DeJiu Chen

Modelling Support for Design of Safety-Critical Automotive Embedded Systems

This paper describes and demonstrates an approach that promises to bridge the gap between model-based systems engineering and the safety process of automotive embedded systems. The basis for this is the integration of safety analysis techniques, a method for developing and managing Safety Cases, and a systematic approach to model-based engineering --- the EAST-ADL2 architecture description language. Three areas are highlighted: (1) System model development on different levels of abstraction. This enables fulfilling many requirements on software development as specified by ISO-CD-26262; (2) Safety Case development in close connection to the system model; (3) Analysis of mal-functional behaviour that may cause hazards, by modelling of errors and error propagation in a (complex and hierarchical) system model.

Automatic allocation of safety integrity levels

In this paper, we describe a concept for the automatic allocation of general Safety Integrity Levels (SILs) to subsystems and components of complex hierarchical networked architectures that deliver sets of safety critical functions. The concept is generic and can be adapted to facilitate the safety engineering approach defined in several standards that employ the concept of integrity or assurance levels including ISO 26262, the emerging automotive safety standard. SIL allocation is facilitated by HiP-HOPS, an automated safety analysis tool, and can be performed in the context of development using EAST-ADL2, an automotive architecture description language. The process rationalizes complex risk allocation and leads to optimal/economic allocation of SILs.

Managing Complexity of Automotive Electronics Using the EAST-ADL

The complexity of embedded automotive systems calls for a more rigorous approach to system development compared to current state of practice. A critical issue is the management of the engineering information that defines the embedded system. Development time, cost efficiency, quality and dependability all benefit from appropriate information management. System modeling based on an architecture description language is a way to keep the engineering information within one information structure. The EAST-ADL was developed in the EAST-EEA project (www.easteea.net) and is an architecture description language for automotive embedded systems. It is currently refined in the ATESSTproject (www.atesst.org). This paper gives an overview of the EAST-ADL and accounts for some recent refinements as developed in the ATESST project. Areas covered include the relation to other standardization initiatives such as UML2.0, AADL, AUTOSAR, SysML, Marte profile, requirements management and variability.

Automatic optimisation of system architectures using EAST-ADL

Abstract There are many challenges which face designers of complex system architectures, particularly safety–critical or real-time systems. The introduction of Architecture Description Languages (ADLs) has helped to meet these challenges by consolidating information about a system and providing a platform for modelling and analysis capabilities. However, managing this wealth of information can still be problematic, and evaluation of potential design decisions is still often performed manually. Automatic architectural optimisation can be used to assist this decision process, enabling designers to rapidly explore many different options and evaluate them according to specific criteria. In this paper, we present a multi-objective optimisation approach based on EAST-ADL , an ADL in the automotive domain, with the goal of combining the advantages of ADLs and architectural optimisation. The approach is designed to be extensible and leverages the capabilities of EAST-ADL to provide support for evaluation according to different factors, including dependability, timing/performance, and cost. The technique is applied to an illustrative example system featuring both hardware and software perspectives, demonstrating the potential benefits of this concept to the design of embedded system architectures.

A reference architecture for cooperative driving

Cooperative driving systems enable vehicles to adapt their motion to the surrounding traffic situation by utilizing information communicated by other vehicles and infrastructure in the vicinity. How should these systems be designed and integrated into the modern automobile? What are the needed functions, key architectural elements and their relationships? We created a reference architecture that systematically answers these questions and validated it in real world usage scenarios. Key findings concern required services and enabling them via the architecture. We present the reference architecture and discuss how it can influence the design and implementation of such features in automotive systems.

