SAFETY CASES: ARGUING THE SAFETY OF AUTONOMOUS SYSTEMS SIMON BURTON DAGSTUHL,
|
|
- Chester Hall
- 5 years ago
- Views:
Transcription
1 SAFETY CASES: ARGUING THE SAFETY OF AUTONOMOUS SYSTEMS SIMON BURTON DAGSTUHL,
2 The need for safety cases Interaction and Security is becoming more than what happens when things break functional insufficiencies Security is becoming more than what happens when things are broken into exploit of functional insufficiencies Traditional Functional View of Causes of Hazards Random HW Hazard Systematic Systems View Hazard Current safety standards do not address these issues well, we need to argue safety from first principles Random HW Systematic Functional Insufficiencies Physical Collaboration Deliberate Manipulation Weakness exploits 2 CR/AEX CE-SRA Burton 17/02/2017
3 The need for safety cases Example: Questions to be answered by a safety case for machine learning. Are the functional and performance requirements on the ML function well defined? Is the operational profile well defined and understood? Is the ML technique the most effective algorithm for implementing the function? Is the residual risk associated with the ML function technique appropriate for the context? Have the training data led to a sufficiently accurate approximation of the target function? Has the probability of adversarial examples been minimised? Does the performance of the function during operational match its overall requirements? Does the distribution profile during operation match the assumptions made during training? What statistical performance statements can be extrapolated from system validation? Does the ML function operate within the integrated system context as expected? How effective are the tests at reasoning about the performance of the ML function? Is the execution platform (HW/SW) robust against systematic and random HW failures? Is sufficient rigor applied within the development process to ensure that processes and guidelines are followed when specifying, training and validating the ML functions? 3 CR/AEX CE-SRA Burton 17/02/2017
4 What is a safety case? (ISO 26262) Definition in ISO 26262, Part 1 (Vocabulary) Argument that the safety requirements for an item are complete and satisfied by evidence compiled from work products of the safety activities during development Definition in ISO 26262, Part 10 (Guidelines) The purpose of the safety case is to provide a clear, comprehensive and defensible argument, supported by evidence, that an item is free from unreasonable risk when operated in the intended context 4 CR/AEX CE-SRA Burton 17/02/2017
5 What is a safety case? (ISO 15026) Assurance Case (ISO Part 1 Vocabulary): reasoned, auditable artefact created that supports the contention that its top level claim (or set of claims), is satisfied, including systematic argumentation and its underlying evidence and explicit assumptions that support the claim(s) An assurance case consist of Claims Evidence Argumentation Justification Assumptions Assurance: Grounds for justified confidence that a claim has been or will be achieved. 5
6 Process vs. concept oriented cases Argument based on development approach (Process) Argument based on safety concept (Product) ISO xxxx plan case work products (evidence) case goals concept Follows structure of safety plan, Often documented as a structured list of work products Follows structure of safety concept, Includes rationale for technical decisions made in the project A combination of both approaches is effective 6
7 Goal Structuring Notation (GSN) Graphical notation that represents the elements of an assurance case and the relationships between them Shows how goals (claims) can be broken down into sub-goals until they can be supported by direct reference to available evidence Documents strategies adopted as well as context information, including assumptions and justifications Can be structured hierarchically and modularly Principle aim is to improve the comprehension of the assurance case thus enabling rigorous review and analysis Context <Context Identifier> <Reference to contextual information or statement> Strategy <If all sub goals are true then is sufficient to establish the claim that higher level goal is true> <Solution Identifier> <Reference to an evidence item or items> Goal <Presents a claim forming part of the argument> <Strategy identifier> <Describes the nature of inference between a goal and ist supporting goals> Evidence <Undeveloped sub goal> Assumption <Assumption Identifier> <Intentionally unsubstantiated statement> <Justification Identifier> <Statement of rationale> Justification A Sub-goal J 7
