Global ETD Search

21	Design and Safety Analysis ofEmergency Brake System forAutonomous Formula Car : In Reference to Functional Safety ISO 26262 Böhlander, Marcus January 2018 (has links) The engineering competition Formula Student has introduced a Driverless Vehicle (DV)class, which requires the students to develop a car that can autonomously make its wayaround a cone track. To ensure the safety of such a vehicle, an Emergency Brake System(EBS) is required. The EBS shall ensure transition to safe state for detection of a singlefailure mode. This thesis work covers the design of the EBS for KTH Formula Student(KTH FS).Due to the safety critical character of this system, the software part of the EBS, calledEBS Supervisor, has been analyzed in accordance with the safety standard ISO 26262 tosee if an improved safety could be achieved. The analysis has been perform according toPart 3: Concept phase of ISO 26262 with an item definition, Hazard Analysis and RiskAssessment (HARA), Functional Safety Concept (FSC) and Technical Safety Concept(TSC).The result of the analysis showed that the EBS Supervisor requires extensive redundanciesin order to follow ISO 26262. This includes an additional CPU as well as signal checksof inputs and outputs. Due to limited resources in terms of money and time within theKTH FS team, these redundancies will not be implemented. The process of working withthe safety standard did however inspire an increased safety mindset. / Ingenjörstävlingen Formula Student har introducerat en förarlös tävlingsklass (eng:Driverless Vehicle) som innebär att studenterna ska utveckla en bil som autonomt kan tasig runt en konbana. För att försäkra sig om säkerheten för ett sådant fordon krävs ettnödbromssystem (eng: Emergency Brake System (EBS)). EBS:en skall försäkra att enövergång till ett säkert tillstånd sker då ett singulärt fel upptäcks. Det här examensarbetetbehandlar designen av EBS:en för KTH Formula Student.På grund av den säkerhetskritiska karaktären hos detta system har mjukvarudelen avEBS:en, kallad EBS Supervisor, blivit analyserad utifrån säkerhetsstandarden ISO 26262för att se om en förbättrad säkerhet kunde uppnås. Analysen har blivit genomfördenligt Del 3: Konceptfas av ISO 26262 med item definition, Hazard Analysis and RiskAssessment, Functional Safety Concept och Technical Safety Concept.Resultatet av analysen visade att EBS Supervisor kräver omfattande redundanser föratt uppfylla ISO 26262. Detta inkluderar en extra CPU såväl som kontroller av inochutsignaler. På grund av begränsade resurser i form av pengar och tid inom KTHFS, valdes dessa redundanser att inte implementeras. Processen av att arbeta medsäkerhetsstandarden har dock inspirerat ett ökat säkerhetstänk. Emergency Brake System Formula Student Functional Safety ISO 26262 Nödbromssystem Formula Student funktionell säkerhet ISO 26262 Vehicle Engineering Farkostteknik
22	Safe-AV: A Fault Tolerant Safety Architecture for Autonomous Vehicles Shah, Syed Asim January 2019 (has links) Autonomous Vehicles (AVs) should result in tremendous benefits to safe human transportation. Recent reports indicate a global average of 3,287 road crash related fatalities a day with the blame, in most cases, assigned to the human driver. By replacing the main cause, AVs are predicted to significantly reduce road accidents -- some claiming up to a 90% reduction on US roads. However, achieving these numbers is not simple. AVs are expected to assume tasks that human drivers perform both consciously and unconsciously -- in some instances, with Machine Learning. AVs incur new levels of complexity that, if handled incorrectly, can result in failures that cause loss of human life and damage to the environment. Accidents involving SAE Level 2 vehicles have highlighted such failures and demonstrated that AVs have a long way to go. The path towards safe AVs includes system architectures that provide effective failure monitoring, detection and mitigation. These architectures must produce AVs that degrade gracefully and remain sufficiently operational in the presence of failures. We introduce Safe-AV, a fault tolerant safety architecture for AVs that is based on the commonly adopted E-Gas 3 Level Monitoring Concept, the Simplex Architecture and guided by a thorough hazard analysis in the form of Systems-Theoretic Process Analysis (STPA). We commenced the architecture design with a review of some modern AV accidents which helped identify the types of failures AVs can present and acted as a first step to our STPA. The hazard analysis was applied to an initial AV architecture (without safety mechanisms) consisting of components that should be present in a typical AV (based on the literature and our ideas). Our STPA identified the system level accidents, hazards and corresponding loss scenarios that led to well-founded safety requirements which, in turn, evolved the initial architecture into Safe-AV. / Thesis / Master of Applied Science (MASc) Safe-AV Functional Safety of Autonomous Vehicles STPA Systems-Theoretic Process Analysis Autonomous Vehicle Safety Architecture Autonomous Vehicle Hazard Analysis
