Spelling suggestions: "subject:"safetycritical lemsystems"" "subject:"safetycritical atemsystems""
11 |
Concurrent Online Testing for Many Core Systems-on-ChipsLee, Jason Daniel 2010 December 1900 (has links)
Shrinking transistor sizes have introduced new challenges and opportunities for system-on-chip (SoC) design and reliability. Smaller transistors are more susceptible to early lifetime failure and electronic wear-out, greatly reducing their reliable lifetimes. However, smaller transistors will also allow SoC to contain hundreds of processing cores and other infrastructure components with the potential for increased reliability through massive structural redundancy. Concurrent online testing (COLT) can provide sufficient reliability and availability to systems with this redundancy. COLT manages the process of testing a subset of processing cores while the rest of the system remains operational. This can be considered a temporary, graceful degradation of system performance that increases reliability while maintaining availability.
In this dissertation, techniques to assist COLT are proposed and analyzed. The techniques described in this dissertation focus on two major aspects of COLT feasibility: recovery time and test delivery costs. To reduce the time between failure and recovery, and thereby increase system availability, an anomaly-based test triggering unit (ATTU) is proposed to initiate COLT when anomalous network behavior is detected. Previous COLT techniques have relied on initiating tests periodically. However, determining the testing period is based on a device's mean time between failures (MTBF), and calculating MTBF is exceedingly difficult and imprecise.
To address the test delivery costs associated with COLT, a distributed test vector storage (DTVS) technique is proposed to eliminate the dependency of test delivery costs on core location. Previous COLT techniques have relied on a single location to store test vectors, and it has been demonstrated that centralized storage of tests scales poorly as the number of cores per SoC grows. Assuming that the SoC organizes its processing cores with a regular topology, DTVS uses an interleaving technique to optimally distribute the test vectors across the entire chip. DTVS is analyzed both empirically and analytically, and a testing protocol using DTVS is described.
COLT is only feasible if the applications running concurrently are largely unaffected. The effect of COLT on application execution time is also measured in this dissertation, and an application-aware COLT protocol is proposed and analyzed. Application interference is greatly reduced through this technique.
|
12 |
Simulation of Safety-Critical Systems Specified in AADLSheytanov, Boyan January 2012 (has links)
Safety-critical software intensive systems are used in a lot of industries nowadays. Examples ofthese are in automotive and aircraft industry, medicine, and autonomous systems. Fault in suchsystems can lead to severe damage and/or loss of human lives. Therefore fault-tolerance should beconsidered at all stages of the system development, starting from the analysis and design.Different languages and tools have been developed for that purpose across the years. One of these isthe Architecture Analysis and Design Language (AADL) – a modeling language used to describethe architecture of a software system. It consists of textual and graphical descriptions of three typesof components – software, execution platform and composite.In this work we implement a prototype of an AADL simulator in Java that enables us to examine thepossible dynamic executions of an AADL specification. This allows us to verify the correctness ofan AADL specification based on the behavior it shows. The simulator would expect an AADLspecification of a software system as an input and simulate the dynamic execution of that system.Before implementing the simulator, we introduce the problem area - safety-critical systems andAADL. Since AADL is used primarily in the automotive and aircraft industries, we have chosen todescribe a simplified flight control system for a plane. It should give the reader an initialunderstanding of the language without going into unnecessary detail about rarely used features.Part of the simulator is a compiler that reads the AADL specification, validates it and transforms itto a Java model. We take a look at the individual steps needed for that, with focus on parsing theinput. Therefore we review the different kinds of algorithms used for parsing and explore how theywork.We also make a detailed literature review of previous works in the area of AADL modeltransformations. Finally, we describe the analysis, design and implementation of the simulator andexamine a case study to test the prototype.
|
13 |
Explainable Neural Networks based Anomaly Detection for Cyber-Physical SystemsAmarasinghe, Kasun 01 January 2019 (has links)
Cyber-Physical Systems (CPSs) are the core of modern critical infrastructure (e.g. power-grids) and securing them is of paramount importance. Anomaly detection in data is crucial for CPS security. While Artificial Neural Networks (ANNs) are strong candidates for the task, they are seldom deployed in safety-critical domains due to the perception that ANNs are black-boxes. Therefore, to leverage ANNs in CPSs, cracking open the black box through explanation is essential.