8 What makes a good safety case? The safety case should argue how the available evidence can be interpreted to argue: The sufficiency of the safety concept to maintain the safety goals The robustness, completeness and integrity of the development approach <Context Identifier> <Reference to contextual information or statement> <Presents a claim forming part of the argument> <Strategy identifier> <Describes the nature of inference between a goal and ist supporting goals> <Assumption Identifier> <Intentionally unsubstantiated statement> <Justification Identifier> <Statement of rationale> A J All assumptions related to the safety concept, have been identified, analysed and validated Diverse measures and sources of supporting evidence increase the strength of the argument Ideally a combination of structure (e.g. using GSN), explanatory text and referenced artefacts <If all sub goals are true then is sufficient to establish the claim that higher level goal is true> <Solution Identifier> <Reference to an evidence item or items> <Undeveloped sub goal> 8
9 Example (V.Incomplete) System Context Description of the classes of objects the robot can detect Requirements E.g. Derived from binding standards defining safeguards System Envelope E.g. physical limits of the system (e.g. camera resolution, braking distance, ) Passive friendly safety The robot will come to a stop (with a sufficiently high probability) if it detects a human in ist trajectory path with sufficient time to allow the human to also come to a stop Functional Requirements...Move from A to B Kinematic constraints Assumptions on environment Movement profiles of each class of moving object A Predict trajectory and come to a safe stop Argument over the technical approach taken E.g. Surfaces, Lighting, number of moving objects, other obstacles,... A Detection Accuracy Objects are detected and classified according to object movement profiles Includes argument for perception accuracy, training of machine learning algorithms, etc. Mathemati cal Proof Algorithms are principally sound Analysis of algorithms have demonstrated their fundamental ability to converge Algorithms are implemented correctly Verfication of the implemented algorithms Algorithms are valid in the systems context System level validation o the algorithms...rationale for properties being demonstrated... Published studies Peer Review Model checking Static analysis of code Software tests System tests Safe hardware All dangerous hardware failures occur with an acceptably low probability and detected at run time Includes technical hardware safety concept (e.g. redundancy), references to FMEA, FTAs, fault injection tests etc. 9 CR/AEX CE-SRA Burton 17/02/2017
10 Towards run-time dynamic safety cases Statically configured, closed loop systems Model-based system specification Upgradeability and connectivity Component-based safety contracts Open Context, full automation patterns for fail operational systems Cloud computing of safety functions Ad-hoc collaboration patterns for adaptive safety concepts Model-Based Systems and Security Engineering Challenges Formal verification of SW and system properties Formal validation of requirements models Formal verification of machine learning Formal verification of run-time contracts Model-based safety analysis Component-fault trees Jenkins-time safety analyses Automated safety concept optimisation for fail operational systems Run-time evaluation of safety properties (safety contracts) Assurance cases Modular assurance cases Assurance cases for SOTIF * Collaborative assurance cases * SOTIF: of the intended function 10
11 Thank you! Any Questions? 11
ARGUING THE SAFETY OF MACHINE LEARNING FOR HIGHLY AUTOMATED DRIVING USING ASSURANCE CASES LYDIA GAUERHOF BOSCH CORPORATE RESEARCH
ARGUING THE SAFETY OF MACHINE LEARNING FOR HIGHLY AUTOMATED DRIVING USING ASSURANCE CASES 14.12.2017 LYDIA GAUERHOF BOSCH CORPORATE RESEARCH Arguing Safety of Machine Learning for Highly Automated Driving
More informationAutomated Driving Systems with Model-Based Design for ISO 26262:2018 and SOTIF
Automated Driving Systems with Model-Based Design for ISO 26262:2018 and SOTIF Konstantin Dmitriev The MathWorks, Inc. Certification and Standards Group 2018 The MathWorks, Inc. 1 Agenda Use of simulation
More informationSAFETY CASE PATTERNS REUSING SUCCESSFUL ARGUMENTS. Tim Kelly, John McDermid
