nSafeCer WP500 Ramp-up Automotive and Construction Equipment Demonstrators

36
ARTEMIS-2010-1 JU Grant Agreement number 269265 ARTEMIS-2011-1 JU Grant Agreement number 295373 Safety Certification of Software- intensive Systems with Reusable Components Sept 25-27, 2013 Rig nSafeCer WP500 Ramp-up Automotive and Construction Equipment Demonstrators Riga, nSafeCer-Workshop, Day3, 27-09-2013, 13:30h – 14:50h Helmut Martin, ViF, WP500 leader Roland Mader, AVL, WP520 leader Jonny Vinter, SP, WP540 leader Ulf Olsson, VCE, WP550 leader

description

nSafeCer WP500 Ramp-up Automotive and Construction Equipment Demonstrators Riga, nSafeCer-Workshop, Day3, 27-09-2013, 13:30h – 14:50h. Helmut Martin, V iF, WP500 leader Roland Mader, AVL, WP520 leader. Jonny Vinter, SP, WP540 leader Ulf Olsson, VCE, WP550 leader. Agenda. - PowerPoint PPT Presentation

Transcript of nSafeCer WP500 Ramp-up Automotive and Construction Equipment Demonstrators

Page 1: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Safety Certification of Software-intensive Systems with Reusable Components

Sept 25-27, 2013 Riga

nSafeCer WP500Ramp-up Automotive and

Construction Equipment Demonstrators

Riga, nSafeCer-Workshop, Day3, 27-09-2013, 13:30h – 14:50h

Helmut Martin, ViF, WP500 leaderRoland Mader, AVL, WP520 leader

Jonny Vinter, SP, WP540 leaderUlf Olsson, VCE, WP550 leader

Page 2: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 2 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

Introduction of AT & CE Demonstrators

HEV Powertrain Use Case

AUTOSAR BSW Use Case

Construction Equipment Evaluation

Open Discussion

Agenda

Page 3: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 3 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

Introduction Introduction of AT & CE Demonstratorsof AT & CE Demonstrators

HEV Powertrain Use Case

AUTOSAR BSW Use Case

Construction Equipment Evaluation

Open Discussion

Agenda

Page 4: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 4 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

Overview of use cases:

o HEV Powertrain Use Case (AVL/ViF)

o BSW Module Use Case (SP)

o Construction Equipment Evaluation (VCE)

Introduction of CE together with AT o Best practices concerning similarities with automotive systems

o Distributed development requires aligned processes

o Cover CE domain specifics

Use cases provides different aspects of the safety life cycle

Introduction of AT & CE Demonstrators (1/4)

Page 5: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 5 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

Each demonstrator covers different use case scenarios of SafeCer’s methods and tools

Introduction of AT & CE Demonstrators (2/4)

Page 6: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 6 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

Introduction of AT & CE Demonstrators (3/4) Evaluation plan over SafeCer project Intermediate evaluation of achievements Presenting and discussing demonstrator results Synchronisation points with other WPs

o methods, tools, other demonstrators

Page 7: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 7 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

Introduction of AT & CE Demonstrators (4/4) Evaluation of Use Case Results Coverage of requirements and maturity of demonstrator use cases

o Each demonstrator covers specific number of SafeCer requirementso Evaluation of requirements at intermediate milestones and project end

Number of …o Publications at scientific and industrial conferenceso Contributions to scientific or industrial workshopso Completed diploma or master thesis

DM3DM3

DM4DM4

DM5DM5

Page 8: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 8 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

Introduction of AT & CE Demonstrators

HEV Powertrain Use CaseHEV Powertrain Use Case

AUTOSAR BSW Use Case

Construction Equipment Evaluation

Open Discussion

Agenda

Page 9: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 10 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

Advanced featureso Fuel economy or drivability

Faults and failureso Hazardso Cause harm

Safety-relevant: ISO 26262o Safety arguingo Tool qualificationo Safety analyseso Model-based safety engineering

EMS…Engine Management SystemCCU…Clutch Control UnitHCU…Hybrid Control UnitTCU…Transmission Control UnitMCU…Motor Control UnitBMS…Battery Management System

HEV Powertrain Use Case - Background

Page 10: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 11 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

Specificationo Conception and Specification of Use Case PMTC – Review o D501.1 D521.1o Relase planned nSCM18 (09/2013)

Methodso Safety Modeling – First experiences in SysML modeling o Safety Analysis – Concept Phase work in progress