The main objective of this dissertation is developing explainable ANN-based Anomaly Detection Systems for Cyber-Physical Systems (CP-ADS). The main objective was broken down into three sub-objectives: 1) Identifying key-requirements that an explainable CP-ADS should satisfy, 2) Developing supervised ANN-based explainable CP-ADSs, 3) Developing unsupervised ANN-based explainable CP-ADSs.
In achieving those objectives, this dissertation provides the following contributions: 1) a set of key-requirements that an explainable CP-ADS should satisfy, 2) a methodology for deriving summaries of the knowledge of a trained supervised CP-ADS, 3) a methodology for validating derived summaries, 4) an unsupervised neural network methodology for learning cyber-physical (CP) behavior, 5) a methodology for visually and linguistically explaining the learned CP behavior.
All the methods were implemented on real-world and benchmark datasets. The set of key-requirements presented in the first contribution was used to evaluate the performance of the presented methods. The successes and limitations of the presented methods were identified. Furthermore, steps that can be taken to overcome the limitations were proposed. Therefore, this dissertation takes several necessary steps toward developing explainable ANN-based CP-ADS and serves as a framework that can be expanded to develop trustworthy ANN-based CP-ADSs.
|
14 |
Facilitating Automated Compliance Checking of Processes against Safety StandardsCastellanos Ardila, Julieth Patricia January 2019 (has links)
A system is safety-critical if its malfunctioning could have catastrophic consequences for people, property or the environment, e.g., the failure in a car's braking system could be potentially tragic. To produce such type of systems, special procedures, and strategies, that permit their safer deployment into society, should be used. Therefore, manufacturers of safety-critical systems comply with domain-specific safety standards, which embody the public consensus of acceptably safe. Safety standards also contain a repository of expert knowledge and best practices that can, to some extent, facilitate the safety-critical system’s engineering. In some domains, the applicable safety standards establish the accepted procedures that regulate the development processes. For claiming compliance with such standards, companies should adapt their practices and provide convincing justifications regarding the processes used to produce their systems, from the initial steps of the production. In particular, the planning of the development process, in accordance with the prescribed process-related requirements specified in the standard, is an essential piece of evidence for compliance assessment. However, providing such evidence can be time-consuming and prone-to-error since it requires that process engineers check the fulfillment of hundreds of requirements based on their processes specifications. With access to suitable tool-supported methodologies, process engineers would be able to perform their job efficiently and accurately. Safety standards prescribe requirements in natural language by using notions that are subtly similar to the concepts used to describe laws. In particular, requirements in the standards introduce conditions that are obligatory for claiming compliance. Requirements also define tailoring rules, which are actions that permit to comply with the standard in an alternative way. Unfortunately, current approaches for software verification are not furnished with these notions, which could make their use in compliance checking difficult. However, existing tool-supported methodologies designed in the legal compliance context, which are also proved in the business domain, could be exploited for defining an adequate automated compliance checking approach that suits the conditions required in the safety-critical context. The goal of this Licentiate thesis is to propose a novel approach that combines: 1) process modeling capabilities for representing systems and software process specifications, 2) normative representation capabilities for interpreting the requirements of the safety standards in an adequate machine-readable form, and 3) compliance checking capabilities to provide the analysis required to conclude whether the model of a process corresponds to the model with the compliant states proposed by the standard's requirements. Our approach contributes to facilitating compliance checking by providing automatic reasoning from the requirements prescribed by the standards, and the description of the process they regulate. It also contributes to cross-fertilize two communities that were previously isolated, namely safety-critical and legal compliance contexts. Besides, we propose an approach for mastering the interplay between highly-related standards. This approach includes the reuse capabilities provided by SoPLE (Safety-oriented Process Line Engineering), which is a methodological approach aiming at systematizing the reuse of process-related information in the context of safety-critical systems. With the addition of SoPLE, we aim at planting the seeds for the future provision of systematic reuse of compliance proofs. Hitherto, our proposed methodology has been evaluated with academic examples that show the potential benefits of its use. / AMASS
|
15 |
Beyond the Big Red Button: Science Fiction as a Resource For Generating Novel Interaction Design Concepts For Emergency SituationsGobel, Balazs January 2014 (has links)
In this thesis I take up the challenge to see whether designers would benefit from using science fiction in order to extend their resources when generating novel interaction design concepts for emergency situations. I discuss the relationship between the nature of fiction and design, and trademarks for emergency situations. I choose four scenes from different media types to analyse, further ideate and evaluate in order to derive final concepts, which I submitted to user testing. I argue that designers may well take science fiction into consideration when generating novel interaction design concepts in a successful way.
|
16 |
Enhancing Safety in Critical Monitoring Systems: Investigating the Roles of Human Error, Fatigue, and Organizational Learning in Socio-Technical EnvironmentsLiu, Ning-Yuan 09 April 2024 (has links)
Modern complex safety-critical socio-technical systems (STSs) operate in an environment that requires high levels of human-machine interaction. Given the potential for catastrophic events , understanding human errors is a critical research area spanning disciplines such as management science, cognitive engineering, resilience engineering, and systems theory. However, a research gap remains when researching how errors impact system performance from a systemic perspective.
