Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Tool Integration and Safety: A Foundation for Analysing the Impact of Tool Integrationon Non-functional Properties
KTH, School of Industrial Engineering and Management (ITM), Machine Design (Dept.), Mechatronics.ORCID iD: 0000-0001-5704-4504
2012 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

The increasing complexity of embedded systems development is becoming difficult to handle with development environments based on disjoint engineering tools. Support for interactions between various engineering tools, especially through automated means, has therefore received an increased amount of attention during the last few years. The subsequent increase in the amount of tool integration is leading to an increased impact of tool integration on non-functional properties of development efforts, development environments and end products. At the same time there is a lack of methods and tools for analysing the relationship between these properties and tool integration. To establish a foundation for analysing this generic relationship, the specific relationship between tool integration and the safety of end products is analysed in this thesis.

A survey was conducted to analyze the State of the Art of tool integration as related to safety. This survey specifically identified the lack of an efficient handling of tool integration by modern safety standards as an important concern. In relation to this survey, three theories were identified as of specific importance. These are the school of thought known as Systems Thinking, the Systems-Theoretic Accident Model and Processes (STAMP) causality model and the System-Theoretic Process Analysis (STPA) hazard analysis technique.

Building on these theories, this thesis provides original contributions intended to (1) describe concepts and models related to tool integration and safety (the first and second contribution), (2) link tool integration to safety in a way that reduces complexity during analysis (the third contribution) and (3) propose how to interpret and make use of the implications of the presented theories and the first three contributions (the fourth and fifth contribution).

• The first contribution is a new conceptual model of a development effort that emphasizes tool integration.

• The second contribution is a new reference model for tool integration in highly heterogeneous environments.

• The third contribution consists of nine safety-related tool chain properties, i.e. properties of tool chains that could mitigate at least part of the risks introduced by tool integration.

• The fourth contribution is a proposition on how to identify safety implications due to a high level of automation of tool integration.

• The fifth contribution is a proposition for a new software tool qualification process.

Place, publisher, year, edition, pages
Stockholm: KTH Royal Institute of Technology, 2012. , xiii, 84 p.
Series
Trita-MMK, ISSN 1400-1179 ; 2012:17
Keyword [en]
Tool Integration, Integrated Development Environments, Embedded Systems, Safety Standards, Certification, Qualification, Systems Thinking, System Safety, STAMP, STPA
National Category
Embedded Systems
Identifiers
URN: urn:nbn:se:kth:diva-102876ISBN: 978-91-7501-487-6 (print)OAI: oai:DiVA.org:kth-102876DiVA: diva2:557192
Presentation
2012-10-05, B319, Brinellvägen 85, KTH, Stockholm, 09:00 (English)
Opponent
Supervisors
Available from: 2012-09-27 Created: 2012-09-27 Last updated: 2012-09-27Bibliographically approved
List of papers
1. Tool Integration Beyond Wasserman
Open this publication in new window or tab >>Tool Integration Beyond Wasserman
2011 (English)In: Advanced Information Systems Engineering Workshops / [ed] Camille Salinesi, Oscar Pastor, Berlin: Springer-Verlag , 2011, 270-281 p.Conference paper, Published paper (Refereed)
Abstract [en]

The typical development environment today consists of many specialized development tools, which are partially integrated, forming a complex tool landscape with partial integration. Traditional approaches for reasoning about tool integration are insufficient to measure the degree of integration and integration optimality in today’s complex tool landscape. This paper presents a reference model that introduces dependencies between, and metrics for, integration aspects to overcome this problem. This model is used to conceive a method for reasoning about tool integration and identify improvements in an industrial case study. Based on this we are able to conclude that our reference model does not detract value from the principles that it is based on, instead it highlights improvements that were not well visible earlier. We conclude the paper by discussing open issues for our reference model, namely if it is suitable to use during the creation of new systems, if the used integration aspects can be subdivided further to support the analysis of secondary issues related to integration, difficulties related to the state dependency between the data and process aspects within the context of developing embedded systems and the analysis of non-functional requirements to support tool integration.

Place, publisher, year, edition, pages
Berlin: Springer-Verlag, 2011
Series
Lecture Notes in Business Information Processing, ISSN 1865-1348 ; 83
Keyword
Tool Integration, Model-based Tool Integration, Model-based Development, Integrated Development Environments
National Category
Computer Systems
Identifiers
urn:nbn:se:kth:diva-47629 (URN)10.1007/978-3-642-22056-2 (DOI)000301989300025 ()2-s2.0-79960316852 (Scopus ID)978-3-642-22055-5 (ISBN)
Conference
1st Workshop on Integration of IS Engineering Tools (INISET 2011, London, England, JUN 20-24, 2011
Projects
iFEST
Note
QC 20111118Available from: 2011-11-18 Created: 2011-11-11 Last updated: 2012-09-27Bibliographically approved
2. Tool Integration, from Tool to Tool Chain with ISO 26262
Open this publication in new window or tab >>Tool Integration, from Tool to Tool Chain with ISO 26262
Show others...
2012 (English)Conference paper, Published paper (Refereed)
Abstract [en]

The use of innovative power sources in future cars has long-ranging implications on vehicle safety.  We studied these implications in the context of the guidance on software tool qualification in the then current ISO 26262 draft, when building an urban concept vehicle to participate in the 2011 Shell Eco-Marathon. While the guidance on tool qualification is detailed, the guidance in regard to tools integrated into tool chains is limited. It only points out that the environment that tools execute in needs to be taken into consideration.