23	Controle relacionado à segurança nas indústrias de processos: uma abordagem integrada de modelos de acidentes, defesa em profundidade e diagnosticabilidade segura. / Safety-related control system: an integrated approach of accident models, defense-in-depth and safe diagnosability. Squillante Junior, Reinaldo 02 June 2017 (has links) A questão da segurança funcional das indústrias de processos vem recebendo uma atenção crescente pela comunidade científica mundial, uma vez que se observa a possibilidade de ocorrências de acidentes e as consequências indesejadas que estes acidentes têm provocado. Essas indústrias podem ser consideradas como parte de uma classe de sistemas denominados Sistemas Críticos, que são caracterizados pela possibilidade de ocorrência de falhas críticas, que resultam em acidentes com perdas de vidas humanas, danos ao meio ambiente e perdas financeiras envolvendo custos significativos de equipamentos e propriedades. Estes fatos justificam a necessidade de uma nova abordagem no que se refere ao design de processos, design de controle de processos, análise e controle de riscos e avaliação de riscos. Um dos desafios pertinentes à segurança funcional está associado a como vincular os cenários de acidentes aos requisitos para projetos de sistemas de controle relacionados à segurança das indústrias de processos de forma sistemática. Por sua vez, a possibilidade de ocorrência de eventos críticos e/ou eventos indesejados não observados ou ocultos, como fatores relevantes associados à evolução da sequência de eventos que culmina na ocorrência de um acidente. Neste contexto, o desafio está em aprimorar a eficácia destes sistemas de controle, que envolve o desenvolvimento de uma solução capaz de supervisionar o processo de evolução de falhas críticas, a fim de se garantir um nível de segurança funcional adequado e que esteja em conformidade com as normas internacionais aplicáveis IEC 61508 e IEC 61511. Portanto, estas considerações trazem novos requisitos para o projeto de sistemas de controle desta natureza, capaz de englobar modelos de acidentes e processos de evolução de falhas críticas. Uma solução é a consideração das abordagens de prevenção e mitigação de falhas críticas de forma integrada e interativa. Além disso é necessário abordar novas técnicas e conceitos para que se possa desenvolver um sistema de controle capaz de rastrear e atuar nos processos de evolução de falhas desta natureza. Uma possibilidade consiste em considerar o princípio de defesa em profundidade aliado à propriedade de diagnosticabilidade segura. O atendimento a este novo conjunto de requisitos não é trivial e se faz necessário integrar diferentes formalismos para o desenvolvimento de soluções adequadas. Portanto, este trabalho apresenta uma metodologia para o projeto de um sistema de controle baseado no conceito de segurança funcional para indústrias de processos, e que propõe: (i) uma arquitetura de controle para prevenção e mitigação de falhas críticas, (ii) extensão da classificação de barreiras de segurança focando na automação via sistemas instrumentados de segurança (SIS) (iii) framework para a síntese de sistemas de controle relacionados à segurança baseado em modelos de acidentes e que contempla os seguintes métodos: (a) elaboração do HAZOP, (b) construção de modelos de acidentes, (c) integração dos modelos de acidentes com o HAZOP e (d) geração dos algoritmos de defesa para a prevenção e mitigação de falhas críticas, a partir de técnicas de modelagem usando extensões da rede de Petri: Production Flow Schema (PFS) e Mark Flow Graph (MFG). A metodologia proposta foi verificada, a partir de exemplos de aplicação investigados na literatura. / The issue of the functional safety of process industries has been receiving increasing attention from the world scientific community, since it has stated the possibility of occurrences of the accidents and the related undesired consequences. These industries can be considered as part of a system class called critical systems, which are characterized by the occurrence of critical faults, which can result in accidents involving loss of life, damage to the environment, and financial losses involving equipment and property. These facts justify the need for a new approach that addresses: process design, process control design, risk analysis and control, and risk assessment. One of the challenges related to functional safety is associated with how to integrate accident scenarios to the requirements for the design of safety-related control systems of the process industries in a systematic