Safety and Reliability Engineering Part 1: Introduction€¦ · · 2009-05-05Safety and...
Transcript of Safety and Reliability Engineering Part 1: Introduction€¦ · · 2009-05-05Safety and...
Safety and Reliability EngineeringPart 1: Introduction
Prof. Dr.-Ing. Stefan Kowalewski
Chair “Informatik 11”, Embedded Software LaboratoryRWTH Aachen University
Summer term 2006
Organisational issues /2
Website:
www-i11.informatik.rwth-aachen.de,Lehre / Sommersemester 2006,Safety and Reliability Engineering
- Announcements
- Slides
- Links
- Forum
Safety and Reliability EngineeringPart 1: Introduction, Slide 2
© Stefan Kowalewski, 21 April 2005
Organisational issues
Right lecture for you?
- Diplom Informatik / Praktische Informatik
- Diplom Informatik / Vertiefungsgebiet Software für eingebettete Systeme
- MSc Software Systems Engineering
- MSc Software Systems Engineering / Specialization AreaEmbedded Systems
- MSc Media Informatics
- ERASMUS
Safety and Reliability EngineeringPart 1: Introduction, Slide 3
© Stefan Kowalewski, 21 April 2005
Organisational issues /3
Dates:
- Lecture Wednesday, 10:00-11:30, AH III
- Exercises Thursday, 13:30 – 15:00, AH III, Start: 20.04.06
Exercises:
- Depending on number of participants either one or two groups
- List will be circulated right now.
Video recording of last year‘s lecture:
www-i11.informatik.rwth-aachen.de,Lehre / Sommersemester 2005,Safety and Reliability Engineering
Safety and Reliability EngineeringPart 1: Introduction, Slide 4
© Stefan Kowalewski, 21 April 2005
Organisational issues /4
No lectures:- 7 June 2006 (Excursion week)
- 14 June 2006 (Dies)
Dates and places for written examination (no oral exams):
- MSc Software Systems Engineering (4 ECTS) &Übungsschein Diplom Informatik:
Wednesday, 12 July 2006, 10:00 – 11:30, Room AH III
Safety and Reliability EngineeringPart 1: Introduction, Slide 5
© Stefan Kowalewski, 21 April 2005
Tutor:
Contact: [email protected]: Room 2319, RWTH Aachen
Organisational issues /5
Andreas Polzer
Safety and Reliability EngineeringPart 1: Introduction, Slide 6
© Stefan Kowalewski, 21 April 2005
Lecturer
Prof. Dr. Stefan Kowalewski
- 1990 Diplom degree in electrical engineering from theUniversity of Karlsruhe
- 1995 PhD, Department of Chemical Engineering,University of Dortmund
- 2000 – 2003Head of research group (foundations ofsoftware technology) at Corporate Research andAdvanced Engineering at Robert Bosch GmbH,Frankfurt am Main
- 2003 Habilitation in Control and Safety Engineering, University of Dortmund
- Since 11/2003Professor for Embedded Software, RWTH
Safety and Reliability EngineeringPart 1: Introduction, Slide 7
© Stefan Kowalewski, 21 April 2005
By colleagues:Prof. Mantel (i4) Formal Methods for Information Security
This semester by i11:Embedded Software Engineering, Tuesday, 10:00, AH IIFormale Methoden für eingebettete Systeme (in German), Thursday, 10:00, AH I
Winter term:Introduction to Embedded SystemsDynamic Systems for Computer Scientists
Possible additions for specialization area:Prof. Lichter: SW Quality Assurance and Project MangementProf. Abel (FB 4): Rapid Control Prototyping (in German)
Related lectures
Safety and Reliability EngineeringPart 1: Introduction, Slide 8
© Stefan Kowalewski, 21 April 2005
Literature
The lecture will not be following one single book.Books which cover aspects of the lecture (but also much more) are forexample:- N. Storey: Safety-critical computer systems. Prentice Hall, 1996.- N. Leveson: Safeware. Addison-Wesley, 2001.- J. Barnes: High integrity software. Addison-Wesley, 2003.- K. Simpson, D. Smith: Functional Safety. Elsevier, 2004.- A. Birolini: Reliability Engineering. Springer, 2004.- S. Montenegro: Sichere und fehlertolerante Steuerungen. Hanser,
1999.More to be added on website.
Interesting link:- http://catless.ncl.ac.uk/Risks
Safety and Reliability EngineeringPart 1: Introduction, Slide 9
© Stefan Kowalewski, 21 April 2005
Lecture Contents
Analysis and design methods for achieving safety and reliability of software-intensive embedded systems
Safety and Reliability EngineeringPart 1: Introduction, Slide 10
© Stefan Kowalewski, 21 April 2005
Agenda:Introduction (this lecture)(organisational issues, context, motivation) Terminology (next lecture)Reliability/Availability(measurement, modeling, analysis, prediction,design principles)Safety(requirements, assessment, analysis techniques, design for safety, safety lifecycle, IEC 61508)
Lecture Contents
Analysis and design methods for achieving safety and reliability of software-intensive embedded systems
Safety and Reliability EngineeringPart 1: Introduction, Slide 11
© Stefan Kowalewski, 21 April 2005
⇒What is an embedded system?Precise meaning of safety and reliability?