SAFETY CASE PATTERNS REUSING SUCCESSFUL ARGUMENTS Tim Kelly, John McDermid Rolls-Royce Systems and Software Engineering University Technology Centre Department of Computer Science University of York Heslington
More informationPrincipled Construction of Software Safety Cases
Principled Construction of Software Safety Cases Richard Hawkins, Ibrahim Habli, Tim Kelly Department of Computer Science, University of York, UK Abstract. A small, manageable number of common software
More informationSafety Case Construction and Reuse using Patterns. Abstract
Safety Case Construction and Reuse using Patterns T P Kelly, J A McDermid High Integrity Systems Engineering Group Department of Computer Science University of York York YO1 5DD E-mail: tpk jam@cs.york.ac.uk
More informationFunctional safety for semiconductor IP
Functional safety for semiconductor IP Lauri Ora Functional Safety Manager, CPU Group NMI ISO 26262 Practitioner s Workshop January 20 th, 2016, Nuneaton Intellectual property supplier s point of view
More informationThe Privacy Case. Matching Privacy-Protection Goals to Human and Organizational Privacy Concerns. Tudor B. Ionescu, Gerhard Engelbrecht SIEMENS AG
The Privacy Case Matching Privacy-Protection Goals to Human and Organizational Privacy Concerns Tudor B. Ionescu, Gerhard Engelbrecht SIEMENS AG Agenda Introduction Defining the privacy case Privacy-relevant
More informationSafety of programmable machinery and the EC directive
Automation and Robotics in Construction Xl D.A. Chamberlain (Editor) 1994 Elsevier Science By. 1 Safety of programmable machinery and the EC directive S.P.Gaskill Health and Safety Executive Technology
More informationA FLEXIBLE APPROACH TO AUTHORIZATION OF UAS SOFTWARE
A FLEXIBLE APPROACH TO AUTHORIZATION OF UAS SOFTWARE P. Graydon, J. Knight, K. Wasson Department of Computer Science, University of Virginia, Charlottesville, VA Abstract Unmanned Aircraft Systems (UASs)
More informationCombining ROS and AI for fail-operational automated driving
Combining ROS and AI for fail-operational automated driving Prof. Dr. Daniel Watzenig Virtual Vehicle Research Center, Graz, Austria and Institute of Automation and Control at Graz University of Technology
More informationStanford Center for AI Safety
Stanford Center for AI Safety Clark Barrett, David L. Dill, Mykel J. Kochenderfer, Dorsa Sadigh 1 Introduction Software-based systems play important roles in many areas of modern life, including manufacturing,
More informationTowards a multi-view point safety contract Alejandra Ruiz 1, Tim Kelly 2, Huascar Espinoza 1
Author manuscript, published in "SAFECOMP 2013 - Workshop SASSUR (Next Generation of System Assurance Approaches for Safety-Critical Systems) of the 32nd International Conference on Computer Safety, Reliability
More informationWilliam Milam Ford Motor Co
Sharing technology for a stronger America Verification Challenges in Automotive Embedded Systems William Milam Ford Motor Co Chair USCAR CPS Task Force 10/20/2011 What is USCAR? The United States Council
More informationA Safety Case Approach to Assuring Configurable Architectures of Safety-Critical Product Lines
A Safety Case Approach to Assuring Configurable Architectures of Safety-Critical Product Lines Ibrahim Habli and Tim Kelly, Department of Computer Science, University of York, United Kingdom {Ibrahim.Habli,
More informationprogressive assurance using Evidence-based Development
progressive assurance using Evidence-based Development JeremyDick@integratebiz Summer Software Symposium 2008 University of Minnisota Assuring Confidence in Predictable Quality of Complex Medical Devices
More informationComponent Based Mechatronics Modelling Methodology
Component Based Mechatronics Modelling Methodology R.Sell, M.Tamre Department of Mechatronics, Tallinn Technical University, Tallinn, Estonia ABSTRACT There is long history of developing modelling systems
More informationIntroduction to Computer Science - PLTW #9340
Introduction to Computer Science - PLTW #9340 Description Designed to be the first computer science course for students who have never programmed before, Introduction to Computer Science (ICS) is an optional
More informationValue Paper. Are you PAT and QbD Ready? Get up to speed
Value Paper Are you PAT and QbD Ready? Get up to speed PAT and Quality-by-Design As PAT and Quality -by-design (QbD) become an integral part of the regulatory framework, automation group ABB argues more
More informationMulti-Platform Soccer Robot Development System
