Global ETD Search

91	Syntax-Based Dependency Discovery : Extracting Dependencies Between Integration Test Cases for Passive Testing / Syntaxbaserad upptäckt av beroenden : Extrahering av beroenden mellan integrationstestfall för passiv testning Halldoff, David, Sten, Martin January 2023 (has links) Modern-day vehicles consist of numerous electronic computing devices with accompanying software. Since vehicles are generally classified as safety-critical systems, rigorous testing strategies have to be deployed to ensure correct operation of the embedded software. Testing in an active sense is understood to be the main testing method for software in general. The main characteristic of active testing is that test cases have complete control over the system under test, warranting sequential execution of test cases. To complement active testing a method called passive testing is being researched, where the main benefit compared to active testing is that the evaluation of test cases becomes parallelizable. As passive testing opens up for concurrency, the issue of not recognizing faulty behavior arises. This could be the case when simultaneously testing functions which share an output, and the incorrect behavior of a function is being masked by the correct behavior of another function. To avoid vacuous test results, the evaluation of dependent test cases can be separated. Previous work describes the process of extracting dependencies between test cases from requirement specifications. However, this approach is not suitable when test cases are derived from various artifacts. In this thesis we present a syntax-based approach for dependency discovery between test cases. The approach was evaluated through a case study using integration test cases developed for active hardware-in-the-loop testing at Scania CV. Dependencies between 946 test cases have been extracted and the test cases were grouped into three categories, with 286 test cases being identified as independent. The approach shows some potential for evaluating test cases written for active testing, but the results indicate that using test cases written specifically for passive testing may yield better results. The approach also proved to be useful for finding bugs and deviations in scripts. Thus, the method has proven useful for discovering dependencies from syntax, but the results are strongly dependent on the complexity and commonality of the scripts. / Moderna fordon innehåller åtskilliga elektroniska kontrollenheter med medföljande programvara. Eftersom fordon ofta anses vara säkerhetskritiska system krävs robusta teststrategier av den inbyggda mjukvaran för att säkerställa korrekt drift. Aktiv testning är för nuvarande den vanligaste metoden för att testa mjukvara. Den huvudsakliga egenskapen för aktiv testning är att testfall har total kontroll över systemet som är satt under test, vilket medför sekventiell utvärdering av testfall. För att komplettera aktiv testning undersöks en metod som kallas passiv testning, där den största fördelen gentemot aktiv testning är att utvärderingen av testfall kan ske parallellt. Att utvärdera testfall samtidigt medför dock att felaktigt beteende i mjukvaran potentiellt kan maskeras. Detta kan ske då flera funktioner delar utsignaler, och en funktions felaktiga beteende maskeras av en annan funktions korrekta beteende. För att undvika tomma sanningar som testresultat, kan utvärderingen av testfall som har ett beroende mellan dem separeras. Föregående arbeten inom området beskriver processen för att extrahera beroenden mellan testfall från kravspecifikationer. Denna metod är dock inte lämplig när testfall är baserade på flera olika artefakter. I detta examensarbete presenterar vi en syntaxbaserad metod för att hitta beroenden mellan testfall. Metoden utvärderades genom en fallstudie på Scania CV, där aktiva integrationstestfall för hardware-in-the-loop användes för analys. Beroenden mellan 946 testfall kunde extraheras och testfallen grupperades i tre olika kategorier, där 286 klassificerades som oberoende. Metoden visar potential för att analysera testfall skrivna för aktiv testning, men resultaten indikerar att testfall skrivna specifikt för passiv testning kan generera ett bättre resultat. Ett oväntat men positivt utfall är att metoden i viss grad kan användas för att hitta buggar och avvikelser i skript. Således har metoden visats användbar för att hitta beroenden från syntax, men resultatet beror starkt på skriptens komplexitet och gemensamhet. Software testing passive testing integration testing test case dependency discovery guarded assertion automotive safety-critical Mjukvarutestning passiv testning integrationstestning testfall beroendeupptäckt fordon säkerhetskritisk Engineering and Technology Teknik och teknologier
