into a Residual Random Fault in ISO-26262.

Author

Agirre, Irune, Cazorla, Francisco J., Abella, Jaume, Hernandez, Carles, Mezzetti, Enrico, Azkarate-Askatsua, Mikel, and Vardanega, Tullio

Subjects

*MANAGEMENT of computer software execution, *FAULT-tolerant control systems, *WORST-case circuit analysis, *TIMING jitter

Abstract

Car manufacturers relentlessly replace or augment the functionality of mechanical subsystems with electronic components. Most such subsystems (e.g., steer-by-wire) are safety related, hence, subject to regulation. ISO-26262, the dominant standard for road vehicles, regards software faults as systematic, while differentiating hardware faults between systematic and random. The analysis of systematic faults entails rigorous processes and qualitative considerations. The increasing complexity of modern on-board computers, however, questions the very notion of treating the violation of execution-time envelopes for software programs as a systematic fault. Modern hardware in fact reduces the user's ability to delve deep enough into the fabric of hardware–software interaction to gage its extent of contribution to the worst-case execution time (WCET). Changing the nature of the WCET-analysis problem may help address that challenge effectively. To this end, we propose a solution that should allow ISO-26262 to quantify the likelihood of execution-time exceedance events, relating it to target failure metrics employed in support of certification arguments, similarly to random faults in hardware. To this end, we inject randomization in the timing behavior of the computer hardware to relieve the user from the need to control hard-to-reach low-level parts, and use measurement-based probabilistic timing analysis to quantify, constructively, the failure rates resulting from the likelihood of execution-time exceedance events. [ABSTRACT FROM AUTHOR]

Published

2018

23. Efficient safety management plan for industrial accident prevention of hazardous machinery: Focus on safety certification system and regulations in South Korea.

Author

Min, Seung Nam, Kim, Sanghyun, and Kang, Chankyu

Subjects

*INDUSTRIAL safety, *SYSTEM safety, *MACHINERY safety, *INDUSTRIAL management, *INDUSTRY 4.0

Abstract

• An analysis of the industrial accident prevention effect of the hazardous machine safety certification system was performed. • The necessity of the safety certification system was confirmed using three statistical methods. • Surveys, industrial accident data analysis, field surveys, and expert interviews were conducted. • It was confirmed that the safety certification system has a positive effect on industrial accident prevention. • The safety certification system must ensure efficiency by considering the safety policy and industrial environment of each country. The "4th industrial revolution" is accelerating changes in technology, industry, and machinery, and the "Internet of everything" (IoE) requires comprehensive integration of people and machines. Despite the development of these technologies, fatal accidents continue to occur due to malfunctions of dangerous machinery, so the importance of the safety certification system is increasing, but there are few objective analysis data. In this study, the necessity of a safety certification system was confirmed by analyzing the effect of the safety certification system on the prevention effect of industrial accidents in three methods. Based on these analysis results, the industrial accident prevention effect of the current safety certification system and necessary supplementary tasks were derived. Safety certification systems for more than 30 machines and equipment are in operation in South Korea. In this research, the press, crane, catapult, and lift machines most commonly used in industrial fields were analyzed. This study was conducted in five steps: a safety certification system operation status investigation, a survey and interviews, an analysis of dangerous machinery and equipment accidents, focus group interviews, and study of the direction of safety certification systems in consideration of recent IoE developments. As a result of the analysis, various opinions were presented on the safety certification system by subject, and it was found that it was necessary to prepare supplementary measures for the advancement of the safety certification system advancement, expand its field applicability, and improve the efficiency of safety certification. [ABSTRACT FROM AUTHOR]

Published

2023

24. Requirements for the Certification of Safety Critical Railway Systems

Author

Lovrić, Tomislav, Wieczorek, Martin, editor, and Meyerhoff, Dirk, editor

Published

2001

25. Promoting MBA in the rail sector by deriving process-related evidence via MDSafeCer.

Author

Gallina, Barbara, Gómez-Martínez, Elena, and Benac-Earle, Clara

Subjects

*MODEL-based reasoning, *PERFORMANCE evaluation, *EVIDENTIALISM, *META-analysis, *INFERENCE (Logic)

Abstract

An EN 50129-compliant safety case should include process-related evidence in terms of quality as well as safety management. Potentially innovative engineering methods developed in academic settings could act as process-related evidence. However, to ease their acceptance within the rail industrial settings, the adequacy of these methods need to be justified. In this paper, we extend our previous work and we provide a broader justification including performance aspects aimed at showing that the entire MBA (Model-Based design methodology for Assessing performance and safety requirements of critical systems) is partly compliant with EN 50128. To do that, we tackle safety and performance process-related compliance as follows: we first manually check if MBA includes EN 50128-compliant process elements, then we model MBA in compliance with Software Process Engineering Meta-model 2.0, then, we derive process-based arguments from the MBA process model by using the MDSafeCer (Model Driven Safety Certification) method. By doing so, we provide a twofold contribution: we further validate MDSafeCer in the rail domain and we strengthen MBA. [ABSTRACT FROM AUTHOR]

Published

2017

26. An analysis of safety evidence management with the Structured Assurance Case Metamodel.

Author

de la Vara, Jose Luis, Génova, Gonzalo, Álvarez-Rodríguez, Jose María, and Llorens, Juan

