Safety, software architecture and MIL-STD-1760 (original) (raw)
Related papers
An Approach to Electrical Integration: Integrated Modular Avionics
Traditionally avionics systems are more functionality centric with dedicated hardware and software. The global architecture of the avionic system was designed in accordance with the "federated architecture" principle: "one function = one computer". In recent times the trend is towards more and smarter functionality. With advancement of technology, methods, and mechanisms, the industry is moving quite rapidly towards the integrated architecture called integrated modular avionics (IMA). The principle is to integrate multiple functions with possibly different criticality levels on single avionic computing resources in order to keep the weight, volume, cost & power consumption of the avionic architecture within reasonable limits. In this paper existing avionics architectures and future architectures are compared and defined and analyzed for applicability to missile systems.
Improving Hazard Analysis and Certification of Integrated Modular Avionics
Integrated modular avionics systems present new opportunities and benefits for developing advanced aircraft avionics, as well as a series of challenges related to hazard analysis and certification. This paper addresses some of those challenges and proposes a new procedure for improving hazard analysis of integrated modular avionics systems. A significant objective of integrated modular avionics architectures is the ability to develop individual software applications independently and then integrate those applications onto one platform. It has been very difficult for both designers and certifiers to understand and predict how the system will behave when the applications are integrated into one system. Traditional fault-based hazard analysis techniques are limited with respect to this problem. Therefore, this paper uses a different technique, called Systems-theoretic Process Analysis, to identify hazardous behavior that emerges when individual applications are integrated. Systems-theoretic process analysis is a systems-theoretic hazard analysis technique that accounts for hazardous behavior due to component interaction, including cases when the components have not failed or faulted. Systems-theoretic process analysis is extended in this paper to account for behavior that emerges when software applications share data, which is a requirement in aircraft systems. The paper illustrates the new approach with an example that includes real-world avionics functions.
Using design patterns for safety assessment of integrated modular avionics
2014 IEEE/AIAA 33rd Digital Avionics Systems Conference (DASC), 2014
In commercial aircraft, safety assessment uses a combination of top-down and bottom-up techniques. This is performed for every system in each aircraft installation. Since several functions and subsystems are common to different aircraft models, there is the need to consider reusing components and safety artifacts across several platforms. This necessity has become even more evident with the introduction of the Integrated Modular Avionics (IMA) concept. There is an increasing interest in developing design patterns in safety-critical systems. This paper provides an investigation of how SysML/UML design patterns can be used to assess the safety of IMA systems in a modular manner, while maintaining compliance with the existing civil aircraft certification guidelines. A case study is provided for a generic avionics system based on the IMA concept, fulfilling safety requirements for civil avionics.
Specification and Design of Electrical Flight System Architectures with SysML
Infotech@Aerospace 2012, 2012
Modern space flight systems are required to perform more complex functions than previous generations to support space missions. This demand is driving the trend to deploy more electronics to realize system functionality. The traditional approach for the specification, design, and deployment of electrical system architectures in space flight systems includes the use of informal definitions and descriptions that are often embedded within loosely coupled but highly interdependent design documents. Traditional methods become inefficient to cope with increasing system complexity, evolving requirements, and the ability to meet project budget and time constraints. Thus, there is a need for more rigorous methods to capture the relevant information about the electrical system architecture as the design evolves. In this work, we propose a model-centric approach to support the specification and design of electrical flight system architectures using the System Modeling Language (SysML). In our approach, we develop a domain specific language for specifying electrical system architectures, and we propose a design flow for the specification and design of electrical interfaces. Our approach is applied to a practical flight system.
Proceedings of MILCOM '95, 1995
This paper presents the results of a contract between ARL and the University of Delaware to develop a formal specification of the link layer of 188-220 using the ISO International Standard Formal Description Technique Estelle. This formal specification aims at discovering and resolving ambiguities in the original English document that would cause interpretation problems for implementors. The specification considers Type 1 connectionless (CL) operation of the link layer. It contains the complete set of command and response PDUs for the CL mode (UI, XID, URR, URNR, TEST). The paper discusses state diagrams and state transition tables needed for the Estelle specification. It also summarizes several ambiguities that were discovered in developing the Estelle specification.
A methodology to upgrade legacy industrial systems to meet safety regulations
2011
There is a need to upgrade legacy system in industry to conform with safety norms and regulations defined by recent standards. The great investment for the development of these systems is the main reason for the industry to look for approaches to upgrade legacy systems instead of adopting a redevelopment of the whole system. In this paper, we describe an approach to upgrade legacy industrial applications based on the IEC61131 function block model without the need to redesign the whole application. The approach that integrates the 3+1 SysMLview model with safety engineering is adopted and is tailored to the needs of upgrading legacy applications. Challenges are identified and solutions are proposed towards the definition of the whole development process including the verification of the so generated safety application. A laboratory system is used as a case study in this paper to demonstrate the applicability of the proposed approach.
Design, implementation and verification of MILS systems
Software: Practice and Experience, 2012
Safety-critical systems are used in many domains (military, avionics, aerospace, etc.) and handle critical data in hostile environements. These systems must protect data so that only allowed entities can read or write information.