92	Waiting for Locks: How Long Does It Usually Take? Baier, Christel, Daum, Marcus, Engel, Benjamin, Härtig, Hermann, Klein, Joachim, Klüppelholz, Sascha, Märcker, Steffen, Tews, Hendrik, Völp, Marcus 10 September 2013 (has links) (PDF) Reliability of low-level operating-system (OS) code is an indispensable requirement. This includes functional properties from the safety-liveness spectrum, but also quantitative properties stating, e.g., that the average waiting time on locks is sufficiently small or that the energy requirement of a certain system call is below a given threshold with a high probability. This paper reports on our experiences made in a running project where the goal is to apply probabilistic model checking techniques and to align the results of the model checker with measurements to predict quantitative properties of low-level OS code. Zugriffssperre sicherheitskritische Systeme Logik Betriebssystem Markov-Kette Sonderforschungsbereich 912 Hochadaptive Energieeffiziente Systeme Locks safety-critical systems Software Engineering Logics operating system Markov chain Collaborative Research Centre 912 ddc:004 rvk:ST 260
93	Controlling execution time variability using COTS for Safety-critical systems Bin, Jingyi 10 July 2014 (has links) (PDF) While relying during the last decade on single-core Commercial Off-The-Shelf (COTS) architectures despite their inherent runtime variability, the safety critical industry is now considering a shift to multi-core COTS in order to match the increasing performance requirement. However, the shift to multi-core COTS worsens the runtime variability issue due to the contention on shared hardware resources. Standard techniques to handle this variability such as resource over-provisioning cannot be applied to multi-cores as additional safety margins will offset most if not all the multi-core performance gains. A possible solution would be to capture the behavior of potential contention mechanisms on shared hardware resources relatively to each application co-running on the system. However, the features on contention mechanisms are usually very poorly documented. In this thesis, we introduce measurement techniques based on a set of dedicated stressing benchmarks and architecture hardware monitors to characterize (1) the architecture, by identifying the shared hardware resources and revealing their associated contention mechanisms. (2) the applications, by learning how they behave relatively to shared resources. Based on such information, we propose a technique to estimate the WCET of an application in a pre-determined co-running context by simulating the worst case contention on shared resources produced by the application's co-runners. Safety-critical Multi-core WCET Hardware counters
94	Formal verification of PLC programs using the B Method / Formal verification of PLC programs using the B method Barbosa, Haniel Moreira 01 November 2012 (has links) Made available in DSpace on 2014-12-17T15:48:03Z (GMT). No. of bitstreams: 1 HanielMB_DISSERT.pdf: 4925062 bytes, checksum: b4c15cc32318b96fa9ccd3be61b6e7e6 (MD5) Previous issue date: 2012-11-01 / PLCs (acronym for Programmable Logic Controllers) perform control operations, receiving information from the environment, processing it and modifying this same environment according to the results produced. They are commonly used in industry in several applications, from mass transport to petroleum industry. As the complexity of these applications increase, and as various are safety critical, a necessity for ensuring that they are reliable arouses. Testing and simulation are the de-facto methods used in the industry to do so, but they can leave flaws undiscovered. Formal methods can provide more confidence in an application s safety, once they permit their mathematical verification. We make use of the B Method, which has been successfully applied in the formal verification of industrial systems, is supported by several tools and can handle decomposition, refinement, and verification of correctness according to the specification. The method we developed and present in this work automatically generates B models from PLC programs and verify them in terms of safety constraints, manually derived from the system requirements. The scope of our method is the PLC