Subjects

*COMPUTER network protocols, *COMPUTER interfaces, *COMPUTER science, *INDUSTRIAL safety, *COMPUTER security

Abstract

SACM (Structured Assurance Case Metamodel) is a standard for assurance case specification and exchange. It consists of an argumentation metamodel and an evidence metamodel for justifying that a system satisfies certain requirements. For assurance of safety-critical systems, SACM can be used to manage safety evidence and to specify safety cases. The standard is a promising initiative towards harmonizing and improving system assurance practices, but its suitability for safety evidence management needs to be further studied. To this end, this paper studies how SACM 1.1 supports this activity according to requirements from industry and from prior work. We have analysed the notion of evidence in SACM, its evidence lifecycle, the classes and associations of the evidence metamodel, and the link of this metamodel with the argumentation one. As a result, we have identified several improvement opportunities and extension possibilities in SACM. The notions of evidence and evidence assertion should be clarified, the overlaps between metamodel elements should be reduced, and a wider support to the lifecycle of the artefacts used as safety evidence could be provided. Addressing these aspects will allow SACM to better fit safety evidence management needs and practices, especially beyond the scope of a safety case. The results and the conclusions drawn are especially valuable for practitioners interested in SACM adoption and vendors interested in developing tool support for SACM-based safety evidence management. [ABSTRACT FROM AUTHOR]

Published

2017

27. Reuse of safety certification artefacts across standards and domains: A systematic approach.

Author

Ruiz, Alejandra, Juez, Garazi, Espinoza, Huáscar, de la Vara, Jose Luis, and Larrucea, Xabier

Subjects

*COMPUTER software, *COMPUTERS, *COST effectiveness, *AVIONICS, *SAFETY standards, SAFETY measures

Abstract

Reuse of systems and subsystem is a common practice in safety-critical systems engineering. Reuse can improve system development and assurance, and there are recommendations on reuse for some domains. Cross-domain reuse, in which a previously certified product typically needs to be assessed against different safety standards, has however received little attention. No guidance exists for this reuse scenario despite its relevance in industry, thus practitioners need new means to tackle it. This paper aims to fill this gap by presenting a systematic approach for reuse of safety certification artefacts across standards and domains. The approach is based on the analysis of the similarities and on the specification of maps between standards. These maps are used to determine the safety certification artefacts that can be reused from one domain to another and reuse consequences. The approach has been validated with practitioners in a case study on the reuse of an execution platform from railway to avionics. The results show that the approach can be effectively applied and that it can reduce the cost of safety certification across standards and domains. Therefore, the approach is a promising way of making cross-domain reuse more cost-effective in industry. [ABSTRACT FROM AUTHOR]

Published

2017

28. A Processor Architecture Designed to Faciliate the Safety Certification of Hard Real Time Systems

Author

Meske, Hans-Peter, Halang, Wolfgang A., and Schoitsch, Erwin, editor

Published

1997

29. PLM and safety certification requirement specification for CAN bus controller

Author

Pensas, Mika, Tekniikan ja luonnontieteiden tiedekunta - Faculty of Engineering and Natural Sciences, and Tampere University

Subjects

CAN bus controller, ComputingMilieux_THECOMPUTINGPROFESSION, functional safety, Konetekniikan DI-ohjelma - Master's Programme in Mechanical Engineering, product lifecycle management, safety certification, PLM, ISO 13849

Abstract

This research has been done for a company that specialises in control system hardware and software for mobile heavy machinery. The company has identified an increasing demand for safety certified PLCs (programmable logic controllers) and therefore wants to develop a new CAN (controller area network) bus controller that can be safety certified to PL d (performance level d) in accordance with the EN ISO 13849-1:2015 standard. The company has years of experience in control system hardware and software development but no experience in developing safety certified products. Therefore, the company wants to gain more knowledge about the safety certification requirements for the new CAN bus controller and develop their PLM (product lifecycle management) of safety certified products. This research consists of a PL d safety certification requirement specification for the new CAN bus controller and a PLM requirement specification for safety certified products. The research methods used in this work are a literature review and interviews with company employees and a certification expert. Information for this work was also gained from a certification offer from a certification body. The CAN bus controller must comply with requirements from several standards of which the company already has lots of experience. Therefore, the scope of the safety certification requirement specification was limited to the most relevant standard EN ISO 13849-1:2015. The requirement specification was done by analysing relevant standards, literature, and the certification offer received from the certification body. Insights to the research topic were also gained through interviews with company employees and a certification expert. As a result, a list of requirements and recommendations was created for the safety certification of the new CAN bus controller. PLM is a very broad topic that can cover almost all activities in a company. Therefore, the scope of the PLM requirement specification was limited to focus on safety certified products. The requirement specification was done by analysing relevant standards, literature, and the findings of the safety certification requirement specification. Insights to the research topic were also gained through interviews with company employees and a certification expert. As a result, a list of requirements and recommendations was created for developing the PLM of safety certified products in the company. The results of this research provide lists of requirements and recommendations for the safety certification of the CAN bus controller and for the development of the company’s PLM for safety certified products. The research also provides knowledge to the company about literature relevant for the research topics. Recommendations for follow-up actions for the company are also presented based on the results of this research.