way. Furthermore, there is the possibility of the occurrence of the unobserved or hidden undesired and / or critical events, as relevant factors associated to the evolution of the sequence of the events that corroborates in the occurrence of an accident. In this context, the challenge is to improve the effectiveness of these control systems, which involves the development of a solution capable of supervising the process of evolution of the critical and / or undesired events, in order to guarantee an adequate level of functional safety, and that complies with the applicable international standards IEC 61508 and IEC 61511. Therefore, these considerations bring new requirements for the design of control systems of this nature, capable of encompassing the accident models and the critical fault evolution processes. One solution is to consider critical fault prevention and mitigation approaches in an integrated and interactive way. In addition, it is necessary to addresses new techniques and concepts in order to develop a control system capable of tracking and acting in the evolution processes of faults of this nature. One possibility is to consider the principle of defense-in-depth coupled with the property of safe diagnosability. The fulfillment of this new set of requirements is not trivial and it is necessary to integrate different formalisms for the development of adequate solutions. Therefore, this work presents a methodology for the design of a safety-related control systems based on the concept of functional safety for the process industries, which proposes: (i) a control architecture for the prevention and mitigation of the critical faults, (ii) an extension of the classification of the safety barriers focusing on automation via safety instrumented system (SIS), (iii) a framework for the synthesis of the safety-related control systems based on accident models and which includes the following methods: (a) elaboration of the HAZOP study, (b) construction of the accident models, (c) integration of the accident models with the HAZOP study, and (d) generation of the defense algorithms for the prevention and mitigation of the critical faults, via modeling techniques using extensions of the Petri net: Production Flow Schema (PFS) and Mark Flow Graph (MFG). The proposed methodology was verified, from application examples investigated in the literature. Accident model Acidentes (Controle) Análise de risco Controle de processos Defense-in-depth Functional safety-related control Indústrias Process industries Safe diagnosability Sistemas de controle
24	Approches de sûreté de fonctionnement sur Ethernet temps réel : application à une nouvelle génération d’ascenseur / Safety approaches for real time Ethernet : application to new lift generation Soury, Ayoub 11 April 2018 (has links) La conception d’un réseau de communication de sécurité basée sur l’Ethernet temps réel répondant aux exigences de la norme PESSRAL, dérivée de l’IEC 61508, constitue la base de notre travail. Afin d’atteindre cet objectif, nous mettons en oeuvre des mécanismes permettant de réduire la probabilité d’erreur et d’atteindre les niveaux d’intégrité de sécurité (SIL) par l’utilisation d’un système électronique déterministe. Avec un seul canal de communication, notre système doit être capable d’intégrer des fonctions critiques et non critiques sans remettre en cause la certification du système.Lors de cet engagement nous proposons un système de communication industrielle basé sur l’Ethernet temps réel. Les interfaces de communication proposées répondent aux exigences de réactivité, de déterminisme pour garantir les contraintes temporelles imposées par le processus et la norme. Pour assurer la sécurité fonctionnelle des interfaces, nous avons proposé une surcouche de type "safety" qui implémente des fonctions de sécurité selon le concept du canal noir défini dans l’IEC 61508. En nous basant sur ces propriétés, nous avons réussi à classifier les solutions temps réel à base d’Ethernet en trois classes en fonction du temps de cycle. La surcouche "safety", basée sur la redondance de données, a permis de renoncer à la solution de redondance physique. Cette redondance de données duplique le temps de cycle initial du réseau qui satisfait néanmoins aux conditions de sécurité et temporelles de la norme. / The design of a communication network with a real-time Ethernet-based security that meets the requirements of the PESSRAL standard, derived from IEC 61508, is the basis of our work. In order to achieve this goal, we implement mechanisms reducing the residual error probability and achieving Safety Integrity Levels (SIL) via a deterministic electronic system. Through a single communication channel, our system must be able to integrate critical and non-critical functions without compromising the system certification.According to