programming languages presented in the IEC 61131-3 standard, although we are also able to verify programs not fully compliant with the standard. Our approach aims to ease the integration of formal methods in the industry through the abbreviation of the effort to perform formal verification in PLCs / Controladores L?gico Program?veis (PLCs Programmable Logic Controllers, em ingl?s) desempenham fun??es de controle, recebendo informa??es do ambiente, processando-as e modificando este ambiente de acordo com os resultados obtidos. S?o comumente utilizados na ind?stria nas mais diversas aplica??es, do transporte de massa ? ind?stria do petr?leo, g?s e energias renov?veis. Com o crescente aumento da complexidade dessas aplica??es e do seu uso em sistemas cr?ticos, faz-se necess?ria uma forma de verifica??o que propicie mais confian?a do que testes e simula??o, padr?es mais utilizados na ind?stria, mas que podem deixar falhas n?o tratadas. M?todos formais podem prover maior seguran?a a este tipo de sistema, uma vez que permitem a sua verifica??o matem?tica. Neste trabalho fazemos uso do M?todo B, que ? usado com sucesso na ind?stria para a verifica??o de sistemas cr?ticos, possui amplo apoio ferramental e suporte ? decomposi??o, refinamento e verifica??o de corretude em rela??o ? especifica??o atrav?s de obriga??es de prova. O m?todo desenvolvido e apresentado aqui consiste em gerar automaticamente modelos B a partir de programas para PLCs e verific?-los formalmente em rela??o a propriedades de seguran?a, estas derivadas manualmente a partir dos requisitos do sistema. O escopo do trabalho s?o as linguagens de programa??o para PLCs do padr?o IEC 61131-3, mas sistemas com linguagens que apresentem modifica??es em rela??o ao padr?o tamb?m s?o suportados. Esta abordagem visa facilitar a integra??o de m?todos formais na ind?stria atrav?s da diminui??o do esfor?o para realizar a verifica??o formal de PLCs
95	Decision making and modelling uncertainty for the multi-criteria analysis of complex energy systems / La prise de décision et la modélisation d’incertitude pour l’analyse multi-critère des systèmes complexes énergétiques Wang, Tairan 08 July 2015 (has links) Ce travail de thèse doctorale traite l'analyse de la vulnérabilité des systèmes critiques pour la sécurité (par exemple, les centrales nucléaires) dans un cadre qui combine les disciplines de l'analyse des risques et de la prise de décision de multi-critères.La contribution scientifique suit quatre directions: (i) un modèle hiérarchique et quantitative est développé pour caractériser la susceptibilité des systèmes critiques pour la sécurité à plusieurs types de danger, en ayant la vue de `tous risques' sur le problème actuellement émergeant dans le domaine de l'analyse des risques; (ii) l'évaluation quantitative de la vulnérabilité est abordé par un cadre de classification empirique: à cette fin, un modèle, en se fondant sur la Majority Rule Sorting (MR-Sort) Méthode, généralement utilisés dans le domaine de la prise de décision, est construit sur la base d'un ensemble de données (en taille limitée) représentant (a priori connu) des exemples de classification de vulnérabilité; (iii) trois approches différentes (à savoir, une model-retrieval-based méthode, la méthode Bootstrap et la technique de validation croisée leave-one-out) sont élaborées et appliquées pour fournir une évaluation quantitative de la performance du modèle de classification (en termes de précision et de confiance dans les classifications), ce qui représente l'incertitude introduite dans l'analyse par la construction empirique du modèle de la vulnérabilité; (iv) basé sur des modèles développés, un problème de classification inverse est résolu à identifier un ensemble de mesures de protection qui réduisent efficacement le niveau de vulnérabilité du système critique à l’étude. Deux approches sont développées dans cet objectif: le premier est basé sur un nouvel indicateur de sensibilité, ce dernier sur l'optimisation.Les applications sur des études de cas fictifs et réels dans le domaine des risques de centrales nucléaires démontrent l'efficacité de la méthode proposée. / This Ph. D. work addresses the vulnerability analysis of safety-critical systems (e.g., nuclear power plants) within a framework that combines the disciplines of risk analysis and multi-criteria decision-making. The scientific contribution follows four directions: (i) a quantitative hierarchical model is developed to characterize the susceptibility of safety-critical systems to multiple types of