Published

2022

30. Product-based Safety Certification for Medical Devices Embedded Software.

Author

Neto, José Augusto, Damásio, Jemerson Figueiredo, Monthaler, Paul, and Morais, Misael

Subjects

MEDICAL equipment, MEDICAL technology, MEDICAL care, COMPUTER software

Abstract

Worldwide medical device embedded software certification practices are currently focused on manufacturing best practices. In Brazil, the national regulatory agency does not hold a local certification process for software-intensive medical devices and admits international certification (e.g. FDA and CE) from local and international industry to operate in the Brazilian health care market. We present here a product-based certification process as a candidate process to support the Brazilian regulatory agency ANVISA in medical device software regulation. Center of Strategic Technology for Healthcare (NUTES) medical device embedded software certification is based on a solid safety quality model and has been tested with reasonable success against the Class I risk device Generic Infusion Pump (GIP). [ABSTRACT FROM AUTHOR]

Published

2015

31. Deriving Reusable Process-based Arguments from Process Models in the Context of Railway Safety Standards.

Author

Gallina, Barbara and Provenzano, Luciana

Subjects

*RAILROADS, *SAFETY standards, *SAFETY regulations, *COMPUTER systems, *CERTIFICATION

Abstract

In the railway domain, standards such as the EN5012x family prescribe processes to be followed for the management and certification of safety-critical systems. This results in a need to model processes and retrieve process-based arguments to prove that the system achieved the required safety level in order to reduce time and cost spent in the certification process. In this paper, we present the application of the MDSafeCer, i.e. a model-driven safety certification method, for railways. In particular, we model in SPEM 2.0 the safety requirements process according to what described in the safety plan, and we show how it is possible to extract safety evidence to prove the compliance of this process to the EN50128 standard. [ABSTRACT FROM AUTHOR]

Published

2015

32. Specifying a framework for evaluating requirements Engineering Technology: Challenges and lessons learned.

Author

de la Vara, Jose Luis, Falessi, Davide, and Verhulst, Eric

Abstract

Evaluating requirements engineering technology is a challenging activity. It becomes even more difficult when having to evaluate the technology and thus to show its suitability in real settings, as access to industrial resources might be limited and the target domain might be complex or very sensitive. This paper reports on our experience in specifying an evaluation framework for requirements engineering technology. The technology aims to improve safety assurance and certification practices, and is being developed in the scope of a large-scale European research project. We focus on presenting the challenges encountered and the lessons learned while specifying the framework. These lessons summarise how we addressed, plan to address, or propose to address the challenges. This information can be useful for other researchers and practitioners that have to evaluate requirements engineering technology in general, and with industry and for safety assurance and certification in particular. [ABSTRACT FROM PUBLISHER]

Published

2013

33. Software Safety Certification Framework Based on Safety Case.

Author

Zeng, Fuping, Lu, Minyan, and Zhong, Deming

Abstract

The aim of software safety certification is to determine whether software has achieved the safety that system requests. This paper advances a software safety certification framework based on safety case from the view of product, providing software safety evidence which can be applied independently of software development process. First the conception, structure, significance and presentation method of safety case are introduced. Then the software safety certification framework is further elaborated, including safety claim acquisition, argument constituent and evidence selection. And then GSN safety case patterns are advanced for applying certification framework. Finally, the framework is applied in practice, which preliminarily shows its effectiveness. The framework doesn't preclude the use of existing standards. A key motivation in producing the paper is to demonstrate safety-critical software acceptance by unconventional views to critical review. [ABSTRACT FROM PUBLISHER]

Published

2012

34. A new safety certification method for high-risk flight testing subjects.

Author

Liu, Dongliang, Xu, Haojun, Zhou, Li, and Pei, Binbin

Abstract

Flight test subjects have high risk and difficult to evaluate quantificationally. A test pilot model based on distribution hypothesis verification is proposed to obtain the test pilot's manipulation parameter. Delay time is selected as an example to illustrate the method. Aircraft model and hydraulic system model is established. Failure model of hydraulic system's sensor and actuator malfunction, oil block and pump power were set up and simulated by Simulink and AMESim. To improve the precision of flight risk assessment, an improved extreme value risk evaluation model based on nonlinearly decreasing weight particle swarm optimization (NDW-PSO based EVT) is proposed. Dynamic simulation from component level to aircraft level was realized by a comprehensive virtual flight testing (VFT) framework based on AMESim, MATLAB/Simulink and Flightgear cross-connect. NO.43 risky subject about “hydraulic system malfunction” in Chinese GJB 626A-2006 was chosen as an example. Influence of hydraulic system failure to flight safety was analyzed and safety amelioration measures were proposed, which illustrate the former proposed method's validity. [ABSTRACT FROM PUBLISHER]

Published

2012

35. Towards efficient functional safety certification of construction machinery using a component-based approach.

Author

Baumgart, Stephan, Froberg, Joakim, and Punnekkat, Sasikumar

Abstract

Electronic systems in the automotive domain implement safety critical functionality in vehicles and the safety certification process according to a functional safety standard is time consuming and a big part of the expenses of a development project. We describe the functional safety certification of electronic automotive systems by presenting a use case from the construction equipment industry. In this context, we highlight some of the major challenges we foresee, while using a product line approach to achieve efficient functional safety certification of vehicle variants. We further elaborate on the impact of functional safety certification when applying the component-based approach on developing safety critical product variants and discuss the implications by cost modeling and analysis. [ABSTRACT FROM PUBLISHER]