Lecture Contents
Analysis and design methods for achieving safety and reliability of software-intensive embedded systems
Safety and Reliability EngineeringPart 1: Introduction, Slide 12
© Stefan Kowalewski, 21 April 2005
What is an embedded system?
User EnvironmentPeopleEmbedded
System
Embedding System
Embedded System =
A computer system which is integrated into another system, theembedding system. The requirements for the embedded systemmust be derived from the requirements for the embedding system.
Examples?
Safety and Reliability EngineeringPart 1: Introduction, Slide 13
© Stefan Kowalewski, 21 April 2005
Examples of embedding systems
Safety and Reliability EngineeringPart 1: Introduction, Slide 14
© Stefan Kowalewski, 21 April 2005
Differences to “desktop“ computing?
Interaction with physical environmentClosed loopNo or very restricted human/computer interfaceNo or very restricted maintenance possibilitiesPart of competitively priced products (high volumes)Tight resource constraintsOften special hardwarePart of engineering productHigh product generation frequencyOften many variants Malfunction may lead to damage
Safety and Reliability EngineeringPart 1: Introduction, Slide 15
© Stefan Kowalewski, 21 April 2005
Current situation in the embedded systems industries
Increasing propagation of embedded systems into most economical areasIncreasing integration and networking of systemsIncreasing complexityShorter development cyclesIncreasing resource constraintsIncreasing importance of software compared to hardware
⇒Traditional industries (automotive, rail, aerospace, appliances, health care …) have not been prepared for this paradigm shift.
⇒ Increasing quality problems.
Safety and Reliability EngineeringPart 1: Introduction, Slide 16
© Stefan Kowalewski, 21 April 2005
Examples (1)
DETROIT April 2, 2004 . GM will recall 12,329 Cadillac SRXsequipped with all-wheel drive, including 11,375 in the United States, following two reports of a one-second delay in theanti-lock brakes activating to stop the vehicle, spokesmanJim Schell said.The problem, due to a software anomaly, only occurs duringthe first few seconds of driving when the SUV is movingslowly, he said. One owner crashed his SRX into his garagewall following the brake delay, but was uninjured.
Source: www.theautochannel.com/news/2004/04/02/187644.html
Safety and Reliability EngineeringPart 1: Introduction, Slide 17
© Stefan Kowalewski, 21 April 2005
Examples (2)
Safety and Reliability EngineeringPart 1: Introduction, Slide 18
© Stefan Kowalewski, 21 April 2005
Examples (3)
Safety and Reliability EngineeringPart 1: Introduction, Slide 19
© Stefan Kowalewski, 21 April 2005
Examples (4)Safety and Reliability Engineering
Part 1: Introduction, Slide 2021 April 2005
Quelle: HALLO –Das Magazin,Ausgabe 09/03
www.hallo-das-magazin.de
Examples (5)
Frequent delays of SOP (start of production) of new car modelsIncrease of software/electronics related breakdowns by 23% from 1998 to 2001.Tilting train “Pendolino“: Four years after commissioning in Germany, 11 out of 15 trains are still shut down.ICE 3 high speed train: Failures of the bord computer caused the air conditioning to shut down.Autumn 2004: Wheel glide protection failed in regional trains causing massive delays.
Safety and Reliability EngineeringPart 1: Introduction, Slide 21
© Stefan Kowalewski, 21 April 2005
Examples (6)
A computer problem on the Canadian Air Transat flight caused an emergency landing in the Azores last summer. Apparently, as earlyreports describe, a "computer program" incorrectly reported a fuelleak as an "imbalance". To correct the "imbalance" the "computerprogram" diverted fuel from a good tank to the tank that was leaking thus both tanks were emptied. Inflight. The skill of the pilotand the availability of an island with an airport in the Atlantic Ocean averted a disaster.
Source: Canadian Press, *Toronto Globe and Mail*, *Toronto Star*, & other Canadian newspapersTaken from John Johnson, Risk Forum, 4 March 2002
Safety and Reliability EngineeringPart 1: Introduction, Slide 22
© Stefan Kowalewski, 21 April 2005
⇒What is an embedded system?Precise meaning of safety and reliability?
Lecture Contents
Analysis and design methods for achieving safety and reliability of software-intensive embedded systems
Safety and Reliability EngineeringPart 1: Introduction, Slide 23
© Stefan Kowalewski, 21 April 2005
Precise meaning of safety and reliability?
What is the difference between safety and reliability?Is a safe system necessarily a reliable system?Is a reliable system necessarily a safe system?
Safety and Reliability EngineeringPart 1: Introduction, Slide 24
© Stefan Kowalewski, 21 April 2005
Precise meaning of safety and reliability?
What is the difference between safety and reliability?Is a safe system necessarily a reliable system?Is a reliable system necessarily a safe system?
⇒ Terminology is important!
Safety and Reliability EngineeringPart 1: Introduction, Slide 25
© Stefan Kowalewski, 21 April 2005
Further terminology
English:Security (difference to safety?)Availability (difference to reliability?)Dependability (difference to reliability?)Failure, fault, error, defect, bug, malfunction, …
German:ZuverlässigkeitVerfügbarkeitVerlässlichkeitFehler, Ausfall, Versagen, Defekt, Fehlfunktion ….
⇒ Precise definitions in the next lecture
Safety and Reliability EngineeringPart 1: Introduction, Slide 26
© Stefan Kowalewski, 21 April 2005