this commitment, we suggest an industrial communication system based on real-time Ethernet. The proposed communication interfaces meet the requirements of responsiveness and determinism in order to guarantee the temporal constraints imposed by the process and the standard. To ensure the functional safety of the interfaces, we have proposed a "safety" overlay that implements security functions according to the concept of the black channel defined in IEC 61508. Based on these properties, we have managed to classify the Ethernet-based real-time solutions into three classes in terms of cycle time. The overlay "safety", based on the redundancy of data, made it possible to give up the solution of physical redundancy. This data redundancy duplicates the initial cycle time of the network, which nonetheless satisfies the security and time conditions of the standard. Pessral Iec 61508 Système de communication industrielle Ethernet Temps réel Réactivité Déterminisme Pessral Iec61508 Industrial communication system Real-Time Ethernet Determinism Functional safety 004
25	Mise en œuvre d’un cadre de sûreté de fonctionnement pour les systèmes d'automatisation de sous-stations intelligentes : application à la distribution de l’énergie électrique / Implementation of a dependability framework for smart substation automation systems : application to electric energy distribution Altaher, Ahmed 27 February 2018 (has links) Depuis son invention, l'électricité joue un rôle essentiel dans notre vie quotidienne. L'apparition des premières installations de production d'électricité à la fin du XIXème siècle a ouvert la voie au système électrique et à ses sous-systèmes. Les consommateurs d'énergie électrique exigent un service fiable en termes de stabilité et de sécurité du réseau électrique. Depuis la libéralisation des marchés, les producteurs d'énergie électrique, les fournisseurs de services publics et d'équipements, en tant qu'acteurs principaux, suivent une tendance émergente pour satisfaire les demandes des consommateurs. Cette tendance implique l'amélioration des technologies, l'innovation et le respect des normes et des réglementations gouvernementales. Tous ces efforts ont été qualifiés de concept de réseaux intelligents (Smart Grid en anglais) qui évolue pour répondre aux demandes futures.Les sous-stations numériques modernes et futures façonnent des nœuds essentiels dans le réseau électrique, où la stabilité du flux d'énergie électrique, la conversion des niveaux de tension et la protection de l'équipement du poste de commutation figurent parmi les principaux rôles de ces nœuds. La norme prometteuse CEI 61850 et ses composants apportent de nouvelles fonctionnalités aux systèmes d'automatisation des postes. L'utilisation de la communication Ethernet dans ces systèmes réduit la quantité de connexions câblées qui réduit l'encombrement de l'équipement de la sous-station, des dispositifs et de leur câblage.L'intégration des nouvelles fonctionnalités CEI 61850 au niveau des sous-stations requiert des compétences multidisciplinaires. Par exemple, considérons les tâches de protection et de contrôle de la puissance d'un côté et les technologies de l'information et de la communication de l'autre. La dépendance entre les fonctions d'automatisation des sous-stations et les réseaux de communication à l'intérieur d'une sous-station pose de nouveaux défis aux concepteurs, intégrateurs et testeurs. Ainsi, étudier la fiabilité des fonctionnalités du système, par exemple, les schémas de protection, exige de nouvelles méthodes d'essai où les méthodes conventionnelles ne sont pas applicables. Les nouvelles techniques devraient fournir des moyens d'évaluer les performances des systèmes conçus et de vérifier leur conformité aux exigences des normes.Afin d'améliorer la fiabilité du système conçu, ce travail vise à développer des méthodes pour tester les systèmes d'automatisation de sous-station CEI 61850, en particulier sur les processus et les niveaux de la baie, dans une plate-forme dédiée aux tâches de recherche. Cette plate-forme incorpore des dispositifs de pointe et des cartes de test qui aideront à observer simultanément les interactions dynamiques des transitoires de puissance et les perturbations du réseau de communication. Les données obtenues lors des tests expérimentaux seront utilisées pour diagnostiquer les défaillances et classer leurs causes afin de les supprimer et d'améliorer la fiabilité du système conçu. / Since its invention, Electricity has played a vital role in our everyday life. The appearance of the first power production facilities in the late nineteenth century paved the way for the electrical power system and its subsystems. Consumers of electric power demand dependable service in terms of power grid stability and safety. Since the liberalization of the markets, producers of electric