nSafeCer WP500 Ramp-up Automotive and Construction Equipment Demonstrators
-
Upload
hunter-everett -
Category
Documents
-
view
28 -
download
0
description
Transcript of nSafeCer WP500 Ramp-up Automotive and Construction Equipment Demonstrators
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Safety Certification of Software-intensive Systems with Reusable Components
Sept 25-27, 2013 Riga
nSafeCer WP500Ramp-up Automotive and
Construction Equipment Demonstrators
Riga, nSafeCer-Workshop, Day3, 27-09-2013, 13:30h – 14:50h
Helmut Martin, ViF, WP500 leaderRoland Mader, AVL, WP520 leader
Jonny Vinter, SP, WP540 leaderUlf Olsson, VCE, WP550 leader
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 2 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
Introduction of AT & CE Demonstrators
HEV Powertrain Use Case
AUTOSAR BSW Use Case
Construction Equipment Evaluation
Open Discussion
Agenda
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 3 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
Introduction Introduction of AT & CE Demonstratorsof AT & CE Demonstrators
HEV Powertrain Use Case
AUTOSAR BSW Use Case
Construction Equipment Evaluation
Open Discussion
Agenda
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 4 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
Overview of use cases:
o HEV Powertrain Use Case (AVL/ViF)
o BSW Module Use Case (SP)
o Construction Equipment Evaluation (VCE)
Introduction of CE together with AT o Best practices concerning similarities with automotive systems
o Distributed development requires aligned processes
o Cover CE domain specifics
Use cases provides different aspects of the safety life cycle
Introduction of AT & CE Demonstrators (1/4)
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 5 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
Each demonstrator covers different use case scenarios of SafeCer’s methods and tools
Introduction of AT & CE Demonstrators (2/4)
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 6 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
Introduction of AT & CE Demonstrators (3/4) Evaluation plan over SafeCer project Intermediate evaluation of achievements Presenting and discussing demonstrator results Synchronisation points with other WPs
o methods, tools, other demonstrators
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 7 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
Introduction of AT & CE Demonstrators (4/4) Evaluation of Use Case Results Coverage of requirements and maturity of demonstrator use cases
o Each demonstrator covers specific number of SafeCer requirementso Evaluation of requirements at intermediate milestones and project end
Number of …o Publications at scientific and industrial conferenceso Contributions to scientific or industrial workshopso Completed diploma or master thesis
DM3DM3
DM4DM4
DM5DM5
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 8 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
Introduction of AT & CE Demonstrators
HEV Powertrain Use CaseHEV Powertrain Use Case
AUTOSAR BSW Use Case
Construction Equipment Evaluation
Open Discussion
Agenda
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 10 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
Advanced featureso Fuel economy or drivability
Faults and failureso Hazardso Cause harm
Safety-relevant: ISO 26262o Safety arguingo Tool qualificationo Safety analyseso Model-based safety engineering
EMS…Engine Management SystemCCU…Clutch Control UnitHCU…Hybrid Control UnitTCU…Transmission Control UnitMCU…Motor Control UnitBMS…Battery Management System
HEV Powertrain Use Case - Background
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 11 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
Specificationo Conception and Specification of Use Case PMTC – Review o D501.1 D521.1o Relase planned nSCM18 (09/2013)
Methodso Safety Modeling – First experiences in SysML modeling o Safety Analysis – Concept Phase work in progress
Tool Integration in CTF&CARo MDS: Meta X integrated in CTF&CAR o CEA List: Diversity integrated in CTF&CAR
ARTIMon
Evaluation of demonstrator o First preliminary evaluation planned for nSC M19 (10/2013)
HEV Powertrain Use Case - Status
IN REVIEW
WORKING
WORKING
WORKING
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 12 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
HEV Powertrain Use Case - Tool: MetaX MDS MetaX mapping toolo Supports traceability
Between heterogeneous fragments of information
Over different tools Semantics relationships
o Change impact analysis Refined precision (fragments) Identify impacted elements Guarantee consistency between
coupled structured hierarchical elements
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 13 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
HEV Powertrain Use Case - Tool: MetaX MDS MetaX mapping toolo Supports traceability
Between heterogeneous fragments of information
Over different tools Semantics relationships
o Change impact analysis Refined precision (fragments) Identify impacted elements Guarantee consistency between
coupled structured hierarchical elements
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 14 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
HEV Powertrain Use Case - Tool: MetaX Mapping of design elements
Declaration and formalization of the existing relationships between fragments of artifacts involved in the development (requirements, specifications, models, source code, etc.).