hazard, within the needed `all-hazard' view of the problem currently emerging in the risk analysis field; (ii) the quantitative assessment of vulnerability is tackled by an empirical classification framework: to this aim, a model, relying on the Majority Rule Sorting (MR-Sort) Method, typically used in the decision analysis field, is built on the basis of a (limited-size) set of data representing (a priori-known) vulnerability classification examples; (iii) three different approaches (namely, a model-retrieval-based method, the Bootstrap method and the leave-one-out cross-validation technique) are developed and applied to provide a quantitative assessment of the performance of the classification model (in terms of accuracy and confidence in the assignments), accounting for the uncertainty introduced into the analysis by the empirical construction of the vulnerability model; (iv) on the basis of the models developed, an inverse classification problem is solved to identify a set of protective actions which effectively reduce the level of vulnerability of the critical system under consideration. Two approaches are developed to this aim: the former is based on a novel sensitivity indicator, the latter on optimization.Applications on fictitious and real case studies in the nuclear power plant risk field demonstrate the effectiveness of the proposed methodology. Système critique pour la sécurité Analyse de la vulnérabilité Modèle hiérarchique Méthode Bootstrap Estimation de la confiance Safety-critical system Vulnerability analysis Malevolent intentional attacks Hierarchical model Bootstrap method Confidence estimation
96	Real-time scheduling of dataflow graphs / Ordonnancement temps-réel des graphes flots de données Bouakaz, Adnan 27 November 2013 (has links) Les systèmes temps-réel critiques sont de plus en plus complexes, et les exigences fonctionnelles et non-fonctionnelles ne cessent plus de croître. Le flot de conception de tels systèmes doit assurer, parmi d’autres propriétés, le déterminisme fonctionnel et la prévisibilité temporelle. Le déterminisme fonctionnel est inhérent aux modèles de calcul flot de données (ex. KPN, SDF, etc.) ; c’est pour cela qu’ils sont largement utilisés pour modéliser les systèmes embarqués de traitement de flux. Un effort considérable a été accompli pour résoudre le problème d’ordonnancement statique périodique et à mémoire de communication bornée des graphes flot de données. Cependant, les systèmes embarqués temps-réel optent de plus en plus pour l’utilisation de systèmes d’exploitation temps-réel et de stratégies d’ordonnancement dynamique pour gérer les tâches et les ressources critiques. Cette thèse aborde le problème d’ordonnancement temps-réel dynamique des graphes flot de données ; ce problème consiste à assigner chaque acteur dans un graphe à une tâche temps-réel périodique (i.e. calcul des périodes, des phases, etc.) de façon à : (1) assurer l’ordonnançabilité des tâches sur une architecture et pour une stratégie d’ordonnancement (ex. RM, EDF) données ; (2) exclure statiquement les exceptions d’overflow et d’underflow sur les buffers de communication ; et (3) optimiser les performances du système (ex. maximisation du débit, minimisation des tailles des buffers). / The ever-increasing functional and nonfunctional requirements in real-time safety-critical embedded systems call for new design flows that solve the specification, validation, and synthesis problems. Ensuring key properties, such as functional determinism and temporal predictability, has been the main objective of many embedded system design models. Dataflow models of computation (such as KPN, SDF, CSDF, etc.) are widely used to model stream-based embedded systems due to their inherent functional determinism. Since the introduction of the (C)SDF model, a considerable effort has been made to solve the static-periodic scheduling problem. Ensuring boundedness and liveness is the essence of the proposed algorithms in addition to optimizing some nonfunctional performance metrics (e.g. buffer minimization, throughput maximization, etc.). However, nowadays real-time embedded systems are so complex that real-time operating systems are used to manage hardware resources and host real-time tasks. Most of real-time operating systems rely on priority-driven scheduling algorithms (e.g. RM, EDF, etc.) instead of static schedules which are inflexible and difficult to maintain. This thesis addresses the real-time scheduling problem of dataflow graph specifications; i.e. transformation of