power, utilities and equipment suppliers, as principal players, are following an emerging trend to satisfy consumers’ demands. This trend involves improving technologies, innovating and respecting standards requirements and governments’ regulations. All these efforts termed as the concept of the Smart Grid that is evolving to meet future demands.Modern and future digital substations shape essential nodes in the grid, where stability of electric power flow, converting of voltage levels and protecting switchyard equipment are among the primary roles of these nodes. The promising standard IEC 61850 and its parts, bring new features to the substation automation systems. The use of Ethernet based communication within these systems reduces the amount of hardwired connections that results in lowering footprint of substation equipment, devices and their cabling.Integration of the new IEC 61850 features at the substation levels requires multidiscipline competences. For instance, consider power protection and control tasks from one side and information and communication technologies from the other side. Dependency between substation automation functions and communication networks inside a substation brings new kinds of challenges to designers, integrators and testers. Thus, investigating the dependability of the system functionalities, e.g. the protection schemes, requires new methods of testing where conventional methods are not applicable. The new techniques should provide means to evaluate performance of designed systems and checking their conformance to the standards requirements.In order to improve the designed system dependability, this work aims to develop methods for testing the IEC 61850 enabled substation automation systems, especially on the process and the bay levels, in a platform dedicated for research tasks. This platform incorporates state-of-art devices and test-set cards that will help to simultaneously observe dynamic interactions of the power transients and communication network perturbations. Data obtained during the experimental tests will be used for diagnosing of failures and classifying their causes in order to remove them and enhance dependability of the designed system. Sûreté de fonctionnement Sécurité fonctionnelle Sous-Station intelligente Diagnostic Evaluation de performance Smart grids Dependability Functional safety Smart substation Diagnosis Performance evaluation Smart grids 620
26	Controle relacionado à segurança nas indústrias de processos: uma abordagem integrada de modelos de acidentes, defesa em profundidade e diagnosticabilidade segura. / Safety-related control system: an integrated approach of accident models, defense-in-depth and safe diagnosability. Reinaldo Squillante Junior 02 June 2017 (has links) A questão da segurança funcional das indústrias de processos vem recebendo uma atenção crescente pela comunidade científica mundial, uma vez que se observa a possibilidade de ocorrências de acidentes e as consequências indesejadas que estes acidentes têm provocado. Essas indústrias podem ser consideradas como parte de uma classe de sistemas denominados Sistemas Críticos, que são caracterizados pela possibilidade de ocorrência de falhas críticas, que resultam em acidentes com perdas de vidas humanas, danos ao meio ambiente e perdas financeiras envolvendo custos significativos de equipamentos e propriedades. Estes fatos justificam a necessidade de uma nova abordagem no que se refere ao design de processos, design de controle de processos, análise e controle de riscos e avaliação de riscos. Um dos desafios pertinentes à segurança funcional está associado a como vincular os cenários de acidentes aos requisitos para projetos de sistemas de controle relacionados à segurança das indústrias de processos de forma sistemática. Por sua vez, a possibilidade de ocorrência de eventos críticos e/ou eventos indesejados não observados ou ocultos, como fatores relevantes associados à evolução da sequência de eventos que culmina na ocorrência de um acidente. Neste contexto, o desafio está em aprimorar a eficácia destes sistemas de controle, que envolve o desenvolvimento de uma solução capaz de supervisionar o processo de evolução de falhas críticas, a fim de se garantir um nível de segurança funcional adequado e que esteja em conformidade com as normas internacionais aplicáveis IEC 61508 e IEC 61511. Portanto, estas considerações trazem novos requisitos para o projeto de sistemas de controle desta natureza, capaz de englobar modelos de acidentes e processos de evolução de falhas críticas. Uma solução é a consideração das abordagens de prevenção e mitigação de falhas críticas de forma integrada e interativa. Além disso é necessário abordar novas técnicas e conceitos para que se possa desenvolver um sistema de controle capaz de rastrear e atuar nos processos de evolução de falhas