Integrated safety and architecture modeling for automotive embedded systems

ZusammenfassungEAST-ADL ist eine Architekturbeschreibungssprache (ADL) für die modellbasierte Entwicklung von eingebetteten Systemen im Bereich der Fahrzeugtechnik. Die Formalisierung von Domänen-spezifischen Informationen und Methoden bringt einen Mehrwert für eine breite Palette von Anwendungen in den Bereichen Informationsmanagement, Systemdesign und Integration, Toolketten, Dokumentation und Kommunikation. Diese Publikation beschreibt die EAST-ADL-Unterstützung für Sicherheitsanforderungen und -bedingungen, Gefahren, Fehler und Störungen im Kontext des ISO 26262-Phasenmodells. Basierend auf dieser Sprachunterstützung können sicherheitsbezogene Informationen abgeleitet und nahtlos mit dem dazugehörigen Architekturmodell verwaltet werden. Dieses berücksichtigt verschiedene Abstraktionsebenen und Sichtweisen. Die Modelltransformation und Integration verschiedener Softwarewerkzeuge erlaubt so eine automatisierte Sicherheitsanalyse.SummaryEAST-ADL is an architecture description language (ADL) for model-based development of automotive embedded systems. The formalization of domain-specific engineering information and methodology brings a potential for a wide range of benefits for information management, system design and integration, tool interaction, documentation and communication. This paper describes the EAST-ADL language support for safety requirements, faults/failures, hazards and safety constraints in the context of ISO/DIS 26262 reference safety lifecycle. Based on the language support, the safety related information can be derived and managed seamlessly along with its target nominal system architecture model with multiple abstraction levels and view extensions. Through model transformation and tool integration, automated safety analysis is allowed.

An architectural approach to the analysis, verification and validation of software intensive embedded systems

EAST-ADL is a domain specific Architecture Description Language (ADL) for safety-critical and software-intensive embedded systems. The language allows a formalized and traceable description of a wide range of engineering concerns throughout the entire lifecycle of system development. This makes it possible to fully utilize the leverage of state-of-the-art methods and tools for the development of correct-by-construction system functions and components in a seamless and cost efficient way. This paper focuses on the recent advancement of EAST-ADL in supporting an architecture-centric analysis, verification&validation of complex behaviors for the purposes of requirements engineering, application design, and safety engineering. The approach is architecture centric because all behavior descriptions are formalized and connected to a set of standardized design artifacts sitting at multiple levels of abstractions. We present the language design to support this, the theoretical underpinning and tool implementation. To show the capability of EAST-ADL, we also introduce an algorithm and its implementation for transforming the EAST-ADL behavior models to SPIN models for logic model checking. Exploiting mature state-of-the-art technologies from computer science, electronic engineering, and other related domains for a model-based incremental system development, the contribution enables the developers of embedded systems and software to maintain various engineering concerns coherently using EAST-ADL.

Model-based safety engineering of interdependent functions in automotive vehicles using EAST-ADL2

For systems where functions are distributed but share support for computation, communication, environment sensing and actuation, it is essential to understand how such functions can affect each other. Preliminary Hazard Analysis (PHA) is the task through which safety requirements are established. This is usually a document-based process where each system function is analyzed alone, making it difficult to reason about the commonalities of related functional concepts and the distribution of safety mechanisms across a systemof-systems. This paper presents a model-based approach to PHA with the EAST-ADL2 language and in accordance with the ISO/DIS 26262 standard. The language explicitly supports the definition and handling of requirements, functions and technical solutions, and their various relations and constraints as a coherent whole with multiple views. We show in particular the engineering needs for a systematic approach to PHA and the related language features for precise modeling of requirements, user functionalities, system operation contexts, and the derived safety mechanisms.

Self configuration of dependent tasks for dynamically reconfigurable automotive embedded systems

The configurations of an automotive embedded system are normally fixed in production and remain static over the vehicle lifetime. Future scenarios, however, call for more flexible configuration support. DySCAS (dynamically self-configuring automotive systems) project aims to introduce context-awareness and self-management features into automotive embedded systems via middleware technologies. Contributing to online configuration decisions, this paper formalizes a fundamental self-configuration problem. It forms a basis for managing the cross interdependencies of configurational items, assessing the system-wide impacts of changes, and making dynamic decisions about new configurations.

Towards improving dependability of automotive systems by using the EAST-ADL architecture description language

The complexity of embedded automotive systems calls for a more rigorous approach to system development compared to current state of practice. A critical issue is the management of the engineering information that defines the embedded system. Development time, cost efficiency, quality and most importantly, dependability, all benefit from appropriate information management. System modeling based on an architecture description language is a way to keep the engineering information in one information structure. The EAST-ADL was developed in the EAST-EEA project (www.east-eea.org) and is an architecture description language for automotive embedded systems. It is currently refined in the ATESST project (www.atesst.org). This chapter describes how dependability is addressed in the EAST-ADL. The engineering process defined in the EASIS project (www.easis-online.org) is used as an example to illustrate the support for engineering processes in EAST-ADL.