the dataflow specification to a set of independent real-time tasks w.r.t. a given priority-driven scheduling policy such that the following properties are satisfied: (1) channels are bounded and overflow/underflow-free; (2) the task set is schedulable on a given uniprocessor (or multiprocessor) architecture. This problem requires the synthesis of scheduling parameters (e.g. periods, priorities, processor allocation, etc.) and channel capacities. Furthermore, the thesis considers two performance optimization problems: buffer minimization and throughput maximization. Temps réel (informatique) Systèmes enfouis (informatique) Ordonnancement (informatique) Graphes de fluence Programmation linéaire Java (langage de programmation) Dataflow models of computation Real-time scheduling Affine relation Symbolic schedulability analysis Safety-critical Java
97	Enhancing Safety for Autonomous Systems via Reachability and Control Barrier Functions Jason King Ching Lo (10716705) 06 May 2021 (has links) <div>In this thesis, we explore different methods to enhance the safety and robustness for autonomous systems. We achieve this goal using concepts and tools from reachability analysis and control barrier functions. We first take on a multi-player reach-avoid game that involves two teams of players with competing objectives, namely the attackers and the defenders. We analyze the problem and solve the game from the attackers' perspectives via a moving horizon approach. The resulting solution provides a safety guarantee that allows attackers to reach their goals while avoiding all defenders. </div><div><br></div><div>Next, we approach the problem of target re-association after long-term occlusion using concepts from reachability as well as Bayesian inference. Here, we set out to find the probability identity matrix that associates the identities of targets before and after an occlusion. The solution of this problem can be used in conjunction with existing state-of-the-art trackers to enhance their robustness.</div><div><br></div><div>Finally, we turn our attention to a different method for providing safety guarantees, namely control barrier functions. Since the existence of a control barrier function implies the safety of a control system, we propose a framework to learn such function from a given user-specified safety requirement. The learned CBF can be applied on top of an existing nominal controller to provide safety guarantees for systems.</div> Aerospace Engineering Control Systems, Robotics and Automation Automation and Control Engineering Autonomous Vehicles Autonomous Systems Autonomous Vehicle safety-critical control game theory approach Optimal Control optimization method reachability analysis techniques control barrier functions robotics system
98	Design and optimization of access control protocols in Vehicular Ad Hoc Networks (VANETs) / Conception et optimisation de protocoles de contrôle d’accès pour les réseaux véhiculaires VANETs Hadded, Mohamed 30 November 2016 (has links) Les accidents routiers et leurs dommages représentent un problème croissant dans le monde entier. Dans ce contexte, les réseaux véhiculaires (VANETs) peuvent être déployés pour réduire les risques et pour améliorer le confort. Ils permettent aux véhicules d'échanger différents types de données qui vont des applications de sécurité et de gestion du trafic aux applications de confort. De nos jours, les applications de sécurité sont l’objet de beaucoup d'attention des chercheurs ainsi que des fabricants d'automobiles. Dans cette thèse, nous étudierons les applications critiques pour la sécurité routière visant à fournir une assistance dans des situations dangereuses ou difficiles. Notre objectif principal sera de proposer de nouveaux protocoles de contrôle d'accès au support de transmission (MAC) et de routage, qui peuvent s’adapter dynamiquement aux changements fréquents de topologies des VANETs. Après un aperçu des protocoles d’accès sans contention dans les VANETs, nous proposons des solutions basées sur la technique de division du temps: Time Division Multiple Access (TDMA). D’abord, nous nous concentrons sur le développement d’un nouveau protocole distribué (DTMAC), qui ne repose pas sur l’utilisation d’infrastructure. DTMAC utilise les informations de localisation et un mécanisme de réutilisation des slots pour assurer que les véhicules accèdent au canal efficacement et sans collision. Les résultats obtenus ont confirmé l’efficacité de notre protocole, DTMAC se comporte très significativement mieux que