desta natureza. Uma possibilidade consiste em considerar o princípio de defesa em profundidade aliado à propriedade de diagnosticabilidade segura. O atendimento a este novo conjunto de requisitos não é trivial e se faz necessário integrar diferentes formalismos para o desenvolvimento de soluções adequadas. Portanto, este trabalho apresenta uma metodologia para o projeto de um sistema de controle baseado no conceito de segurança funcional para indústrias de processos, e que propõe: (i) uma arquitetura de controle para prevenção e mitigação de falhas críticas, (ii) extensão da classificação de barreiras de segurança focando na automação via sistemas instrumentados de segurança (SIS) (iii) framework para a síntese de sistemas de controle relacionados à segurança baseado em modelos de acidentes e que contempla os seguintes métodos: (a) elaboração do HAZOP, (b) construção de modelos de acidentes, (c) integração dos modelos de acidentes com o HAZOP e (d) geração dos algoritmos de defesa para a prevenção e mitigação de falhas críticas, a partir de técnicas de modelagem usando extensões da rede de Petri: Production Flow Schema (PFS) e Mark Flow Graph (MFG). A metodologia proposta foi verificada, a partir de exemplos de aplicação investigados na literatura. / The issue of the functional safety of process industries has been receiving increasing attention from the world scientific community, since it has stated the possibility of occurrences of the accidents and the related undesired consequences. These industries can be considered as part of a system class called critical systems, which are characterized by the occurrence of critical faults, which can result in accidents involving loss of life, damage to the environment, and financial losses involving equipment and property. These facts justify the need for a new approach that addresses: process design, process control design, risk analysis and control, and risk assessment. One of the challenges related to functional safety is associated with how to integrate accident scenarios to the requirements for the design of safety-related control systems of the process industries in a systematic way. Furthermore, there is the possibility of the occurrence of the unobserved or hidden undesired and / or critical events, as relevant factors associated to the evolution of the sequence of the events that corroborates in the occurrence of an accident. In this context, the challenge is to improve the effectiveness of these control systems, which involves the development of a solution capable of supervising the process of evolution of the critical and / or undesired events, in order to guarantee an adequate level of functional safety, and that complies with the applicable international standards IEC 61508 and IEC 61511. Therefore, these considerations bring new requirements for the design of control systems of this nature, capable of encompassing the accident models and the critical fault evolution processes. One solution is to consider critical fault prevention and mitigation approaches in an integrated and interactive way. In addition, it is necessary to addresses new techniques and concepts in order to develop a control system capable of tracking and acting in the evolution processes of faults of this nature. One possibility is to consider the principle of defense-in-depth coupled with the property of safe diagnosability. The fulfillment of this new set of requirements is not trivial and it is necessary to integrate different formalisms for the development of adequate solutions. Therefore, this work presents a methodology for the design of a safety-related control systems based on the concept of functional safety for the process industries, which proposes: (i) a control architecture for the prevention and mitigation of the critical faults, (ii) an extension of the classification of the safety barriers focusing on automation via safety instrumented system (SIS), (iii) a framework for the synthesis of the safety-related control systems based on accident models and which includes the following methods: (a) elaboration of the HAZOP study, (b) construction of the accident models, (c) integration of the accident models with the HAZOP study, and (d) generation of the defense algorithms for the prevention and mitigation of the critical faults, via modeling techniques using extensions of the Petri net: Production Flow Schema (PFS) and Mark Flow Graph (MFG). The proposed methodology was verified, from application examples investigated in the literature. Acidentes (Controle) Análise de risco Controle de processos Indústrias Sistemas de controle Accident model Defense-in-depth Functional safety-related control Process industries Safe diagnosability