Tool Integration in CTF&CARo MDS: Meta X integrated in CTF&CAR o CEA List: Diversity integrated in CTF&CAR

ARTIMon

Evaluation of demonstrator o First preliminary evaluation planned for nSC M19 (10/2013)

HEV Powertrain Use Case - Status

IN REVIEW

WORKING

WORKING

WORKING

Page 11: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 12 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

HEV Powertrain Use Case - Tool: MetaX MDS MetaX mapping toolo Supports traceability

Between heterogeneous fragments of information

Over different tools Semantics relationships

o Change impact analysis Refined precision (fragments) Identify impacted elements Guarantee consistency between

coupled structured hierarchical elements

Page 12: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 13 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

HEV Powertrain Use Case - Tool: MetaX MDS MetaX mapping toolo Supports traceability

Between heterogeneous fragments of information

Over different tools Semantics relationships

o Change impact analysis Refined precision (fragments) Identify impacted elements Guarantee consistency between

coupled structured hierarchical elements

Page 13: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 14 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

HEV Powertrain Use Case - Tool: MetaX Mapping of design elements

Declaration and formalization of the existing relationships between fragments of artifacts involved in the development (requirements, specifications, models, source code, etc.).

Forward and backward traceability

Static safety analysis, e.g. coverage and consistency checks, by exploiting the traceability links declared between artifacts.

Change impact analysis

Assessment of the impacts implied by a given modification of an artifact at any level of the flow.

Interfacing to requirements management toolsSupport of the Requirement Interchange Format (ReqIF) standard in order to interface with widespread requirements management tools

Page 14: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 15 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

HEV Powertrain Use Case - Tool: ARTImon Analyses a flow of dated observations in order to detect hazards

expressed in formal entry language

A flow may be obtained from:o instrumentation of a physical objecto simulation of a model o execution of a code

Useful for: o design process of complex systems, o models validation, o systems testing.

Used in embedded component for control or diagnostic.

Operates in continuous time or in logical time mode

No limitation about the length of flow (memory is bounded & predictable)

Page 15: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 16 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

HEV Powertrain Use Case - Tool: Safety Ext. AVL Safety Extensions as Addin for Enterprise Architect 9.3

Specific language enhancement of SysML1.1 – AVL Meta Model

Meta Model and Addin Features support:o Item Definitiono Hazard Analysis & Risk Assessmento Functional Safety Concepto Technical Safety Concept

Interface to Requirement Management System

Page 16: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 17 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

MetaX (MDS)o First Functional Prototype is availableo Integration in CTF & CAR under investigation

ARTiMon (CEA)o CTF: ARTiMon plugged to any simulator or running device;

producing a trace and check real time oriented propertieso CAR: ARTiMon is a C library with a simple API (refresh variable values 6 time)

No input format is stricly imposed wrapper/driver/parser has to be developed for each format/environment

Safety Extension (AVL)o Integration in CTF and CAR as a future perspectiveo At first integration at conceptual level aspiredo Restrictions of Enterprise Architect need to be consideredo Potential of integration still under evaluation

HEV Powertrain Use Case - CTF & CAR usage

Page 17: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 18 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

MDS MetaX:o Provide traceability information to the CAR ? (TBC)

o Interface with CTF ? (TBC)

AVL Safety Extension:o Integration in CTF and CAR as a future perspective (TBC)

ViF - Integration of other supporting tools to CTF and CAR?o E.g. Enterprise Architect or APIS IQ FMEA

HEV Powertrain Use Case - Open issues

Page 18: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 19 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

Introduction of AT & CE Demonstrators

HEV Powertrain Use Case

AUTOSAR BSW Use CaseAUTOSAR BSW Use Case

Construction Equipment Evaluation

Open Discussion

Agenda

Page 19: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 20 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

There are four task identified in the use case

One task is completely allocated to Akhela

The other three are incremental in nature, i.e. the tools, methods and results are reused in the next task.

Therefore we can concentrate on “Validity of safety certification when moving BSW to different contexts” (first task) to ascertain status.

