Realistic safety cases for the timing of systems

Computer Journal

Volumn 57, Issue 5, 2014, Pages 759-774

  Graydon, Patrick ^a,b   Bate, Iain ^a,b  

^a MÄLARDALEN UNIVERSITY   (Sweden)

^b UNIVERSITY OF YORK   (United Kingdom)

Author keywords

analysis; fault tolerance; real time; safety arguments; scheduling; testing

Indexed keywords

COMPUTER SCIENCE; COMPUTERS; FAULT TOLERANCE; SCHEDULING; TESTING;

ANALYSIS; COMPUTER ASSISTED; REAL-TIME; SAFETY ARGUMENTS; SAFETY ASSURANCE; SAFETY CRITICAL SYSTEMS; SAFETY STANDARD; STRENGTH OF EVIDENCE;

SAFETY FACTOR;

EID: 84899785777     PISSN: 00104620     EISSN: 14602067     Source Type: Journal    
DOI: 10.1093/comjnl/bxt027     Document Type: Article

References (65)

1. Burns, A. and McDermid, J.A. (1994) Real-time safety-critical systems: analysis and synthesis. Softw. Eng. J., 9, 267-281.
2. RTCA DO-178B (1992) Software Considerations in Airborne Systems and Equipment Certification. RTCA, Inc., Washington, DC, USA.
3. ISO/IEC 26262-6:2011 (2011) Road Vehicles-Functional Safety-Part 6: Product Development at the Software Level. International Organization for Standardization, Geneva, Switzerland.
4. Park, C. and Shaw, A.C. (1990) Experiments with a Program Timing Tool Based on Source-level Timing Schema. Proc. 11th Real-Time Systems Symposium (RTSS), Lake Buena Vista, FL, USA, December 5-7, pp. 72-81. IEEE Computer Society, Washington, DC, USA.
5. Wilhelm, R. et al. (2008) The worst-case execution-time problem-overview of methods and survey of tools. ACM Trans. Embed. Comput. Syst., 7, 36:1-36:53.
6. AbsInt. aiT worst-case execution time analyzers. http://www.absint.com/ ait/index.htm (accessed 12 December 2012).
7. Bate, I., Conmy, P.andMcDermid, J.(2000) GeneratingEvidence for Certification of Modern Processors for Use in Safety-critical Systems. Proc. 5th IEEE Int. Symp. on High Assurance Systems Engineering(HASE), Albuquerque, NM, USA, November15-17, pp. 125-134. IEEE Computer Society, Washington, DC, USA.
8. ISO 26262-8:2011 (2011) Road Vehicles-Functional Safety- Part 8: Supporting Processes. International Organization for Standardization, Geneva, Switzerland.
9. Freescale Semiconductor, Inc. P4080 product summary page. http://www.freescale.com/webapp/sps/site/prod-summary.jsp? code=P4080 (accessed 16 December 2012).
10. Arnold, R., Mueller, F., Whalley, D. and Harmon, M. (1994) Bounding Worst-case Instruction Cache Performance. Proc. 15th Real-Time Systems Symposium (RTSS), San Juan, Puerto Rico, December 7-9, pp. 172-181. IEEE Computer Society, Washington, DC, USA.
11. Chapman, R. (1995) Static timing analysis and program proof. DPhil Thesis, University ofYork, York, UK.
12. Ferdinand, C. (1997) Cache behavior prediction for realtime systems. PhD Thesis, Saarland University Saarbrücken, Germany.
13. Grund, D., Reineke, J. and Gebhard, G. (2011) Branch target buffers: WCET analysis framework and timing predictability. J. Syst. Archit., 57, 625-637.
14. Chattopadhyay, S. and Roychoudhury, A. (2009) Unified Cache Modeling for WCET Analysis and Layout Optimizations. Proc. 30th Real-Time Systems Symposium (RTSS), Washington, DC, USA, December 1-4, pp. 47-56. IEEE Computer Society, Washington, DC, USA.
15. Edgar, S. and Burns, A. (2001) Statistical Analysis of WCET for Scheduling. Proc. 22th Real-Time Systems Symposium (RTSS), London, UK, December 3-6, pp. 215-224. IEEE Computer Society, Washington, DC, USA.