Published

2012

36. Software and hardware certification of safety-critical avionic systems: A comparison study.

Author

Youn, Wonkeun and Yi, Baeck-jun

Subjects

*COMPUTER software, *COMPUTER input-output equipment, *ADER Eole (Aircraft), *COMPARATIVE studies, *INDUSTRIAL safety, *INDUSTRIAL costs

Abstract

Abstract: To ensure the safety of avionic systems, civil avionic software and hardware regulated by certification authorities must be certified based on applicable standards (e.g., DO-178B and DO-254). The overall safety integrity of an avionic system, comprising software and hardware, should be considered at the system level. Thus, software and hardware components should be planned, developed and certified in a unified, harmonized manner to ensure the integral safety of the entire avionic system. One of the reasons for the high development costs of avionic systems complying with standards may be a lack of sufficient understanding of how to employ these standards efficiently. Therefore, it is important to understand the similarities and differences between DO-178B and DO-254 to effectively manage the processes required by these standards, to minimize cost, and to ultimately ensure the safety of the entire avionic system. Thus, the goal of this paper is to compare various aspects of DO-178B and DO-254 comprehensively. The paper may serve as a useful supplementary material for the practitioner to understand the rationales behind and the differences between two main standards used in avionic industries. [Copyright &y& Elsevier]

Published

2014

37. Fitting Software Execution-Time Exceedance into a Residual Random Fault in ISO-26262

Author

Enrico Mezzetti, Irune Agirre, Jaume Abella, Francisco J. Cazorla, Tullio Vardanega, Carles Hernandez, and Mikel Azkarate-askatsua

Subjects

Automotive real-time systems, Computer science, Probabilistic timing analysis, Control (management), 02 engineering and technology, Certification, Residual, Fault (power engineering), Software, safety standard, 0202 electrical engineering, electronic engineering, information engineering, hardware, real-time software, safety standard, execution-time exceedance, hardware, Electrical and Electronic Engineering, Safety, Risk, Reliability and Quality, Execution-time exceedance, Measurement-based probabilistic timing analysis (MBPTA), business.industry, Software execution, 020202 computer hardware & architecture, Reliability engineering, Safety certification, visual_art, Electronic component, visual_art.visual_art_medium, 020201 artificial intelligence & image processing, real-time software, business

Abstract

Car manufacturers relentlessly replace or augment the functionality of mechanical subsystems with electronic components. Most such subsystems (e.g., steer-by-wire) are safety related, hence, subject to regulation. ISO-26262, the dominant standard for road vehicles, regards software faults as systematic, while differentiating hardware faults between systematic and random. The analysis of systematic faults entails rigorous processes and qualitative considerations. The increasing complexity of modern on-board computers, however, questions the very notion of treating the violation of execution-time envelopes for software programs as a systematic fault. Modern hardware in fact reduces the user's ability to delve deep enough into the fabric of hardware-software interaction to gage its extent of contribution to the worst-case execution time (WCET). Changing the nature of the WCET-analysis problem may help address that challenge effectively. To this end, we propose a solution that should allow ISO-26262 to quantify the likelihood of execution-time exceedance events, relating it to target failure metrics employed in support of certification arguments, similarly to random faults in hardware. To this end, we inject randomization in the timing behavior of the computer hardware to relieve the user from the need to control hard-to-reach low-level parts, and use measurement-based probabilistic timing analysis to quantify, constructively, the failure rates resulting from the likelihood of execution-time exceedance events.

Published

2018

38. Fault Injection for Software Certification.

Author

Cotroneo, Domenico and Natella, Roberto

Abstract

As software becomes more pervasive and complex, it's increasingly important to ensure that a system will be safe even in the presence of residual software faults (or bugs). Software fault injection consists of the deliberate introduction of software faults for assessing the impact of faulty software on a system and improving its fault tolerance. SFI has been included as a recommended practice in recent safety standards and has therefore gained interest among practitioners, but it's still unclear how it can be effectively used for certification purposes. In this article, the authors discuss the adoption of SFI in the context of safety certification, present a tool for the injection of realistic software faults, and show the usage of that tool in evaluating and improving the robustness of an operating system used in the avionic domain. [ABSTRACT FROM PUBLISHER]

Published

2013

39. Proposed Performances Standards for the Agricultural Hazardous Occupations Order Certification Training Program.

Author

French, B. F., Field, W. E., and Tormoehlen, R.

Subjects

AGRICULTURAL laborers, PERFORMANCE standards, HAZARDOUS occupations, OCCUPATIONAL training, CERTIFICATION, TEST scoring, SAFETY education, AGRICULTURAL safety, INDUSTRIAL safety, SAFETY

Abstract

The article explores the rationale, methods and findings of a standard setting session conducted to create minimum passing scores for a testing process proposed to be used as a component of the Gearing Up for Safety certification process in U.S. Gearing Up is an agricultural production safety training curriculum for youth created to meet the requirements of the Agricultural Hazardous Occupations Order (AgHOs). The test is proposed to be taken by youth workers seeking jobs to perform functions specified under the AgHOs, which primary objective is to provide necessary training to agricultural production workers. AgHOs training program is designed to ensure that the workers will meet the minimum safety and training requirements as indicated in the Code of the Federal Regulations.