VeMAC (protocole MAC basé sur TDMA.) Ensuite nous proposons TRPM, un protocole de routage basé sur une approche cross-layer. Dans TRPM, l’ordonnancement des slots TDMA construit par DTMAC et la position de la destination sont utilisés pour choisir le meilleur relais. Les résultats montrent que TRPM offre de meilleures performances, du nombre moyen de relais et de la fiabilité de livraison des messages comparé à d’autres protocoles. Dans la deuxième partie de cette thèse, nous nous focaliserons sur les mécanismes centralisés d’allocation de slots qui utilisent des coordinateurs. D’abord, nous proposons CTMAC, un protocole basé sur TDMA centralisé utilisant les RSUs (RoadSide Units) pour créer et maintenir les ordonnancements. CTMAC met en œuvre un mécanisme qui permet d’empêcher les “Access Collisions” de se produire plus que deux fois entre les véhicules qui tentent d’acquérir un même slot disponible. Les résultats ont montré que CTMAC permet de mieux minimiser les collisions, ainsi que le surcoût généré pour créer et maintenir les ordonnancements par rapport aux protocoles MAC, basés sur TDMA distribué. Cependant, dans CTMAC, les véhicules roulant vite devront acquérir des nouveaux slots après une courte période de temps à chaque fois qu’ils quittent les zones de leurs RSUs courants. Cette situation rend les protocoles centralisés inefficaces et couteux dans les réseaux à grande vitesse. Afin de pallier à ce problème inhérent à l’utilisation des RSUs, nous adaptons un algorithme d’ordonnancement basé sur le clustering dans lequel certains véhicules sont élus pour gérer l'accès au canal. Ceci permet aux véhicules de rester attachés à leurs clusters plus longtemps. Pour ce faire, nous proposons 1- un protocole de clustering nommé AWCP afin de former des clusters stables avec une longue durée de vie. AWCP est basé sur l’algorithme de clustering pour les réseaux mobiles WCA dans lequel les têtes des clusters sont élues en se basant sur une fonction de poids. 2- Nous formulons le réglage des paramètres de protocole AWCP comme un problème d’optimisation multi-objective et nous proposons un outil d’optimisation qui combine la version multi-objective de l’algorithme génétique appelé NSGA-II avec le simulateur de réseau ns-2 pour trouver les meilleurs paramètres du protocole AWCP. 3- Nous proposons ASAS, une stratégie adaptative pour l’attribution des slots temporels basée sur une approche cross-layer entre TDMA et AWCP / Road crashes and their damages represent a serious issue and are one of the main causes of people death. In this context, Vehicular Ad hoc NETworks (VANETs) are deployed to reduce the risk of road accident as well as to improve passengers’ comfort by allowing vehicles to exchange different kinds of data which ranges widely from road safety and traffic management to infotainment. Nowadays, safety applications are receiving a great deal of attention from researchers as well as from automobile manufacturers. In this thesis, we particularly focus on safety-critical applications, designed to provide drivers assistance in dangerous situations and to avoid accidents in highway environments. Such applications must guarantee to the vehicles access to the medium and have strict requirements regarding end-to-end delay and packet loss ratio. Therefore, our main goal is to propose new medium access control and routing protocols, which can efficiently adapt to frequent changing VANET network topologies. After a comprehensive overview of free-contention MAC protocols, we propose several solutions, based on Time Division Multiple Access Technique (TDMA). We have designed DTMAC, a fully distributed TDMA-based MAC protocol, which does not rely on an expensive infrastructure. DTMAC uses vehicles’ locations and a slot reuse concept to ensure that vehicles in adjacent areas have collision-free schedule. Using simulations, we prove that DTMAC provides a lower rate of access and merging collisions than VeMAC, a well-known TDMA based MAC protocol in VANET. Then, in order to ensure that event-driven safety messages can be sent over a long distance, we propose TRPM, a TDMA aware Routing Protocol for Multi-hop communication. Our routing scheme is based on a cross layer approach between the MAC and the routing layers, in which the intermediate vehicles are selected using TDMA scheduling information. Simulation results show that TRPM provides better performances in terms of average end-to-end delay, average number of hops and average delivery ratio. In the second part, we focus on coordinator-based