Background of AUTOSAR BSW module Use Case

Page 20: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 21 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

“Validity of safety certification when moving BSW to different contexts” contains

o Tool used and developed is SaftyADD Eclipse plugin attaches currently empty safety contract container to source code.

o Method used is Safety Contracts from component model Currently main focus, investigating the appearance, rules and content of the safety contract

container

o BSW module to be analyzed is AUTOSAR diagnostics Source code candidate identified

Status of AUTOSAR BSW module Use Case

Page 21: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 22 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

Schematic view of SafetyADD

Status of SafetyADD tool AUTOSAR BSW module Use Case

Focus now is on formulation of the rule set governing the automatic compliance check of assume and guarantee to be implemented in

the tool SafetyADD

Page 22: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 23 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

SafetyADD

Status of SafetyADD tool AUTOSAR BSW module Use Case

When the development and testing of a SWC is done, it is time to export thesoftware component for possible reuse at a later time. (stored in CAR)

This is a view of the general properties of the SWC that can be edited

Page 23: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 24 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

Status of tool AUTOSAR BSW module Use Case (Akhela)

Akhela uses Parasoft C++ Test that supports some default standard coding rules (i.e. MISRA C or C++)And also map AUTOSAR BSW requirements mapped onto ISO26262, with custom made

rules for checking

Page 24: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 25 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

CTF interaction minimal, launchable from platform only.

CAR will hopefully enable storage and traceability of the certification artifacts and their dependencies.oThe SafetyADD tool relates each software component to a component certificate via a contract; these contracts are in in the form of rules implemented in XML format not yet integrated in CAR.

CTF & CAR useage in AUTOSAR BSW module Use Case

Page 25: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 26 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

How and when will Safety Contracts be integrated in CAR

A wider cooperation/discussion of practical usage of Safety Contracts

Open issues of AUTOSAR BSW module Use Case

Page 26: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 27 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

Introduction of AT & CE Demonstrators

HEV Powertrain Use Case

AUTOSAR BSW Use Case

Construction Equipment EvaluationConstruction Equipment Evaluation

Open Discussion

Agenda

Page 27: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 28 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

The Volvo CE Use case consists of four incremental parts

Product development according to ISO 26262 process followingo Concept Phase

o Product development at System level

o Product development at Hardware level

o Product development at Software level

Development of a Component model concept including Safety Contracts and Safety Element out of Context

Development of a Product line concept on top of the Component model

Status of Volvo CE Use Case - Background

Page 28: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 29 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

The Volvo CE Use case consists of four incremental parts

Product development according to ISO 26262 process followingo Concept Phase

o Product development at System level

o Product development at Hardware level

o Product development at Software level

Development of a Component model concept including Safety Contracts and Safety Element out of Context

Development of a Product line concept on top of the Component model

Status of Volvo CE Use Case – Current Status

Ending Q3 Ending Q3 20132013

Ended Q2 Ended Q2 20132013

Page 29: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 30 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

Toolso MoMuTo WEFACT

CTF & CAR useage in Volvo CE Use Case

Page 30: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 31 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

Process modelo Activity patterns

Open issues of Volvo CE Use Case

Page 31: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 32 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

Component modelo Different levels and languages

SYSML UML Simulink

o Safety Contracts

Open issues of Volvo CE Use CaseWheel loader

Breaking system Steering system Lifting Unit system Propulsion Interior system

Engine systemTransmission

system

Loader arm movement

Bucket movement (Tilting)

Lifting Unit Operator interface

Control lever

Control lever signal (up/down)

PWM controlLoader arm

position information

diagnostics information

PWM interlockingPMW control

signalPWM Valve

PWM control algorithm

PWM feed back signal

SY

SM

L/UM

LU

ML

UM

L/Sim

ulink

Page 32: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 33 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

Toolso MoMuTo WEFACT

Open issues of Volvo CE Use Case

Page 33: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 34 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

Feature model, Component model and Patterns

Open issues of Volvo CE Use Case

Page 34: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 35 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

Introduction of AT & CE Demonstrators

HEV Powertrain Use Case

AUTOSAR BSW Use Case

Construction Equipment Evaluation

Open DiscussionOpen Discussion

Agenda

Page 35: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 36 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga

Any improvements of cooperation across WPs?o Technology and Process providers WP100?

o Tool-providers WP200?

o Other demonstrator use case WP300/400/500/600? Application of SafeCer methods and tools

Share experience by using CTF&CAR

Evaluation of results

Open discussion for AT & CE demonstration

Page 36: nSafeCer WP500 Ramp-up Automotive and  Construction Equipment Demonstrators

AVL List, Roland MaderVirtual Vehicle, Helmut Martin

Page 37 <logo>

ARTEMIS-2010-1 JU Grant Agreement number 269265

ARTEMIS-2011-1 JU Grant Agreement number 295373

Sept 25-27, 2013 Riga