Published

2007

40. Model-based specification of safety compliance needs for critical systems: A holistic generic metamodel

Author

Katrina Attwood, Jose Luis de la Vara, Rajwinder Kaur Panesar-Walawege, Tim Kelly, Ángel López, Huascar Espinoza, Idoya del Río, and Alejandra Ruiz

Subjects

Engineering, Automotive industry, Safety standard, Context (language use), 02 engineering and technology, Safety standards, Structuring, Reference assurance framework, Application domain, 0202 electrical engineering, electronic engineering, information engineering, business.industry, 020207 software engineering, Avionics, Safety compliance, Computer Science Applications, Metamodeling, Safety certification, Risk analysis (engineering), Safety assurance, 020201 artificial intelligence & image processing, Safety-critical system, business, Software engineering, Software, Information Systems

Abstract

We present a metamodel for the specification of safety compliance needs.The metamodel abstracts concepts and criteria from different safety standards.Its application results in models for structuring and managing compliance information.It can be used for most critical computer-based and software-intensive systems. Context: Many critical systems must comply with safety standards as a way of providing assurance that they do not pose undue risks to people, property, or the environment. Safety compliance is a very demanding activity, as the standards can consist of hundreds of pages and practitioners typically have to show the fulfilment of thousands of safety-related criteria. Furthermore, the text of the standards can be ambiguous, inconsistent, and hard to understand, making it difficult to determine how to effectively structure and manage safety compliance information. These issues become even more challenging when a system is intended to be reused in another application domain with different applicable standards.Objective: This paper aims to resolve these issues by providing a metamodel for the specification of safety compliance needs for critical systems.Method: The metamodel is holistic and generic, and abstracts common concepts for demonstrating safety compliance from different standards and application domains. Its application results in the specification of "reference assurance frameworks" for safety-critical systems, which correspond to a model of the safety criteria of a given standard. For validating the metamodel with safety standards, parts of several standards have been modelled by both academic and industry personnel, and other standards have been analysed. We further augment this with feedback from practitioners, including feedback during a workshop.Results: The results from the validation show that the metamodel can be used to specify safety compliance needs for aerospace, automotive, avionics, defence, healthcare, machinery, maritime, oil and gas, process industry, railway, and robotics. Practitioners consider that the metamodel can meet their needs and find benefits in its use.Conclusion: The metamodel supports the specification of safety compliance needs for most critical computer-based and software-intensive systems. The resulting models can provide an effective means of structuring and managing safety compliance information.

Published

2016

41. Prevention in dangerous industries: does safety certification prevent tree-faller injuries?

Author

Kevin Lyons, Hugh W. Davies, Christopher B. McLeod, Daniel Sarkany, and Mieke Koehoorn

Subjects

Adult, Male, safety, tree-faller injury, medicine.medical_specialty, Canada, certification, Adolescent, Occupational injury, Poison control, Certification, Occupational safety and health, Trees, Young Adult, prevention, Risk Factors, Injury prevention, medicine, Humans, Industry, Musculoskeletal Diseases, occupational injury, Retrospective Studies, Back strain, British Columbia, business.industry, Public Health, Environmental and Occupational Health, forestry, program evaluation, safety certification, Middle Aged, medicine.disease, Occupational Injuries, Occupational Diseases, dangerous industry, Socioeconomic Factors, Relative risk, Emergency medicine, Musculoskeletal injury, Workers' Compensation, Female, Medical emergency, Sick Leave, Public aspects of medicine, RA1-1270, business, tree-faller

Abstract

OBJECTIVES: The aim of this study was to evaluate if safety certification reduces the risk of work injury among experienced manual tree-fallers. METHODS: This study used a retrospective cohort study design. Experienced manual tree-fallers employed in the Canadian province of British Columbia (N=3251) between 2003-2008 were enumerated from a mandatory faller registry. Registry records with demographic and certification data were linked to workers' compensation claims for injury outcomes. Data were analyzed using discrete time survival analysis over a two-year period, centered on certification date with pre- and post-certification demarcated into four three-month periods. Models were adjusted for demographic, occupation/industry, previous injury, and seasonal/temporal effects. RESULTS: The relative risk (RR) of work injury during the post certification periods were elevated in comparison to the pre-certification reference period, but the 95% confidence intervals included "1" for all estimates by the end of follow-up, suggesting no statistically significant increased risk of injury. RESULTS were consistent across different outcome measures of acute injury (ie, fracture or amputations) (N=186), musculoskeletal injury (ie, back strain) (N=137), and serious injury claims (ie, long duration, high cost and/or fatal) (N=155). CONCLUSION: Certification did not reduce the risk of work injury among experienced tree-fallers in the province of British Columbia. Non-statistically significant increases in the observed risk of work injury in the months immediately following certification may be attributable to an intervention effect or a methodological limitation related to a lack of individual-level, time-at-risk exposure data. Language: en

Published

2015

42. Toward a Systematic and Safety Evidence Productive Verification Approach for Safety-Critical Systems

Author

Gannous, Aiman, Andrews, Anneliese, Gallina, Barbara, Gannous, Aiman, Andrews, Anneliese, and Gallina, Barbara