TDMA scheduling mechanisms. First, we propose the Centralized TDMA based MAC protocol (CTMAC) which uses Road Side Units (RSUs) as a central coordinator to create and maintain the TDMA schedules. CTMAC implements an Access Collision Avoidance mechanism that can prevent the access collision problem occurring more than twice between the same vehicles that are trying to access the channel at the same time. Using simulation we show an improvement in terms of access and merging collisions as well as the overhead required to create and maintain the TDMA schedules compared to distributed scheduling mechanisms. However, in the CTMAC protocol, fast moving vehicles will need to compete for new slots after a short period of time when they leave their current RSU area, which makes a centralized scheduling approach very expensive. In order to further improve the performance of coordinator-based TDMA scheduling mechanisms, we focus on cluster-based TDMA MAC protocols in which some vehicles in the network are elected to coordinate the channel access, allowing the vehicles to remain connected with their channel coordinator for a longer period of time. To this end, first we propose an adaptive weighted clustering protocol, named AWCP, which is road map dependent and uses road IDs and vehicle directions to make the clusters’ structure as stable as possible. Then, we formulate the AWCP parameter tuning as a multi-objective problem and we propose an optimization tool to find the optimal parameters of AWCP to ensure its QoS. Next, we propose ASAS, an adaptive slot assignment strategy for a cluster-based TDMA MAC protocol. This strategy is based on a cross layer approach involving TDMA and AWCP. The objective is to overcome the inter-cluster interference issue in overlapping areas by taking into account vehicles’ locations and directions when the cluster head assign slots Réseaux véhiculaires VANETs MAC TDMA Routage Délai Attribution des slots Cluster Communications à sauts multiples Vehicular Adhoc Networks VANETs MAC TDMA Routing Schedule Time slot assignment Safety-critical applications Cluster Multi-hop communication
99	Towards a Correct-by-Construction design flow : A case-study from railway signaling systems Hanikat, Marcus January 2021 (has links) As technological advancements and manufacturing techniques continues to bring us more complex and powerful hardware, software engineers struggle to keep up with this rapid progress and reap the benefits brought by this hardware. In the field of safety-critical system development, where a thorough understanding and deterministic nature of the hardware often is required, the cost of development closely relates to the complexity of the hardware used. For software developers to be able to reap the benefits of the technological advancement in hardware design, a Correct-by-Construction with a model- based design flow seem promising. Even though there seem to be significant benefits in using a Correct-by-Construction workflow for developing safety- critical systems, it is far from exclusively used within the industry. Therefore, this thesis illustrates how a model-based design flow should be applied when developing safety-critical systems for usage in the rail transport sector. This thesis also explores the benefits Correct-by-Construction can bring to the development process of safety-critical systems. Within this thesis, two different modeling tools, ForSyDe and Simulink, were used to achieve a model-based design flow. The functionality of these tools is investigated to see how they can be used for developing safety-critical systems, meeting the EN 50128 standard. The result presented is an example of how these tools can be used within a model-based design flow which meets the EN 50128 standard for developing Safety Integrity Level (SIL) 4 systems. The thesis also compares the tools investigated and highlights their differences. Finally, future work required to create a complete Correct-by-Construction workflow that complies with the EN 50128 standard requirements for system development is identified. / Allt eftersom teknologiska framsteg och tillverkningstekniker fortsätter att ge oss tillgång till mer komplex och kraftfull hårdvara så kämpar mjukvaruingenjörer fibrilit med att kunna hänga med i denna utvecklingstakt och kunna utnyttja de nya möjligheterna som denna nya hårdvara ger. Inom fältet för säkerhetskritiska system, där en genomgående förståelse av och deterministiska egenskaper för hårdvara ofta krävs, så är kostnaden för utveckling