Forward and backward traceability
Static safety analysis, e.g. coverage and consistency checks, by exploiting the traceability links declared between artifacts.
Change impact analysis
Assessment of the impacts implied by a given modification of an artifact at any level of the flow.
Interfacing to requirements management toolsSupport of the Requirement Interchange Format (ReqIF) standard in order to interface with widespread requirements management tools
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 15 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
HEV Powertrain Use Case - Tool: ARTImon Analyses a flow of dated observations in order to detect hazards
expressed in formal entry language
A flow may be obtained from:o instrumentation of a physical objecto simulation of a model o execution of a code
Useful for: o design process of complex systems, o models validation, o systems testing.
Used in embedded component for control or diagnostic.
Operates in continuous time or in logical time mode
No limitation about the length of flow (memory is bounded & predictable)
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 16 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
HEV Powertrain Use Case - Tool: Safety Ext. AVL Safety Extensions as Addin for Enterprise Architect 9.3
Specific language enhancement of SysML1.1 – AVL Meta Model
Meta Model and Addin Features support:o Item Definitiono Hazard Analysis & Risk Assessmento Functional Safety Concepto Technical Safety Concept
Interface to Requirement Management System
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 17 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
MetaX (MDS)o First Functional Prototype is availableo Integration in CTF & CAR under investigation
ARTiMon (CEA)o CTF: ARTiMon plugged to any simulator or running device;
producing a trace and check real time oriented propertieso CAR: ARTiMon is a C library with a simple API (refresh variable values 6 time)
No input format is stricly imposed wrapper/driver/parser has to be developed for each format/environment
Safety Extension (AVL)o Integration in CTF and CAR as a future perspectiveo At first integration at conceptual level aspiredo Restrictions of Enterprise Architect need to be consideredo Potential of integration still under evaluation
HEV Powertrain Use Case - CTF & CAR usage
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 18 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
MDS MetaX:o Provide traceability information to the CAR ? (TBC)
o Interface with CTF ? (TBC)
AVL Safety Extension:o Integration in CTF and CAR as a future perspective (TBC)
ViF - Integration of other supporting tools to CTF and CAR?o E.g. Enterprise Architect or APIS IQ FMEA
HEV Powertrain Use Case - Open issues
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 19 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
Introduction of AT & CE Demonstrators
HEV Powertrain Use Case
AUTOSAR BSW Use CaseAUTOSAR BSW Use Case
Construction Equipment Evaluation
Open Discussion
Agenda
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 20 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
There are four task identified in the use case
One task is completely allocated to Akhela
The other three are incremental in nature, i.e. the tools, methods and results are reused in the next task.
Therefore we can concentrate on “Validity of safety certification when moving BSW to different contexts” (first task) to ascertain status.
Background of AUTOSAR BSW module Use Case
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 21 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
“Validity of safety certification when moving BSW to different contexts” contains
o Tool used and developed is SaftyADD Eclipse plugin attaches currently empty safety contract container to source code.