Abstract

In safety-critical systems, the verification and validation phase in the software development life cycle plays an important role in assuring safety. The artifacts' outputs of the verification and validation processes represent the evidence needed to show a satisfactory fulfillment of the safety requirements. Providing strong evidence to show that the requirements of the domain standards are met is the core of demonstrating safety standards compliance. In this paper, we propose a systematic approach for verifying safety-critical systems efficiently by integrating model-based testing, combinatorial testing, and safety analysis; this is all driven by providing safety assurance. The approach provides both testing and formal verification capabilities, and it is easy to implement into a tool for use in an industry setting. To show how our approach could contribute to safety standards compliance, we investigated it's capability to fulfill the safety requirements by analyzing and linking the data produced from the steps in the approach to a safety evidence taxonomy., AMASS - Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems

Published

2018

43. Bridging the gap between testing and safety certification

Author

Gannous, A., Andrews, A., Gallina, Barbara, Gannous, A., Andrews, A., and Gallina, Barbara

Abstract

DO-178C and its supplement DO-331 provide a set of objectives to be achieved for any development of airborne software systems when model-driven development approaches are in use. Fail-safeMBT is an academic recently proposed model-based approach for testing safety-critical systems. Fail-safeMBT is a potential innovative testing process that needs compelling arguments to be adopted for the development of aeronautical software. In this paper, we reduce the gap between industrial settings and academic settings by adopting the safety case approach and derive substantiation data aimed at arguing Fail-safeMBT compliance with the standards. We explain Fail-safeMBT processes in compliance with software process engineering Meta-Model 2.0, then apply Fail-safeMBT on the Autopilot system. Finally, we link Fail-safeMBT outputs to DO-178/DO-331 process elements, then we derive a substantiation from Fail-safeMBT outputs to support the compelling arguments for achieving certification objectives. Thus, we provide a validation of Fail-safeMBT in the avionic domain.

Published

2018

44. Fitting Software Execution-Time Exceedance into a Residual Random Fault in ISO-26262

Author

Barcelona Supercomputing Center, Agirre, Irune, Cazorla, Francisco J., Abella Ferrer, Jaume, Hernandez, Carles, Mezzetti, Enrico, Azkarate-askasua, Mikel, Vardanega, Tullio, Barcelona Supercomputing Center, Agirre, Irune, Cazorla, Francisco J., Abella Ferrer, Jaume, Hernandez, Carles, Mezzetti, Enrico, Azkarate-askasua, Mikel, and Vardanega, Tullio

Abstract

Car manufacturers relentlessly replace or augment the functionality of mechanical subsystems with electronic components. Most such subsystems (e.g., steer-by-wire) are safety related, hence, subject to regulation. ISO-26262, the dominant standard for road vehicles, regards software faults as systematic , while differentiating hardware faults between systematic and random . The analysis of systematic faults entails rigorous processes and qualitative considerations. The increasing complexity of modern on-board computers, however, questions the very notion of treating the violation of execution-time envelopes for software programs as a systematic fault. Modern hardware in fact reduces the user's ability to delve deep enough into the fabric of hardware–software interaction to gage its extent of contribution to the worst-case execution time (WCET). Changing the nature of the WCET-analysis problem may help address that challenge effectively. To this end, we propose a solution that should allow ISO-26262 to quantify the likelihood of execution-time exceedance events, relating it to target failure metrics employed in support of certification arguments, similarly to random faults in hardware. To this end, we inject randomization in the timing behavior of the computer hardware to relieve the user from the need to control hard-to-reach low-level parts, and use measurement-based probabilistic timing analysis to quantify, constructively, the failure rates resulting from the likelihood of execution-time exceedance events., This work was supported in part by the Spanish Ministry of Science and Innovation under Grant TIN2015-65316-P, in part by the HiPEAC Network of Excellence, and in part by the CONCERTO project (ARTEMIS-JU Grant 333053). The work of J. Abella was supported in part by the Ministry of Economy and Competitiveness under Ramon y Cajal postdoctoral fellowship number RYC-2013-14717. The work of C. Hernández was supported in part by the Spanish Ministry of Economy and Competitiveness and in part by FEDER funds through Grant TIN2014-60404-JIN. The work of E. Mezzetti was supported in part by the Spanish Ministry of Economy and Competitiveness under Juan de la Cierva-Incorporación Postdoctoral Fellowship number IJCI-2016-27396., Peer Reviewed, Postprint (author's final draft)

Published

2018

45. An analysis of safety evidence management with the Structured Assurance Case Metamodel

Author

Jose Luis de la Vara, Jose María Alvarez-Rodríguez, Juan Llorens, and Gonzalo Génova

Subjects

Process management, Computer science, 02 engineering and technology, computer.software_genre, Structured assurance case metamodel, Argumentation theory, 0202 electrical engineering, electronic engineering, information engineering, Safety case, Informática, Scope (project management), Database, Assertion, 020206 networking & telecommunications, 020207 software engineering, Metamodeling, Safety certification, Work (electrical), Hardware and Architecture, Safety assurance, SACM, Safety evidence, Law, computer, Software, Evidence management