27	Graphical Approach for Variability Management in Safety-Critical Product Lines Salikiryaki, Aleksandra, Petrova, Iliana January 2015 (has links) The number and complexity of the systems realizing the functionality of the machines in the automotive domain are growing. In this arises the need for a systematic way to manage their development. As the technologies advance, the vehicles introduce an increasing range of capabilities. However, they have similar functions, which have the potential to be reused. One of the widely used approaches that manages the commonality and variability of the development artifacts in a systematic manner is Product Line Engineering (PLE). Consequently, PLE reduces the time to market and the development cost. The machines, realized in the automotive domain, interact with their operators and the surrounding environment. Possible malfunctions of the machines may introduce a risk of accidents with fatal consequences. Therefore, the products should be analyzed, developed and managed in a safe manner and certified according to different relevant safety standards like ISO 15998, ISO 61508 and ISO 26262. There is a diversity of functions in a Product Line (PL). Some of them are mandatory for all machines and others are optional for some models. This gives the opportunity to combine the functions in multiple configurations. However, not all combinations are possible due to dependencies among the functions. Furthermore, the configurations should be valid from a safety perspective, and the developed products should satisfy the requirements identified during the safety analysis. The above mentioned factors emphasize the need for explicit representation of the systems' characteristics, such as commonality and variability, functional dependencies and quality attributes. The purpose of the current work is to find an efficient way to satisfy this need. The scope of our research is limited to the automotive domain. In order to gain familiarity with the state of practice, we collaborated with Volvo Construction Equipment (Volvo CE) as an industrial partner. In particular, we: conducted an informal interview study with the practitioners, analyzed the requirements management tool used in Volvo CE and studied products typical for the domain in detail, examined the deliverables defined in the related domain specific safety standards. We gained knowledge on how variability is managed in an industrial context today, which safety aspects need to be considered and how functional safety artifacts are managed with regards to variability. We synthesized the characteristics that are explicitly represented during the development and safety certification of the products in a safety-critical product line. We identified the challenges that the practitioners meet today and the areas that need to be improved. As a result, we formulated evaluation criteria for search and assessment of possible solutions. Subsequently we searched in the literature for different modeling techniques, that are able to respond to the industrial needs, and found the following to be relevant in our context: Feature modeling techniques consider the different variability types and dependencies among the features. Model-based development techniques can represent different views of the system on each level of the development process. Orthogonal modeling techniques extract the variability and dependencies in a different view. Furthermore, we evaluated the methods found during the literature study, based on the proposed criteria. We concluded that the examined techniques alone cannot represent all characteristics needed to support the development of a safety-critical product line, especially the impact of the variability on the safety and vice versa. However, each of them focuses on the presentation of certain aspect of the product line, which can help in building a more complete representation. Thus we focused on the approaches that may be extended and integrated into a complete solution. As a result, we propose a model and graphical notation for variability management in safety-critical product lines, which takes the identified industrial needs into account. The concept is depicted graphically by several model-based diagrams, which represent the different aspects of the product line, on each development level. Special attention is paid to the representation of the safety and variability aspects of the systems. The method is exemplified on an industrial example, in order to show how it achieves the defined goals. Safety-critical product line Product line engineering Software reuse Variability management Commonality and variability Functional safety Model-based development Graphical approach Software Engineering Programvaruteknik