This dissertation employs a systematic methodology and develops models that explore the relationship between errors and system performance, considering both macro-organizational and micro-worker perspectives. In Essay 1, the focus is on how firms respond to serious errors (catastrophic events), by exploring the oscillation behavior associated with the organizational learning and forgetting theory. The proposed simulation model contributes to the organizational science literature with a comprehensive approach that assesses the firm's response time to "serious" errors when the firm has a focus on safety with established safety thresholds. All of these considerations have subsequent impact on future performance.
Essay 2 explores the relationship between safety-critical system's workers' workload, human error, and automation reliance for the Belgian railway traffic control center. Key findings include a positive relationship between traffic controller performance and workload, and an inverted U-shaped relationship with automation usage. This research offers new insights into the effects of cognitive workload and automation reliance in safety-critical STSs. Essay 3 introduces a calibrated System Dynamics model, informed by empirical data and existing theories on workload suboptimality. This essay contributes to the managerial understanding of workload management, particularly the feedback mechanism between operators' workload and human errors, which is driven by overload and underload thresholds. The model serves as a practical tool for managerial practitioners to estimate the likelihood of human errors based on workload distributions.
Overall, this dissertation presents an interdisciplinary and pragmatic approach, blending theoretical and empirical methodologies. Its broad impacts extend across management science, cognitive engineering, and resilience engineering, contributing significantly to the understanding and management of safety-critical socio-technical systems. / Doctor of Philosophy / This dissertation is motivated by the increasing autonomy in infrastructure systems designed to enhance safety performance. Yet paradoxically, we continue to witness system failures leading to catastrophic disasters. High-profile incidents such as the Metro-North train derailment in New York City, the Boeing 737 MAX plane crashes, and the Challenger and Columbia space shuttle accidents highlight this contradiction. This research delves into safety-critical systems where the intricate collaboration between humans and machines is crucial, and where even minor human errors can lead to disastrous consequences.
This dissertation is presented in three parts. In the first part I examine how firms react to serious errors. The study focuses on their learning processes following safety incidents and the potential for these lessons to be forgotten over time. I introduced a simulation model grounded in the organizational science literature, offering deeper insights into how companies respond to errors, including changes in safety focus, safety culture, and policy, and the impact of these factors on future company's performance.
The second part shifts to a worker-centered perspective, exploring the relationship between workload, performance, and automation usage among traffic controllers. The findings indicate that while performance can improve with an increase in workload up to a certain threshold, excessive reliance on automation may lead to a decline in performance. This part of the study sheds light on how cognitive workload and technology usage influence operators in safety-critical roles. The final part of the dissertation presents another simulation model, this time focusing on how workload, and the resulting stress and boredom due to workload, influence the likelihood of errors. Utilizing real operational data from the Belgian railway transportation system, this model aids managers in understanding how to optimally balance workloads to minimize error risks.
Overall, this dissertation takes an interdisciplinary and pragmatic approach, merging theoretical concepts with empirical data. Its extensive impact spans management science, cognitive engineering, and resilience engineering, significantly enhancing our comprehension and management of safety-critical socio-technical systems.
|
17 |
Kontroll över informationsspridning vid outsourcing av underhåll för säkerhetskritiska system : En fallstudie inom industrisektornTörnell, Louise, Myr, Maja January 2019 (has links)
Outsourcing of the maintenance activities related to safety-critical systems poses several challenges, where unauthorised access can lead to severe consequences in terms of data vulnerability and huge income lost. Companies can prevent the dissemination of information by managing security, which also contributes to economic and social sustainability. The purpose of the study was to investigate how organizations in the industrial sector deal with the issues of information dissemination in the outsourcing of maintenance activities related to safety-critical systems. To study the area, eleven companies have been interviewed where the results have been compiled in a cross-case analysis, which has been analysed against previous research. The study shows that there are several factors leading to an increased risk of undesired dissemination. Furthermore, the study has resulted in a model for managing control over the dissemination of information in the outsourcing of maintenance for safety-critical systems.