Abstract

SACM (Structured Assurance Case Metamodel) is a standard for assurance case specification and exchange. It consists of an argumentation metamodel and an evidence metamodel for justifying that a system satisfies certain requirements. For assurance of safety-critical systems, SACM can be used to manage safety evidence and to specify safety cases. The standard is a promising initiative towards harmonizing and improving system assurance practices, but its suitability for safety evidence management needs to be further studied. To this end, this paper studies how SACM 1.1 supports this activity according to requirements from industry and from prior work. We have analysed the notion of evidence in SACM, its evidence lifecycle, the classes and associations of the evidence metamodel, and the link of this metamodel with the argumentation one. As a result, we have identified several improvement opportunities and extension possibilities in SACM. The notions of evidence and evidence assertion should be clarified, the overlaps between metamodel elements should be reduced, and a wider support to the lifecycle of the artefacts used as safety evidence could be provided. Addressing these aspects will allow SACM to better fit safety evidence management needs and practices, especially beyond the scope of a safety case. The results and the conclusions drawn are especially valuable for practitioners interested in SACM adoption and vendors interested in developing tool support for SACM-based safety evidence management. We present an analysis of how SACM supports safety evidence management.The analysis is based on requirements from industry and from prior work.We have identified nine improvement areas and four extension possibilities.Addressing these aspects will allow SACM to better fit safety evidence management.

Published

2017

46. Prediction of the Testing Effort for the Safety Certification of Open-Source Software: A Case Study on a Real-Time Operating System

Author

Roberto Natella, Domenico Cotroneo, Roberto Pietrantuono, Domenico Di Leo, Cotroneo, Domenico, DI LEO, Domenico, Natella, Roberto, and Pietrantuono, Roberto

Subjects

Software Complexity Metric, Engineering, business.industry, Testing, Programming complexity, Automotive industry, Code coverage, Effort prediction, 020207 software engineering, 02 engineering and technology, Benchmarking, Certification, Reliability engineering, Empirical research, Real-Time OS, RTEMS, 020204 information systems, Safety Certification, Software construction, 0202 electrical engineering, electronic engineering, information engineering, business, Open Source Software

Abstract

The reuse of Open Source Software (OSS) for safetycritical systems is seen with interest by industries, such as automotive, medical, and aerospace, as it enables shorter time-tomarket and lower development costs. However, safety certification demands to supply evidence about OSS quality, and a gap analysis is needed to assess if the cost to produce certification evidence is worthwhile. This paper presents an empirical study on an open-source RTOS (RTEMS). The study investigates the relationship between software complexity and the effort to achieve a high test coverage, which is one of the most impacting activity for certification. The objective is to figure out if, and to what extent, it is possible to predict such effort preventively, by looking at software complexity metrics. This would enable a preliminary screening and benchmarking of OSS items, supporting strategic decision making. The study shows that combining metrics with classifiers can achieve a good prediction accuracy.

Published

2016

47. Variability management in safety‐critical systems design and dependability analysis.

Author

Oliveira, André Luiz, Braga, Rosana, Masiero, Paulo, Parker, David, Papadopoulos, Yiannis, Habli, Ibrahim, and Kelly, Tim

Subjects

*SOFTWARE product line engineering, *SYSTEMS design, *WENCHUAN Earthquake, China, 2008, *HAZARD Analysis & Critical Control Point (Food safety system), *RELIABILITY in engineering

Abstract

Safety‐critical systems are of paramount importance for many application domains, where safety properties are a key driver to engineer critical aspects and avoid system failures. For the benefits of large‐scale reuse, software product lines (SPL) have been adopted in critical systems industry. However, the integration of safety analysis in the SPL development process is nontrivial. Also, the different usage contexts of safety‐critical systems complicates component fault modeling tasks and the identification of potential hazards. In this light, better methods become necessary to estimate the impact of dependability properties during Hazard Analysis and Risk Assessment. Existing methods incorporating the analysis of safety properties in SPL are limited as they do not include hazard analysis and component fault modeling. In this paper, we present the novel DEPendable Software Product Line Engineering (DEPendable‐SPLE) approach, which extends traditional SPL processes to support the reuse of safety assets. We also present a detailed analysis of the impact of product and context features on the SPL design, safety analysis, and safety requirements. We applied DEPendable‐SPLE to a realistic case study from the aerospace domain to illustrate how to model and reuse safety properties. DEPendable‐SPLE reduced the effort of safety analysis for certifying system variants. [ABSTRACT FROM AUTHOR]

Published

2019

48. Evidence management for compliance of critical systems with safety standards: A survey on the state of practice

Author

Jose Luis de la Vara, Davide Falessi, Sunil Nair, Mehrdad Sabetzadeh, and Fonds National de la Recherche - FnR [sponsor]

Subjects

Engineering, Knowledge management, Relation (database), Settore ING-INF/05, Context (language use), Safety standards, Computer security, computer.software_genre, Structuring, Compliance (psychology), State of the practice, Computer science [C05] [Engineering, computing & technology], Structure (mathematical logic), business.industry, Sciences informatiques [C05] [Ingénierie, informatique & technologie], Computer Science Applications, Safety certification, Life-critical system, Safety assurance, Safety-critical systems, business, Safety evidence, computer, Software, Information Systems