28	Evaluation of an Adaptive AUTOSAR System in Context of Functional Safety Environments Massoud, Mostafa 08 November 2017 (has links) (PDF) The rapidly evolving technologies in the automotive industry have been defining new challenges, setting new goals and consenting to more complex systems. This steered the AUTOSAR community toward the independent development of the AUTOSAR Adaptive Platform with the intention of addressing and serving the demands defined by the new technology drivers. The use of an already existing software based on an open-source development - specifically GNU/Linux - was recognized as a matching candidate fulfilling the requirements defined by AUTOSAR Adaptive Platform as its operating system. However, this raises new challenges in addressing the safety aspect and the suitability of its implementation in safety-critical environments. As safety standards do not explicitly handle the use of open-source software development, this thesis proposes a tailoring procedure that aims to match the requirements defined by ISO 26262 for a possible qualification of GNU/Linux. And while very little is known about the behavior specification of GNU/Linux to appropriate its use in safety-critical environments, the outlined methodology seeks to verify the specification requirements of GNU/Linux leveraging its claimed compliance to the POSIX standard. In order to further use GNU/Linux with high pedigree of certainty in safety-critical applications, a software partitioning mechanism is implemented to provide control over the resource consumption of the operating system –specifically computation time and memory usage- between different criticality applications in order to achieve Freedom from Interference. The implementation demonstrates the ability to avoid interference concerning required resources of safety-critical applications. Adaptives AUTOSAR Open Source Entwicklungsumgebungen Eingebettetes Linux AUTOSAR Adaptive Platform Open Source Development Environments Embedded Linux Functional Safety (ISO 26262) ddc:004 Informatik AUTOSAR Open Source LINUX
29	Exploring Strategies for Adapting Traditional Vehicle Design Frameworks to Autonomous Vehicle Design Munoz, Alex 01 January 2020 (has links) Fully autonomous vehicles are expected to revolutionize transportation, reduce the cost of ownership, contribute to a cleaner environment, and prevent the majority of traffic accidents and related fatalities. Even though promising approaches for achieving full autonomy exist, developers and manufacturers have to overcome a multitude of challenged before these systems could find widespread adoption. This multiple case study explored the strategies some IT hardware and software developers of self-driving cars use to adapt traditional vehicle design frameworks to address consumer and regulatory requirements in autonomous vehicle designs. The population consisted of autonomous driving technology software and hardware developers who are currently working on fully autonomous driving technologies from or within the United States, regardless of their specialization. The theory of dynamic capabilities was the conceptual framework used for the study. Interviews from 7 autonomous vehicle hard and software engineers, together with 15 archival documents, provided the data points for the study. A thematic analysis was used to code and group results by themes. When looking at the results through the lens of dynamic capability theory, notable themes included regulatory uncertainty, functional safety, rapid iteration, and achieving a competitive advantage. Based on the findings of the study, implications for social change include the need for better regulatory frameworks to provide certainty, consumer education to manage expectations, and universal development standards that could integrate regulatory and design needs into a single approach. artifical inteligence automotive design frameworks autonomous vehicle design strategies functional safety vehicle regulations Artificial Intelligence and Robotics Databases and Information Systems Mechanical Engineering
30	Samočinné testování mikrokontrolerů / Self-Testing of Microcontrollers Denk, Filip January 2019 (has links) This Master's thesis deals with functional safety of electronic systems. Specifically, it focuses on self-testing of the microprocessor and its peripherals at the software level. The main aim of the thesis is to design and implement a set of functions written in programming language C or assembly language, which automatically test the selected areas of the microcontroller. Resources and methods used in the implemented solution also aim to meet the requirements according to the safety standard IEC 60730-1, Annex H, Software Class B. The microcontroller NXP LPC55S69 was chosen as a hardware platform. It consists of two ARM Cortex-M33 cores. As a result, the example application is provided, which uses implemented test functions at the run-time. Example application also contains a graphical user interface with fault injection ability.

Search results