Multi-Platform Soccer Robot Development System Hui Wang, Han Wang, Chunmiao Wang, William Y. C. Soh Division of Control & Instrumentation, School of EEE Nanyang Technological University Nanyang Avenue,
More informationBuilding a Preliminary Safety Case: An Example from Aerospace
Building a Preliminary Safety Case: An Example from Aerospace Tim Kelly, Iain Bate, John McDermid, Alan Burns Rolls-Royce Systems and Software Engineering University Technology Centre Department of Computer
More informationScientific Certification
Scientific Certification John Rushby Computer Science Laboratory SRI International Menlo Park, California, USA John Rushby, SR I Scientific Certification: 1 Does The Current Approach Work? Fuel emergency
More informationARTES Competitiveness & Growth Full Proposal. Requirements for the Content of the Technical Proposal. Part 3B Product Development Plan
ARTES Competitiveness & Growth Full Proposal Requirements for the Content of the Technical Proposal Part 3B Statement of Applicability and Proposal Submission Requirements Applicable Domain(s) Space Segment
More informationA Systematic Analysis of Functional Safety Certification Practices in Industrial Robot Software Development
A Systematic Analysis of Functional Safety Certification Practices in Industrial Robot Software Development Xie Tong 1,* and Wu Lei 2 1 School of Software, Beijing Institute of Technology, Beijing, China
More informationThe AMADEOS SysML Profile for Cyber-physical Systems-of-Systems
AMADEOS Architecture for Multi-criticality Agile Dependable Evolutionary Open System-of-Systems FP7-ICT-2013.3.4 - Grant Agreement n 610535 The AMADEOS SysML Profile for Cyber-physical Systems-of-Systems
More information23270: AUGMENTED REALITY FOR NAVIGATION AND INFORMATIONAL ADAS. Sergii Bykov Technical Lead Machine Learning 12 Oct 2017
23270: AUGMENTED REALITY FOR NAVIGATION AND INFORMATIONAL ADAS Sergii Bykov Technical Lead Machine Learning 12 Oct 2017 Product Vision Company Introduction Apostera GmbH with headquarter in Munich, was
More informationDEVELOPMENT OF A STRUCTURAL SYSTEM RELIABILITY FRAMEWORK FOR OFFSHORE PLATFORMS
JIP: Structural reliability analysis framework for fixed offshore platforms DEVELOPMENT OF A STRUCTURAL SYSTEM RELIABILITY FRAMEWORK FOR OFFSHORE PLATFORMS May 1998 Document No. JHA003 University of Surrey,
More informationPure Versus Applied Informatics
Pure Versus Applied Informatics A. J. Cowling Department of Computer Science University of Sheffield Structure of Presentation Introduction The structure of mathematics as a discipline. Analysing Pure
More informationThe Role of F.I.G. in Leading the Development of International Real-Time Positioning Guidelines
The Role of F.I.G. in Leading the Development of International Real-Time Positioning Guidelines, USA Key Words: RTN, real-time, GNSS, Guidelines SUMMARY The rapid growth of real-time reference station
More informationBehaviour-Based Control. IAR Lecture 5 Barbara Webb
Behaviour-Based Control IAR Lecture 5 Barbara Webb Traditional sense-plan-act approach suggests a vertical (serial) task decomposition Sensors Actuators perception modelling planning task execution motor
More informationDesign and Operation of Micro-Gravity Dynamics and Controls Laboratories
Design and Operation of Micro-Gravity Dynamics and Controls Laboratories Georgia Institute of Technology Space Systems Engineering Conference Atlanta, GA GT-SSEC.F.4 Alvar Saenz-Otero David W. Miller MIT
More informationRequired Course Numbers. Test Content Categories. Computer Science 8 12 Curriculum Crosswalk Page 2 of 14
TExES Computer Science 8 12 Curriculum Crosswalk Test Content Categories Domain I Technology Applications Core Competency 001: The computer science teacher knows technology terminology and concepts; the
More informationValidation of ultra-high dependability 20 years on
Bev Littlewood, Lorenzo Strigini Centre for Software Reliability, City University, London EC1V 0HB In 1990, we submitted a paper to the Communications of the Association for Computing Machinery, with the
More informationGeneral Education Rubrics
General Education Rubrics Rubrics represent guides for course designers/instructors, students, and evaluators. Course designers and instructors can use the rubrics as a basis for creating activities for
More informationIndustrial Experience with SPARK. Praxis Critical Systems
Industrial Experience with SPARK Roderick Chapman Praxis Critical Systems Outline Introduction SHOLIS The MULTOS CA Lockheed C130J A less successful project Conclusions Introduction Most Ada people know