Abstract

Context Demonstrating compliance of critical systems with safety standards involves providing convincing evidence that the requirements of a standard are adequately met. For large systems, practitioners need to be able to effectively collect, structure, and assess substantial quantities of evidence. Objective This paper aims to provide insights into how practitioners deal with safety evidence management for critical computer-based systems. The information currently available about how this activity is performed in the industry is very limited. Method We conducted a survey to determine practitioners’ perspectives and practices on safety evidence management. A total of 52 practitioners from 15 countries and 11 application domains responded to the survey. The respondents indicated the types of information used as safety evidence, how evidence is structured and assessed, how evidence evolution is addressed, and what challenges are faced in relation to provision of safety evidence. Results Our results indicate that (1) V&V artefacts, requirements specifications, and design specifications are the most frequently used safety evidence types, (2) evidence completeness checking and impact analysis are mostly performed manually at the moment, (3) text-based techniques are used more frequently than graphical notations for evidence structuring, (4) checklists and expert judgement are frequently used for evidence assessment, and (5) significant research effort has been spent on techniques that have seen little adoption in the industry. The main contributions of the survey are to provide an overall and up-to-date understanding of how the industry addresses safety evidence management, and to identify gaps in the state of the art. Conclusion We conclude that (1) V&V plays a major role in safety assurance, (2) the industry will clearly benefit from more tool support for collecting and manipulating safety evidence, and (3) future research on safety evidence management needs to place more emphasis on industrial applications.

Published

2015

49. Functional Safety for Safety-Related Systems: 10 Common Mistakes

Author

Brissaud, Florent, Turcinovic, Didier, and Brissaud, Florent

Subjects

[MATH.MATH-PR] Mathematics [math]/Probability [math.PR], Safety Lifecycle, Functional Safety Management, [SPI] Engineering Sciences [physics], [SPI.GPROC] Engineering Sciences [physics]/Chemical and Process Engineering, Safety Integrity Level, [MATH.MATH-OC] Mathematics [math]/Optimization and Control [math.OC], Functional Safety, PFH, [SPI.AUTO] Engineering Sciences [physics]/Automatic, [STAT.AP] Statistics [stat]/Applications [stat.AP], Safety Requirement Specification, M-out-of-N, Safety Certification, PFDavg, Safe Failure Fraction, [SPI.GCIV.RISQ] Engineering Sciences [physics]/Civil Engineering/Risques, [MATH.MATH-ST] Mathematics [math]/Statistics [math.ST], System architecture, [SPI.NRJ] Engineering Sciences [physics]/Electric power

Abstract

The functional safety is the part of the overall safety relating to equipment/ system/ installation and their control systems that depends on the correct functioning of the safety-related systems. Due to the critical role of safety-related systems for managing risks, international standards have been developed to provide guidelines and requirements for all their safety lifecycle activities. The IEC 61508 and IEC 61511 are now recognized all around the world and have become the references for the best practice of functional safety. However, a decade of on-the-filed functional safety experience has shown that several concepts used in these standards are still subject to common mistakes in their interpretation or implementation, which may result in significant loss of safety. This paper proposes a review of ten common mistakes in functional safety, relating to: Safety Lifecycle (SLC), Functional Safety Management (FSM), Safety Integrity Level (SIL), Safety Requirement Specification (SRS), PFDavg and PFH, System architecture “M-out-of-N” (MooN), “Safe Failure Fraction” (SFF), and Certification. This review aims at contributing to a better practice of functional safety.

Published

2015

50. Evidence management for compliance of critical systems with safety standards: A survey on the state of practice

Author

Fonds National de la Recherche - FnR [sponsor], Nair, Sunil, de la Vara, Jose Luis, Sabetzadeh, Mehrdad, Falessi, Fonds National de la Recherche - FnR [sponsor], Nair, Sunil, de la Vara, Jose Luis, Sabetzadeh, Mehrdad, and Falessi

Abstract

Context Demonstrating compliance of critical systems with safety standards involves providing convincing evidence that the requirements of a standard are adequately met. For large systems, practitioners need to be able to effectively collect, structure, and assess substantial quantities of evidence. Objective This paper aims to provide insights into how practitioners deal with safety evidence management for critical computer-based systems. The information currently available about how this activity is performed in the industry is very limited. Method We conducted a survey to determine practitioners’ perspectives and practices on safety evidence management. A total of 52 practitioners from 15 countries and 11 application domains responded to the survey. The respondents indicated the types of information used as safety evidence, how evidence is structured and assessed, how evidence evolution is addressed, and what challenges are faced in relation to provision of safety evidence. Results Our results indicate that (1) V&V artefacts, requirements specifications, and design specifications are the most frequently used safety evidence types, (2) evidence completeness checking and impact analysis are mostly performed manually at the moment, (3) text-based techniques are used more frequently than graphical notations for evidence structuring, (4) checklists and expert judgement are frequently used for evidence assessment, and (5) significant research effort has been spent on techniques that have seen little adoption in the industry. The main contributions of the survey are to provide an overall and up-to-date understanding of how the industry addresses safety evidence management, and to identify gaps in the state of the art. Conclusion We conclude that (1) V&V plays a major role in safety assurance, (2) the industry will clearly benefit from more tool support for collecting and manipulating safety evidence, and (3) future research on safety evidence management needs to place m

Published

2015