nära relaterat till komplexiteten för hårdvaran som används. För att kunna ta till vara på de fördelar som dessa nya teknologiska framsteg för med sig så föreslås ofta användningen av utvecklingsprocessen Korrektvid- Konstruktion. Även fast det verkar finnas stora fördelar med att använda Korrekt-vid-Konstruktion som utvecklingsprocess så har det inte sett en bred användning inom industrin. På grund av detta så försöker denna avhandling svara på hur ett modelleringsbaserat utvecklingsflöde kan användas vid utveckling av säkerhetskritiska system för tågtransportsektorn. Arbetet undersöker även fördelarna med användningen av Korrekt-vid-Konstruktion vid utveckling av säkerhetskritiska system. Arbetet i denna avhandling undersöker hur två olika modeleringsverktyg, ForSyDe och Simulink, kan användas i ett modeleringsbasert utvecklingsflöde. Funktionaliteten för dessa modeleringsverktyg undersöks för att se hur dem kan användas för utveckling av säkerhetskritiska system på ett sätt som klarar av kraven i EN 50128 standarden. Resultaten som presenteras är ett exempel på hur dessa verktyg kan användas i ett modeleringsbaserat utvecklingsflöde som möter kraven i EN 50128 standarden för utveckling av SIL 4 system. Arbetet jämför även de undersökta modeleringsverktygen för att påvisa deras skillnader. Till sist så beskrivs det framtida arbete som krävs för att få till en komplett utvecklingsprocess som är Korrekt-vid-Konstruktion och även möter systemutvecklingskraven i EN 50128 standarden. Correct-by-Construction Safety-critical Formal modeling ForSyDe Simulink Model-based design EN 50128 Korrekt-vid-Konstruktion Säkerhetskritiska system Formell modelering ForSyDe Simulink MATLAB Modeleringsbaserat utvecklingsflöde EN 50128 Computer and Information Sciences Data- och informationsvetenskap
100	Utvecklandet av ett mer användbart system : - En designanalys av ledningssystemet C2STRIC - / The Development of a More User-Friendly System : - A Design Analysis of the Command-and-Control System C2STRIC - Schenning, Joacim, Rydén, Tova January 2023 (has links) In a modern world torn apart by war the basic human need to feel safe is threatened. In order to defend and protect this need, technical defense systems solving complex situations are of great importance. As the rate of technological innovation accelerates it is important for companies like Saab to maintain their competitive advantage. One way of doing this is by offering modern systems of high quality with intuitive interfaces increasing the usability. This master’s thesis aims at evaluating Saab Surveillance’s command and control system C2STRIC by an analysis of its user interface. It further aims at identifying usability problems and designing prototypes solving said problems, to increase the system’s usability. The system in question is a safety critical system, meaning that its malfunction might lead to severe consequences or death. This system characteristic permeates the whole thesis, resulting in findings unique for C2STRIC and thus maybe not generalizable. Through a close collaboration and interviews with the users the issues were identified and compiled. Due to secrecy reasons all the interviews were conducted live without recordings. All of them at Saab’s premises, except one which was conducted at “Stridslednings- och luftbevakningsskolan” at Uppsala garrison. Most of the interviews were scheduled while some were spontaneous. With the help of the compilation of identified problems, high fidelity prototypes could be developed in Adobe XD through an iterative user-centered design process. The process provided continuous feedback which helped in delivering prototypes satisfying the needs of the users. The primary problems regarded disturbances of the situational awareness of the user, i.e., issues preventing the user from performing its tasks according to circumstances. These disturbances were caused by ineffective navigation in the interface and poorly optimized object visualization. Prototypes introducing transparency, docking systems, search functions, radial menus and a new main menu solved these problems and increased the usability of C2STRIC - and they will in extension help in defending and protecting the basic human need to feel safe. usability user interface HMI command-and-control systems user-centered design safety critical systems användbarhet ändamålsenlighet effektivitet ledningssystem säkerhetskritiska system användargränssnitt användarcentrerad design systemanalys Human Computer Interaction

Search results