o Method used is Safety Contracts from component model Currently main focus, investigating the appearance, rules and content of the safety contract
container
o BSW module to be analyzed is AUTOSAR diagnostics Source code candidate identified
Status of AUTOSAR BSW module Use Case
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 22 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
Schematic view of SafetyADD
Status of SafetyADD tool AUTOSAR BSW module Use Case
Focus now is on formulation of the rule set governing the automatic compliance check of assume and guarantee to be implemented in
the tool SafetyADD
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 23 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
SafetyADD
Status of SafetyADD tool AUTOSAR BSW module Use Case
When the development and testing of a SWC is done, it is time to export thesoftware component for possible reuse at a later time. (stored in CAR)
This is a view of the general properties of the SWC that can be edited
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 24 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
Status of tool AUTOSAR BSW module Use Case (Akhela)
Akhela uses Parasoft C++ Test that supports some default standard coding rules (i.e. MISRA C or C++)And also map AUTOSAR BSW requirements mapped onto ISO26262, with custom made
rules for checking
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 25 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
CTF interaction minimal, launchable from platform only.
CAR will hopefully enable storage and traceability of the certification artifacts and their dependencies.oThe SafetyADD tool relates each software component to a component certificate via a contract; these contracts are in in the form of rules implemented in XML format not yet integrated in CAR.
CTF & CAR useage in AUTOSAR BSW module Use Case
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 26 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
How and when will Safety Contracts be integrated in CAR
A wider cooperation/discussion of practical usage of Safety Contracts
Open issues of AUTOSAR BSW module Use Case
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 27 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
Introduction of AT & CE Demonstrators
HEV Powertrain Use Case
AUTOSAR BSW Use Case
Construction Equipment EvaluationConstruction Equipment Evaluation
Open Discussion
Agenda
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 28 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
The Volvo CE Use case consists of four incremental parts
Product development according to ISO 26262 process followingo Concept Phase
o Product development at System level
o Product development at Hardware level
o Product development at Software level
Development of a Component model concept including Safety Contracts and Safety Element out of Context
Development of a Product line concept on top of the Component model
Status of Volvo CE Use Case - Background
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 29 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
The Volvo CE Use case consists of four incremental parts
Product development according to ISO 26262 process followingo Concept Phase
o Product development at System level
o Product development at Hardware level
o Product development at Software level
Development of a Component model concept including Safety Contracts and Safety Element out of Context
Development of a Product line concept on top of the Component model
Status of Volvo CE Use Case – Current Status
Ending Q3 Ending Q3 20132013
Ended Q2 Ended Q2 20132013
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 30 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
Toolso MoMuTo WEFACT
CTF & CAR useage in Volvo CE Use Case
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 31 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
Process modelo Activity patterns
Open issues of Volvo CE Use Case
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 32 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
Component modelo Different levels and languages
SYSML UML Simulink
o Safety Contracts
Open issues of Volvo CE Use CaseWheel loader
Breaking system Steering system Lifting Unit system Propulsion Interior system
Engine systemTransmission
system
Loader arm movement
Bucket movement (Tilting)
Lifting Unit Operator interface
Control lever
Control lever signal (up/down)
PWM controlLoader arm
position information
diagnostics information
PWM interlockingPMW control
signalPWM Valve
PWM control algorithm
PWM feed back signal
SY
SM
L/UM
LU
ML
UM
L/Sim
ulink
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 33 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
Toolso MoMuTo WEFACT
Open issues of Volvo CE Use Case
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 34 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
Feature model, Component model and Patterns
Open issues of Volvo CE Use Case
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 35 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
Introduction of AT & CE Demonstrators
HEV Powertrain Use Case
AUTOSAR BSW Use Case
Construction Equipment Evaluation
Open DiscussionOpen Discussion
Agenda
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 36 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga
Any improvements of cooperation across WPs?o Technology and Process providers WP100?
o Tool-providers WP200?
o Other demonstrator use case WP300/400/500/600? Application of SafeCer methods and tools
Share experience by using CTF&CAR
Evaluation of results
Open discussion for AT & CE demonstration
AVL List, Roland MaderVirtual Vehicle, Helmut Martin
Page 37 <logo>
ARTEMIS-2010-1 JU Grant Agreement number 269265
ARTEMIS-2011-1 JU Grant Agreement number 295373
Sept 25-27, 2013 Riga