|
18 |
Método de modelagem e verificação formal aplicado a sistemas de tráfego aéreo. / Modeling and formal verification method applied to air traffic systems.Costa, Rafael Leme 03 August 2018 (has links)
O desenvolvimento de sistemas críticos é atualmente um dos problemas mais desafiadores enfrentados pela Engenharia. Há frequentemente uma pressão para se reduzir o tempo total de desenvolvimento, o que dificulta a entrega de sistemas com um mínimo aceitável de defeitos. Nos últimos anos, houve um aumento no tráfego aéreo, o que demanda uma modernização dos sistemas de tráfego aéreo atuais, muito dependentes na figura do controlador. Sistemas de tráfego aéreo são sistemas considerados críticos em segurança e de tempo real. O objetivo do presente trabalho é estabelecer um método de modelagem e verificação formal para sistemas críticos, com aplicação no domínio de tráfego aéreo. Com a adoção de técnicas de modelagem e verificação formal, pretende-se garantir a corretude dos sistemas frente aos requisitos inicialmente especificados e a detecção de erros em fases mais iniciais do projeto, o que resultaria em menores custos envolvidos na sua correção. São fornecidas diretivas para a aplicação do método através de um estudo de caso, baseado em três módulos de um sistema ATC em baixo nível de abstração, para a validação do funcionamento de módulos de software. Para verificação formal, é utilizada a ferramenta NuSMV e as propriedades a serem verificadas são descritas na lógica computacional de árvore (CTL) para garantir que o sistema satisfaça requisitos dos tipos vivacidade e segurança. / Developing safety critical systems is one of the most challenging problems in Engineering nowadays. There is usually a pressure to reduce the total time of the development, what makes it difficult to deliver systems with an acceptable low level of defects. In the recent years, there has been an increase in air trffic, what demands a modernization in the current air traffic systems, which are very dependent on the human controller. Air traffic systems are considered safety critical and real time systems. The objective of the present work is to establish a modeling and formal verification method for critical systems, applicable to the air traffic domain. By adopting modeling and formal verification techniques, it is expected to ensure the systems\' correctness compared with the initially specified requirements and the error detection in the initial phases of the project. Guidelines are provided for applying the method by means of a case study, based in three modules of and ATC system in a low abstraction level, for the validation of the operation of software modules. For the formal verification, it is used the NuSMV tool and the properties to be checked are described in the computational tree logic (CTL) to ensure that the system satisfies requirements of liveness and safety types.
|
19 |
Handling modifiability as an integrated part of developmentHervik, John Inge January 2004 (has links)
<p>It is not unusual that software systems are redeveloped when the systems environment changes or new requirements to functionality are found. The reason for this is that system evolution is usually not considered during the initial development of a system.</p><p>In this report we propose a development process focusing on modifiability in security-safety critical systems. The process is based on the standard IEC 61508 Functional safety of electrical/electronic/programmable electronic safety-related systems and the CORAS framework for model-based risk assessment. We focus on integrating modifiability as a non-functionality and extend the development process with an architecture and design phase. Modifiability is addressed using Architecture Tradeoff Analysis Method (ATAM) and Attribute Driven Design (ADD). An evaluation of this process is given by redeveloping a prototype for an already existing security-critical system using the approaches given by the process. The main result from the evaluation showed that we where able to obtain a higher level of modifiability than the original prototype, without compromising the functionality and safety level required.</p>
|
20 |
Handling modifiability as an integrated part of developmentHervik, John Inge January 2004 (has links)
It is not unusual that software systems are redeveloped when the systems environment changes or new requirements to functionality are found. The reason for this is that system evolution is usually not considered during the initial development of a system. In this report we propose a development process focusing on modifiability in security-safety critical systems. The process is based on the standard IEC 61508 Functional safety of electrical/electronic/programmable electronic safety-related systems and the CORAS framework for model-based risk assessment. We focus on integrating modifiability as a non-functionality and extend the development process with an architecture and design phase. Modifiability is addressed using Architecture Tradeoff Analysis Method (ATAM) and Attribute Driven Design (ADD). An evaluation of this process is given by redeveloping a prototype for an already existing security-critical system using the approaches given by the process. The main result from the evaluation showed that we where able to obtain a higher level of modifiability than the original prototype, without compromising the functionality and safety level required.
|
Page generated in 0.0459 seconds