More informationMAXIMISING THE ATM POSITIVE CONTRIBUTION TO SAFETY - A
MAXIMISING THE ATM POSITIVE CONTRIBUTION TO SAFETY - A BROADER APPROACH TO SAFETY ASSESSMENT D Fowler*, E Perrin R Pierce * EUROCONTROL, France, derek.fowler.ext@ eurocontrol.int EUROCONTROL, France, eric.perrin@eurocontrol.int
More informationGouvernement du Québec Ministère de l Éducation, ISBN
Gouvernement du Québec Ministère de l Éducation, 2004 04-00908 ISBN 2-550-43699-7 Legal deposit Bibliothèque nationale du Québec, 2004 1. INTRODUCTION This Definition of the Domain for Summative Evaluation
More informationThe Preliminary Risk Analysis Approach: Merging Space and Aeronautics Methods
The Preliminary Risk Approach: Merging Space and Aeronautics Methods J. Faure, A. Cabarbaye & R. Laulheret CNES, Toulouse,France ABSTRACT: Based on space industry but also on aeronautics methods, we will
More informationAssurance Cases The Home for Verification*
Assurance Cases The Home for Verification* (Or What Do We Need To Add To Proof?) John Knight Department of Computer Science & Dependable Computing LLC Charlottesville, Virginia * Computer Assisted A LIMERICK
More informationDavid Howarth. Business Development Manager Americas
David Howarth Business Development Manager Americas David Howarth IPG Automotive USA, Inc. Business Development Manager Americas david.howarth@ipg-automotive.com ni.com Testing Automated Driving Functions
More informationRequirements and Safety Cases
Requirements and Safety Cases Prof. Chris Johnson, School of Computing Science, University of Glasgow. johnson@dcs.gla.ac.uk http://www.dcs.gla.ac.uk/~johnson Introduction Safety Requirements: Functional
More informationA Knowledge-Centric Approach for Complex Systems. Chris R. Powell 1/29/2015
A Knowledge-Centric Approach for Complex Systems Chris R. Powell 1/29/2015 Dr. Chris R. Powell, MBA 31 years experience in systems, hardware, and software engineering 17 years in commercial development
More informationAutonomy Test & Evaluation Verification & Validation (ATEVV) Challenge Area
Autonomy Test & Evaluation Verification & Validation (ATEVV) Challenge Area Stuart Young, ARL ATEVV Tri-Chair i NDIA National Test & Evaluation Conference 3 March 2016 Outline ATEVV Perspective on Autonomy
More informationMethodology for Agent-Oriented Software
ب.ظ 03:55 1 of 7 2006/10/27 Next: About this document... Methodology for Agent-Oriented Software Design Principal Investigator dr. Frank S. de Boer (frankb@cs.uu.nl) Summary The main research goal of this
More informationMy 36 Years in System Safety: Looking Backward, Looking Forward
My 36 Years in System : Looking Backward, Looking Forward Nancy Leveson System safety engineer (Gary Larsen, The Far Side) How I Got Started Topics How I Got Started Looking Backward Looking Forward 2
More informationFAIL OPERATIONAL E/E SYSTEM CONCEPT FOR FUTURE APPLICATION IN ADAS AND AUTONOMOUS DRIVING
FAIL OPERATIONAL E/E SYSTEM CONCEPT FOR FUTURE APPLICATION IN ADAS AND AUTONOMOUS DRIVING Fail Safe Fail Operational Fault Tolerance ISO 26262 Hermann Kränzle, TÜV NORD Systems OUR FUNCTIONAL SAFETY CERTIFIED
More informationOutline. Outline. Assurance Cases: The Safety Case. Things I Like Safety-Critical Systems. Assurance Case Has To Be Right
Assurance Cases: New Directions & New Opportunities* John C. Knight University of Virginia February, 2008 *Funded in part by: the National Science Foundation & NASA A summary of several research topics
More informationCSE 435: Software Engineering
CSE 435: Software Engineering Dr. James Daly 3501 Engineering Building Office: 3501 EB, by appointment dalyjame at msu dot edu TAs: Vincent Ragusa and Mohammad Roohitavaf Helproom Tuesday: 2-4 pm, Wednesday
More informationCORC 3303 Exploring Robotics. Why Teams?
Exploring Robotics Lecture F Robot Teams Topics: 1) Teamwork and Its Challenges 2) Coordination, Communication and Control 3) RoboCup Why Teams? It takes two (or more) Such as cooperative transportation:
More informationSoftware-Intensive Systems Producibility
Pittsburgh, PA 15213-3890 Software-Intensive Systems Producibility Grady Campbell Sponsored by the U.S. Department of Defense 2006 by Carnegie Mellon University SSTC 2006. - page 1 Producibility
More informationValidation and Verification of Field Programmable Gate Array based systems
Validation and Verification of Field Programmable Gate Array based systems Dr Andrew White Principal Nuclear Safety Inspector, Office for Nuclear Regulation, UK Objectives Purpose and activities of the
More informationA comprehensive guide to digital badges.
A comprehensive guide to digital badges. This is your in-depth guide to what digital badges are and how they are used. A FREE RESOURCE FROM ACCREDIBLE.COM A Comprehensive Guide to Digital Badges 2 Introduction
More informationSwarm Intelligence W7: Application of Machine- Learning Techniques to Automatic Control Design and Optimization
Swarm Intelligence W7: Application of Machine- Learning Techniques to Automatic Control Design and Optimization Learning to avoid obstacles Outline Problem encoding using GA and ANN Floreano and Mondada
More informationCSE 435: Software Engineering FYI
CSE 435: Software Engineering Dr. B. Cheng 1129 Engineering Building chengb at cse dot msu dot edu TA: Gabrielle Nguyen, Tues, Thurs: 12:00-1:30 pm or by appt. ngyueng5 at msu dot edu Professor in CSE
More informationAI for Autonomous Ships Challenges in Design and Validation
VTT TECHNICAL RESEARCH CENTRE OF FINLAND LTD AI for Autonomous Ships Challenges in Design and Validation ISSAV 2018 Eetu Heikkilä Autonomous ships - activities in VTT Autonomous ship systems Unmanned engine
More informationCSTA K- 12 Computer Science Standards: Mapped to STEM, Common Core, and Partnership for the 21 st Century Standards
CSTA K- 12 Computer Science s: Mapped to STEM, Common Core, and Partnership for the 21 st Century s STEM Cluster Topics Common Core State s CT.L2-01 CT: Computational Use the basic steps in algorithmic
More informationSystem NMI. Accuracy is the Key. Classifying the Content of Non-metallic Inclusions in Steel in Accordance with Current Industrial Standards
Microscopy from Carl Zeiss System NMI Accuracy is the Key Classifying the Content of Non-metallic Inclusions in Steel in Accordance with Current Industrial Standards New Guidelines Require New Priorities:
More informationTHE USE OF A SAFETY CASE APPROACH TO SUPPORT DECISION MAKING IN DESIGN
THE USE OF A SAFETY CASE APPROACH TO SUPPORT DECISION MAKING IN DESIGN W.A.T. Alder and J. Perkins Binnie Black and Veatch, Redhill, UK In many of the high hazard industries the safety case and safety
More informationThe role of testing in verification and certification Kerstin Eder
The role of testing in verification and certification Kerstin Eder Design Automation and Verification, Microelectronics [and Trustworthy Systems Laboratory] Verification and Validation for Safety in Robots,
More informationBridging Functional Safety Analysis and Software Architecture Assessment Safety scenarios in Architecture Trade-off Analysis Method (ATAM)
Bridging Functional Safety Analysis and Software Architecture Assessment Safety scenarios in Architecture Trade-off Analysis Method (ATAM) Miroslaw Staron Software Engineering Computer Science and Engineering
More information2014 New Jersey Core Curriculum Content Standards - Technology
2014 New Jersey Core Curriculum Content Standards - Technology Content Area Standard Strand Grade Level bands Technology 8.2 Technology Education, Engineering, Design, and Computational Thinking - Programming:
More informationTask Allocation: Motivation-Based. Dr. Daisy Tang
Task Allocation: Motivation-Based Dr. Daisy Tang Outline Motivation-based task allocation (modeling) Formal analysis of task allocation Motivations vs. Negotiation in MRTA Motivations(ALLIANCE): Pro: Enables
More informationin the New Zealand Curriculum
Technology in the New Zealand Curriculum We ve revised the Technology learning area to strengthen the positioning of digital technologies in the New Zealand Curriculum. The goal of this change is to ensure
More information24 Challenges in Deductive Software Verification
24 Challenges in Deductive Software Verification Reiner Hähnle 1 and Marieke Huisman 2 1 Technische Universität Darmstadt, Germany, haehnle@cs.tu-darmstadt.de 2 University of Twente, Enschede, The Netherlands,
More informationA FRAMEWORK FOR PERFORMING V&V WITHIN REUSE-BASED SOFTWARE ENGINEERING
A FRAMEWORK FOR PERFORMING V&V WITHIN REUSE-BASED SOFTWARE ENGINEERING Edward A. Addy eaddy@wvu.edu NASA/WVU Software Research Laboratory ABSTRACT Verification and validation (V&V) is performed during
More informationAerospace Software* Cost and Timescale Reduction *and complex electronic hardware
Aerospace Software* Cost and Timescale Reduction *and complex electronic hardware Andrew Hawthorn Deputy Director, Intelligent Systems / Altran UK and SECT-AIR WP4 Lead on behalf of the SECT-AIR Consortium
More informationInstrumentation, Controls, and Automation - Program 68
Instrumentation, Controls, and Automation - Program 68 Program Description Program Overview Utilities need to improve the capability to detect damage to plant equipment while preserving the focus of skilled
More informationFrom Safety Integrity Level to Assured Reliability and Resilience Level for Compositional Safety Critical Systems
From Safety Integrity Level to Assured Reliability and Resilience Level for Compositional Safety Critical Systems Abstract: While safety engineering standards define rigorous and controllable processes