In this paper we clarify the implications of tool chains on tool qualification in the context of ISO 26262 by focusing on answering two questions; first, are there parts of the development environment related to tool integration that are likely to fall outside of tool qualification efforts as currently defined by ISO 26262; secondly, can we define if, and -if so- how, tool integration is affected by ensuring functional safety.

We conclude by identifying two areas related to tool integration that are likely to fall outside the tool qualification efforts (data integrity and process logic) and describing how different constraints imposed by ISO 26262 in relation to tool qualification conflict when tool integration is improved (improvements aimed at supporting completeness, consistency and the safety lifecycle vs. tool qualification cost).

We are able to make additional conclusions in relation to the State of the Art discussion on software tool qualification according to ISO 26262. First, reference tool chains and guidelines on which characteristics tool qualification should ensure for tool chains are needed to complement ISO 26262. Secondly, guidance on tool integration can be found in the completeness characteristic, the consistency characteristic and the ISO 26262 safety lifecycle process. Finally, qualification efforts should ideally target tool chains rather than individual tools.

Place, publisher, year, edition, pages
SAE International, 2012
Keyword
Tool Integration, Safety, ISO 26262
National Category
Embedded Systems
Identifiers
urn:nbn:se:kth:diva-93884 (URN)10.4271/2012-01-0026 (DOI)2-s2.0-84877167104 (Scopus ID)
Conference
SAE 2012 World Congress
Note

QC 20120927

Available from: 2012-05-02 Created: 2012-05-02 Last updated: 2012-09-27Bibliographically approved
3. Qualifying Software Tools, a Systems Approach
Open this publication in new window or tab >>Qualifying Software Tools, a Systems Approach
2012 (English)In: Computer Safety, Reliability, and Security: 31st International Conference, SAFECOMP 2012, Magdeburg, Germany, September 25-28, 2012. Proceedings, Springer Berlin/Heidelberg, 2012, 340-351 p.Conference paper, Published paper (Refereed)
Abstract [en]

Modern safety standards designed to ensure safety in embedded system products often take a descriptive approach, focusing on describing appropriate requirements on management, processes, methods and environments during development. While the qualification of software tools has been included in several such standards, how to handle the safety implications of tools integrated into tool chains has been largely ignored. This problem is aggravated by an increase both in automation of tool integration and the size of development environments.

In this paper we define nine safety goals for tool chains and suggest a qualification method that takes a systems approach on certifying software tools as parts of tool chains. With this method, software tools are developed and pre-qualified under the assumption that certain properties will be supported by the development environment they are to be deployed in. The proposed method is intended to (1) achieve a stronger focus on the relevant parts of tool chains in regard to safety and (2) separate the extra effort these parts imply from the effort already stipulated by safety standards.

Place, publisher, year, edition, pages
Springer Berlin/Heidelberg, 2012
Series
Lecture Notes in Computer Science, ISSN 0302-9743 ; 7612
Keyword
Certification, Safety, Tool Integration
National Category
Embedded Systems
Identifiers
urn:nbn:se:kth:diva-102718 (URN)10.1007/978-3-642-33678-2_29 (DOI)2-s2.0-84867602641 (Scopus ID)
Conference
SAFECOMP 2012
Projects
iFEST
Funder
Vinnova
Note

QC 20120927

Available from: 2012-09-27 Created: 2012-09-24 Last updated: 2012-09-27Bibliographically approved
4. Safety-Guided Design through System-Theoretic Process Analysis, Benefits and Difficulties
Open this publication in new window or tab >>Safety-Guided Design through System-Theoretic Process Analysis, Benefits and Difficulties
2012 (English)In: 30th International System Safety Conference Proceedings, 2012Conference paper, Published paper (Refereed)
Abstract [en]

Development environments for embedded systems are moving towards increased automation between Commercial Of The Shelf (COTS) engineering tools. While automation provides new opportunities for e.g. verification, it also to some extent decreases the possibility of identifying and acting on safety issues that arise during development. To investigate the relationship between tool integration and safety we performed a System-Theoretic Process Analysis (STPA) of a tool chain from an industrial case study. This tool chain was then reanalyzed and redesigned twice, in part motivated by identified hazards.

This paper presents our experiences from applying STPA to safety-guided design in the context of integrating COTS engineering tools into tool chains. We discuss the benefits of and difficulties with applying STPA. We also suggest improvements that complement STPA with support methods and tools.

The primary benefit was the support in categorizing risks and causes. The three difficulties we encountered were identifying context-specific causal factors, defining control structures across several domains (management, user, technical, etc.) and limiting the domains taken into account. The use of STPA during safety-guided design would be facilitated by the use of expert systems and simulation, especially in regard to relating different domains.

Keyword
Tool Integration, Safety, STAMP, STPA, Safety-Guided Design
National Category
Embedded Systems
Identifiers
urn:nbn:se:kth:diva-102717 (URN)
Conference
30th International System Safety Conference
Projects
iFEST
Funder
Vinnova
Note

QC20120927

Available from: 2012-09-27 Created: 2012-09-24 Last updated: 2012-09-27Bibliographically approved

Open Access in DiVA

fulltext(14215 kB)284 downloads
File information
File name FULLTEXT02.pdfFile size 14215 kBChecksum SHA-512
7c3b5084d88594c82bffe226153315a2187584c1a1f37ea9e64dbec8c06e44dd0d77c53a246e50aecfc69cbfdda323fc354f85d76d315de305bc2b4ec5470b0b
Type fulltextMimetype application/pdf

Authority records BETA

Asplund, Fredrik

Search in DiVA

By author/editor
Asplund, Fredrik
By organisation
Mechatronics
Embedded Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 284 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 497 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf