Christopher Preschern

A Component-Based Dynamic Link Support for Safety-Critical Embedded Systems

Safety-critical embedded systems have to undergo rigorous development process in order to ensure that their function will not compromise humans or environment where they operate. Therefore, they rely on simple and proven-in-use design. However, with growing software complexity, maintenance becomes very important aspect in safety domain. Recent approaches for managing maintenance allow to perform changes on software at design-time, which implies that the whole system has to be rebuilt when the application software changes. In this paper, we describe more flexible solution for updating the application software. We apply the component-based paradigm to construct the application software, i.e. we define a model of a software function that can be dynamically linked with the entire operating system (OS). In order to avoid the usage of the OS-provided support for dynamic linking, we design software functions as position-independent and relocation-free binaries with well-defined interfaces. With the help of component-based paradigm we show how to simplify the link support and make it suitable for safety domain.

Power And Fault Emulation for Software Verification and System Stability Testing in Safety Critical Environments

In recent years the complexity of digital control systems in safety critical environments increased steadily from simple discrete control units to complex embedded systems. A wide industrial consensus about the necessity of a set of safety definitions lead to the introduction of several functional safety standards like IEC61508. To achieve that novel embedded systems comply with these requirements, thorough testing is needed during early design stages of the integrated device. Currently only fault injection testing using manufactured products and netlists of system-on-chips are used to determine the fault resistance of the embedded system. This late testing could result in expensive redesigns and hide implementation errors because of the black-box approach. This approach is also not practicable if software and hardware providers are separate entities. This paper presents a flexible fault injection and power estimation platform to enable thorough examinations of novel complex system-on-chips for automotive or similar critical environments. The microprocessor evaluation approach is extended with smart bus fault emulation units for common buses like Ethernet. The combined power and fault emulation techniques allow for the instant exploration of eventual power supply peaks and implementation weaknesses.

Building a safety architecture pattern system

Safety architecture patterns provide knowledge about large scale design decisions for safety-critical systems. They provide good ways to avoid, detect, and handle faults in software or hardware. In this paper we revise existing architectural safety patterns and organize them to build up a pattern system. We add Goal Structuring Notation diagrams to the patterns to provide a structured overview of their architectural decisions. Based on these diagrams we analyze and present relationships between the patterns. The diagrams can also be used to argue about a systemss safety, which we show with an example.

Effective development of automation systems through domain-specific modeling in a small enterprise context

High development and maintenance costs and a high error rate are the major problems in the development of automation systems, which are mainly caused by bad communication and inefficient reuse methods. To overcome these problems, we propose a more systematic reuse approach. Though systematic reuse approaches such as software product lines are appealing, they tend to involve rather burdensome development and management processes. This paper focuses on small enterprises. Since such companies are often unable to perform a “big bang” adoption of the software product line, we suggest an incremental, more lightweight process to transition from single-system development to software product line development. Besides the components of the transition process, this paper discusses tool selection, DSL technology, stakeholder communication support, and business considerations. Although based on problems from the automation system domain, we believe the approach may be general enough to be applicable in other domains as well. The approach has proven successful in two case studies. First, we applied it to a research project for the automation of a logistics lab model, and in the second case (a real-life industry case), we investigated the approaches suitability for fish farm automation systems. Several metrics were collected throughout the evolution of each case, and this paper presents the data for single system development, clone&own and software product line development. The results and observable effects are compared, discussed, and finally summarized in a list of lessons learned.

Cost-Effective Routing for a Greener Internet

Energy costs for data centers are a significant part of the overall expenses for their operation. With a reduction of these and associated costs, huge savings can be achieved. This paper describes a way to reduce the energy costs for data centers. The general idea behind our solution is very simple. Instead of routing the information required for any service interaction to and from the data center with the best latency performance or least utilization we rather propose that instead the one with the current cheapest energy costs should be used. We consider implications of our method to user performance and latency efficiency. Thereafter, we present methods such as mobile IPv6 and traffic tunneling which can be used to implement our general idea and discuss potential problems and benefits. The approaches described in this paper can all be integrated into the IP protocol and require therefore no modifications of the network topology, the used hardware or used protocols.

Constraint-Based Verification of Compositions in Safety-Critical Component-Based Systems

Component-based Software Engineering (CBSE) is currently a key paradigm used for building safety-critical systems. Because these systems have to undergo a rigorous development and qualification process, one of the main challenges of introducing CBSE in this area is to ensure the integrity of the overall system after building it from reusable components. Many (formal) approaches for verification of compositions have been proposed, and they generally focus on behavioural integrity of components and their data semantics. An important aspect of this verification is a trade-off between scalability and completeness.

Efficient development and reuse of domain-specific languages for automation systems

Domain-Specific Languages DSLs help to decrease system development costs by providing developers with an effective way to construct systems for a specific domain. However, for DSL construction, a developer has to invest some upfront investment. If this investment is smaller than the benefit in terms of more effective development for domain-specific systems, then the construction of a DSL pays off. In order to decrease the initial effort to construct DSLs for a specific domain the automation domain, we present an efficient DSL architecture which allows structured reuse within the automation domain. With this DSL architecture, it is easier to build an initial automation DSL and when building multiple automation DSLs, significant parts of the DSL can be reused across different automation domains. We present the DSL architecture and discuss its benefits and drawbacks. Furthermore, we present and evaluate three automation DSL case studies which apply the described architecture.

Applying patterns to model-driven development of automation systems: an industrial case study

Model-driven approaches enable more efficient system development, but are yet rather uncommon for the automation domain due to limited practical examples and guidelines on how to apply them. We present an industrial case study using code generators attached to a Domain-Specific Language for model-driven automation system development. The case study applies the Pipes&Filters architectural pattern and the Template&Metamodel and Code Attributes code generation patterns. We present the results of the pattern application for the case study and discuss the general usage of the presented patterns for model-driven automation system development.

Pattern-based safety development methods: overview and comparison

Design patterns provide good solutions to re-occurring problems and several patterns and methods how to apply them have been documented for safety-critical systems. However, due to the large amount of safety-related patterns and methods, it is difficult to get an overview of their capabilities and shortcomings as there currently is no survey on safety patterns and their application methods available in literature. To give an overview of existing pattern-based safety development methods, this paper presents existing methods from literature and discusses and compares several aspects of these methods such as the patterns and tools they use, their integration into a safety development process, or their maturity.

Towards pattern-based reuse in safety-critical systems

Challenges such as time-to-market, reduced costs for change and maintenance have radically influenced development of todays safety-critical systems. Many domains have already adopted their systems engineering to support modular and component-based architectures. With the component-based design paradigm, the system engineering is utilized allowing to distribute development among different development teams, however, with the price that there is no full trust in independently developed parts, which makes their reuse challenging. Until now, many approaches that address reuse, on conceptual or detailed level, have been proposed. A very important aspect addressed here is to document the information flow between system parts in detail, i.e. from higher abstraction levels down to the implementation details, in order to put more trust into independently developed parts of the system. In this paper, we describe a compact pattern system with the aim to establish a link between high level concepts for reuse and detailed description of the behavior of system parts. The main goal is to document these details up to the higher levels of abstraction in more systematic way.