More informationTuning-CALOHEE Assessment Frameworks for the Subject Area of CIVIL ENGINEERING The Tuning-CALOHEE Assessment Frameworks for Civil Engineering offers
Tuning-CALOHEE Assessment Frameworks for the Subject Area of CIVIL ENGINEERING The Tuning-CALOHEE Assessment Frameworks for Civil Engineering offers an important and novel tool for understanding, defining
More informationLearning Artificial Intelligence in Large-Scale Video Games
Learning Artificial Intelligence in Large-Scale Video Games A First Case Study with Hearthstone: Heroes of WarCraft Master Thesis Submitted for the Degree of MSc in Computer Science & Engineering Author
More informationDesign and Technology Subject Outline Stage 1 and Stage 2
Design and Technology 2019 Subject Outline Stage 1 and Stage 2 Published by the SACE Board of South Australia, 60 Greenhill Road, Wayville, South Australia 5034 Copyright SACE Board of South Australia
More informationFormalising Event Reconstruction in Digital Investigations
Formalising Event Reconstruction in Digital Investigations Pavel Gladyshev The thesis is submitted to University College Dublin for the degree of PhD in the Faculty of Science August 2004 Department of
More informationVerification and Validation for Safety in Robots Kerstin Eder
Verification and Validation for Safety in Robots Kerstin Eder Design Automation and Verification Trustworthy Systems Laboratory Verification and Validation for Safety in Robots, Bristol Robotics Laboratory
More informationBackground T
Background» At the 2013 ISSC, the SAE International G-48 System Safety Committee accepted an action to investigate the utility of the Safety Case approach vis-à-vis ANSI/GEIA-STD- 0010-2009.» The Safety
More informationTowards an MDA-based development methodology 1
Towards an MDA-based development methodology 1 Anastasius Gavras 1, Mariano Belaunde 2, Luís Ferreira Pires 3, João Paulo A. Almeida 3 1 Eurescom GmbH, 2 France Télécom R&D, 3 University of Twente 1 gavras@eurescom.de,
More informationVerification & Validation
Verification & Validation Rasmus E. Benestad Winter School in escience Geilo January 20-25, 2013 3 double lectures Rasmus.benestad@met.no Objective reproducible science and modern techniques for scientific
More informationM&S Requirements and VV&A: What s the Relationship?
M&S Requirements and VV&A: What s the Relationship? Dr. James Elele - NAVAIR David Hall, Mark Davis, David Turner, Allie Farid, Dr. John Madry SURVICE Engineering Outline Verification, Validation and Accreditation
More informationISO Activity Update. International Organization for Standardization
ISO Activity Update Jeff Fryman Convenor ISO TC184/SC2 WG 3 October 14 th 16 th, 2013 ~ Indianapolis, Indiana USA International Organization for Standardization ISO TC 184 Automation Systems and Integration
More informationQuality Management for Advanced Classification. David Wright Senior Munitions Response Geophysicist CH2M HILL
Quality Management for Advanced Classification David Wright Senior Munitions Response Geophysicist CH2M HILL Goals of Presentation Define Quality Management, Quality Assurance, and Quality Control in the
More informationBIM+Blockchain: A Solution to the "Trust" problem in Collaboration?
BIM+Blockchain: A Solution to the "Trust" problem in Collaboration? Link to conference paper http://arrow.dit.ie/bescharcon/26/ Malachy Mathews, Senior Lecturer, School of Architecture, Dublin Institute
More informationDesigning for recovery New challenges for large-scale, complex IT systems
Designing for recovery New challenges for large-scale, complex IT systems Prof. Ian Sommerville School of Computer Science St Andrews University Scotland St Andrews Small Scottish town, on the north-east
More informationLast Time: Acting Humanly: The Full Turing Test
Last Time: Acting Humanly: The Full Turing Test Alan Turing's 1950 article Computing Machinery and Intelligence discussed conditions for considering a machine to be intelligent Can machines think? Can
More informationSoftware Quality Assurance. Software engineering processes
Software Quality Assurance Software engineering processes Systems vs. Software Terms often used interchangeably Engineering Processes Quality Quality Systems Capability/Maturity Models CS351 - Software
More informationWorkshop on the Future of Nuclear Robotics Safety Cases
Workshop on the Future of Nuclear Robotics Safety Cases 11th September 2018 Manchester Organised by EPSRC RAIN Hub, Office for Nuclear Regulation, Assuring Autonomy International Programme, and EPSRC Verification
More informationBy the end of this chapter, you should: Understand what is meant by engineering design. Understand the phases of the engineering design process.
By the end of this chapter, you should: Understand what is meant by engineering design. Understand the phases of the engineering design process. Be familiar with the attributes of successful engineers.
