《1-11737-ew_China_2023_Fromm.pdf》由会员分享,可在线阅读,更多相关《1-11737-ew_China_2023_Fromm.pdf(24页珍藏版)》请在三个皮匠报告上搜索。
1、Building Safe Embedded Systems Using a HolisticMobel Based System Engineering(MBSE)ApproachProf.Dr.-Ing.Peter FrommM.Sc.Thomas BarthContentComplexity?Quality?Safety in a Nutshell impact on Processes and Hardware/Software ArchitectureTOP 5 of clean code and architectureThe RTE ConceptAcademic and Ind
2、ustrial ExperiencesHow to build a safe embedded system-Qualitt trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT2Embedded Systems FailuresHow to build a safe embedded system-Qualitt trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT3Ariane 5-1995Boeing 737 max 2018/2019Tesla crash 2016Gro
3、wing complexity:Machines take human decisions example carHow to build a safe embedded system-Qualitt trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT41876 1930:Engine Technology1930-1980:Chassis and passive Safety1980-1995:Simple active Safety(ABS,Airbag)1995-2010:Active Driver Support(ESP,AC
4、C)2010 2015:The Car starts to take over(Auto Brake,Drive)2015-?:Autonomous driving?Mechanics10 years+innovation cycleElectronics5 years +innovation cycleSoftware2 years-innovation cycleTechnical debts/code rot/software erosion How to build a safe embedded system-Qualitt trotz Komplexitt|Prof.Dr.-Ing
5、.Peter Fromm|(c)H-DA,FBEIT5TechnicalDebtsTimeConcept phaseImplementation phaseDelivery phaseNot enough timeUnderestimated complexityNo qualificationHack producing more hacksDocuments and code in sync?The result.How to build a safe embedded system-Qualitt trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)
6、H-DA,FBEIT6Safety in a Nutshell 1 Reliable System EngineeringHow to build a safe embedded system-Qualitt trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT7HazardsOperating our system may kill/harm humansHazardous events Risk assessment:Impact,probability,controlabiltySafety GoalsRisk mitigatio
7、nSafety FunctionsImplementationHardwareFailure Rate,Architecture(Redundancy)SoftwareDiagnostic functions,Clean Architecture,Clean CodingReliability and AvailabilityAvoid systematic errors and control sporadic errors.Safety in a Nutshell 2 Need for EvidenceNeed for documentation and evidenceHazard an
8、d risk analysisSafety requirementsSafety PlanFunctional and Technical Safety ConceptFMEA,FMEDA,FTA,ETA,Safety Case DocumentationSafety ManualArchitectural Documents(System,Hardware,Software)Test Documents(all disciplines,unit,integration and system level)How to build a safe embedded system-Qualitt t
9、rotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT8Around 60 documents!How about the development processes?Safety processes are“very traditional”,focusing on a rather static V-model and many documentsAgility on the other hand claims to support fast improvement and learning iterationsHow to build
10、 a safe embedded system-Qualitt trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT9We need a process which provides the required safety evidence(aka documents)but which still allows for a certain flexibility and changeability.My TOP 5 of clean code and architectureTOPRule5The Skinny Sheep4The S
11、ystem View(and understanding)3My Favorite Design Guidelines2And Coding Guidelines1Keeping the Architecture and Code Changeable -without hacks!How to build a safe embedded system-Qualitt trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT10TOP 5 Starting with the Skinny SheepHow to build a safe e
12、mbedded system-Qualitt trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT11Ivar Jacobson(Inventor of the UML):Ivar Jacobson-Be smart-Reconf2009This one canmove executablecode!Feasibilityfocus!Bones and muscles=architecture!TOP 4 The System PerspectiveEmbedded Engineering is Hardware and Softwar
13、e Engineering!This is particularly true for safety applicationsHow to build a safe embedded system-Qualitt trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT12Example:217 out of 350 FMEDA entries involve software diagnosticsExample:Watchdog,power supply,reset behavior,Example:Around 250 hardwar
14、e safety registers on a safety controllerTOP 3 Design GuidelinesClear responsibilitiesLoose coupling and good cohesionWell designed algorithmsIntuitive and unique interfacesReasonable unit size and complexityGood and expressive namingClear and uniform error handling conceptHow to build a safe embedd
15、ed system-Qualitt trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT13Use design review to teach new staff!TOP 2 Coding GuidelinesHow to build a safe embedded system-Qualitt trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT14Static Code AnalysisMISRA Standard(C/C+)C and C+have never been
16、designed as safe or reliable languagesTOP 1 Keep the Architecture and Code changeable without hacks!How to build a safe embedded system-Qualitt trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT15Changes/extensionsNot UnderstandingNo TimeThe RTE ConceptHow to build a safe embedded system-Qualit
17、t trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT16Holistic but easy to understand modelling conceptRequirementsHardwareSoftwareBased on Eclipse Modeling Framework EMF/SiriusFocus on application level signal flow(SysML)Generation of the complete runtime environmentCreation of exhaustive arch
18、itectural documentationAdvanced change and refactoring supportExample Safety Case Electronic Gas PedalHow to build a safe embedded system-Qualitt trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT17Gas and Brake Pedal(Sensor)Target Speed Calculation(Logic)Engine(Actor)Functional ModelHardware M
19、odelSoftware ModelModel/Code ConsistencyHow to build a safe embedded system-Qualitt trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT18Functional ModelHardware ModelSoftware ModelApplication Code FrameSignal ClassesRuntime EnvironmentLinker/RTOS/MPU ConfigurationModel/Documentation Consistency
20、How to build a safe embedded system-Qualitt trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT19Functional ModelHardware ModelSoftware ModelHTML Documentation of the complete modelN-Dimensional ViewsAnalytical reports(consistency,timing,memory,.)Trace reportsShort Life DemoHow to build a safe e
21、mbedded system-Qualitt trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT20Key Recipe the refactoring loop(this might work!)How to build a safe embedded system-Qualitt trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT21TechnicalDebtsTimeConcept phaseImplementation phaseDelivery phase”rot”
22、repair”WrapupSoftware Systems and especially Embedded Control Systems become more and more complex and safety relevant.We will have to master this challenge!Modelling and continuous refactoring,not only of the code but also of the architecture is a key recipe for success.We have powerful methods to
23、deal with software complexity,but we need time and resources to apply them.How to build a safe embedded system-Qualitt trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT22Unfortunately,there is no silver bullet!ContactHochschule Darmstadt-University of Applied SciencesFB Elektrotechnik und Info
24、rmationstechnik(EIT)Birkenweg 864295 DarmstadtProf.Dr.-Ing.Peter Fromm peter.frommh-da.deM.Sc.Thomas Barth thomas.barthh-da.de thomasbarth-dev.deHow to build a safe embedded system-Qualitt trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT23Questions?How to build a safe embedded system-Qualitt trotz Komplexitt|Prof.Dr.-Ing.Peter Fromm|(c)H-DA,FBEIT24