More informationNextGen Aviation Safety. Amy Pritchett Director, NASA Aviation Safety Program
NextGen Aviation Safety Amy Pritchett Director, NASA Aviation Safety Program NowGen Started for Safety! System Complexity Has Increased As Safety Has Also Increased! So, When We Talk About NextGen Safety
More informationDeviational analyses for validating regulations on real systems
REMO2V'06 813 Deviational analyses for validating regulations on real systems Fiona Polack, Thitima Srivatanakul, Tim Kelly, and John Clark Department of Computer Science, University of York, YO10 5DD,
More informationBUREAU OF LAND MANAGEMENT INFORMATION QUALITY GUIDELINES
BUREAU OF LAND MANAGEMENT INFORMATION QUALITY GUIDELINES Draft Guidelines for Ensuring and Maximizing the Quality, Objectivity, Utility, and Integrity of Information Disseminated by the Bureau of Land
More informationFindings of the Artist2 Workshop Beyond Autosar
Findings of the Artist2 Workshop Beyond Autosar Werner Damm OFFIS Acknowledgements This presentation reports on Results of the NoE Artist2, Workshop Beyond Autosar (co-organized with Albert Benveniste,
More informationSystems Engineering Overview. Axel Claudio Alex Gonzalez
Systems Engineering Overview Axel Claudio Alex Gonzalez Objectives Provide additional insights into Systems and into Systems Engineering Walkthrough the different phases of the product lifecycle Discuss
More informationComputer Progression Pathways statements for KS3 & 4. Year 7 National Expectations. Algorithms
Year 7 National Expectations can show an awareness of tasks best completed by humans or computers. can designs solutions by decomposing a problem and creates a sub-solution for each of these parts (decomposition).
More informationLogic Solver for Tank Overfill Protection
Introduction A growing level of attention has recently been given to the automated control of potentially hazardous processes such as the overpressure or containment of dangerous substances. Several independent
More informationA Winning Combination
A Winning Combination Risk factors Statements in this presentation that refer to future plans and expectations are forward-looking statements that involve a number of risks and uncertainties. Words such
More informationLessons Learned in Integrating Risk Management and Process Validation
Lessons Learned in Integrating Risk Management and Process Validation Medical Device Congress Harvard March 2007 Jim Handzo Senior Manager QA Innovative Spinal Technologies Fran Akelewicz Principal Practical
More informationFP7 ICT Call 6: Cognitive Systems and Robotics
FP7 ICT Call 6: Cognitive Systems and Robotics Information day Luxembourg, January 14, 2010 Libor Král, Head of Unit Unit E5 - Cognitive Systems, Interaction, Robotics DG Information Society and Media
More informationSWEN 256 Software Process & Project Management
SWEN 256 Software Process & Project Management What is quality? A definition of quality should emphasize three important points: 1. Software requirements are the foundation from which quality is measured.
More informationAutomated Testing of Autonomous Driving Assistance Systems
Automated Testing of Autonomous Driving Assistance Systems Lionel Briand Vector Testing Symposium, Stuttgart, 2018 SnT Centre Top level research in Information & Communication Technologies Created to fuel
More informationPolicy-Based RTL Design
Policy-Based RTL Design Bhanu Kapoor and Bernard Murphy bkapoor@atrenta.com Atrenta, Inc., 2001 Gateway Pl. 440W San Jose, CA 95110 Abstract achieving the desired goals. We present a new methodology to
More informationRobotics in Oil and Gas. Matt Ondler President / CEO
Robotics in Oil and Gas Matt Ondler President / CEO 1 Agenda Quick background on HMI State of robotics Sampling of robotics projects in O&G Example of a transformative robotic application Future of robotics
More informationFORMAL MODELING AND VERIFICATION OF MULTI-AGENTS SYSTEM USING WELL- FORMED NETS
FORMAL MODELING AND VERIFICATION OF MULTI-AGENTS SYSTEM USING WELL- FORMED NETS Meriem Taibi 1 and Malika Ioualalen 1 1 LSI - USTHB - BP 32, El-Alia, Bab-Ezzouar, 16111 - Alger, Algerie taibi,ioualalen@lsi-usthb.dz
More informationCanadian Technology Accreditation Criteria (CTAC) PROGRAM GENERAL LEARNING OUTCOMES (PGLO) Common to all Technologist Disciplines
Canadian Technology Accreditation Criteria (CTAC) PROGRAM GENERAL LEARNING OUTCOMES (PGLO) Common to all Technologist Disciplines Preamble Eight Program General Learning Outcomes (PGLOs) are included in
More information