16. Bernat, G., Colin, A. and Petters, S.M. (2002) WCET Analysis of Probabilistic Hard Real-time Systems. Proc. 23rd Real-Time Systems Symposium (RTSS), Austin, TX, USA, December 3-5, pp. 279-288. IEEE Computer Society, Washington, DC, USA.
17. Wheeler, S., Bate, I. and Bartlett, M. (2011) Video Subset Selection for Measurement Based Worst Case Execution Time Analysis. Proc. 6th Int. Symp. on Industrial Embedded Systems (SIES), Västerås, Sweden, June 15-17, pp. 213-222. IEEE Computer Society, Washington, DC, USA.
18. Wegener, J., Sthamer, H., Jones, B.F. and Eyres, D.E. (1997) Testing real-time systems using genetic algorithms. Softw. Qual. J., 6, 127-135.
19. Khan, U. and Bate, I. (2009) WCET Analysis of Modern Processors Using Multi-criteria Optimisation. Proc. 1st Int. Symp. on Search Based Software Engineering (SSBSE), Windsor, UK, May 13-15, pp. 103-112. IEEE Computer Society, Washington, DC, USA.
20. Bate, I. and Khan, U. (2011) WCET analysis of modern processors using multi-criteria optimisation. Empir. Softw. Eng., 16, 5-28.
21. Betts, A., Merriam, N. and Bernat, G. (2010) Hybrid Measurement-based WCET Analysis at the Source Level Using Object-level Traces. Proc. 10th Int. Workshop on Worst-Case Execution Time Analysis (WCET), Brussels, Belgium, July 6, pp. 54-63. Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik, Dagstuhl, Germany.
22. Rapita Systems (2011) RapiTime explained. Electronic white paper: http://www.rapitasystems.com/downloads/rapitime- explained-white-paper (accessed 12 January 2012).
23. Bernat, G., Burns, A. and Newby, M. (2005) Probabilistic timing analysis: an approach using copulas. J. Embed. Comput., 1, 179-194.
24. Colin, A. and Petters, S. (2003) Experimental Evaluation of Code Properties for WCET Analysis. Proc. 24th Real-Time Systems Symposium (RTSS), Cancún, Mexico, December 3-5, pp. 190-199. IEEE Computer Society, Washington, DC, USA.
25. Bate, I. and Burns, A. (2003) An integrated approach to scheduling in safety-critical embedded control systems. RealTime Syst., 25, 5-37.
26. Kopetz, H. (2011) Real-Time Systems: Design Principles for Distributed Embedded Applications (2nd edn). Springer, New York.
27. Joseph, M. and Pandya, P. (1986) Finding response times in a real-time system. Comput. J., 29, 390-395.
28. Audsley, N. and Wellings, A. (1996) Analysing APEX Applications. Proc. 17th Real-Time Systems Symposium (RTSS), Los Alamitos, CA, USA, December 4-6, pp. 39-44. IEEE Computer Society, Washington, DC, USA.
29. Bate, I. and Burns, A. (1999) An Approach to Task Attribute Assignment for Uniprocessor Systems. Proc. 11th Euromicro Conf. on Real-Time Systems, York, UK, June 9-11, pp. 46-53. IEEE Computer Society, Washington, DC, USA.
30. Lee, C.-G., Hahn, J., Seo, Y.-M., Min, S.L., Ha, R., Hong, S., Park, C.Y., Lee, M. and Kim, C.S. (1997) Enhanced Analysis of Cache-related Preemption Delay in Fixed-priority Preemptive Scheduling. Proc. 18th Real-Time Systems Symposium (RTSS), San Francisco, CA, USA, December 2-5, pp. 187-198. IEEE Computer Society, Washington, DC, USA.
31. Lee, C.-G., Hahn, J., Seo, Y.-M., Min, S.L., Ha, R., Hong, S., Park, C.Y., Lee, M. and Kim, C.S. (1998) Analysis of cache-related preemption delay in fixed-priority preemptive scheduling. IEEE Trans. Comput., 47, 700-713.
32. Chattopadhyay, S., Roychoudhury, A. and Mitra, T. (2010) Modeling Shared Cache and Bus in Multi-cores for Timing Analysis. Proc. 13th Int. Workshop on Software & Compilers for Embedded Systems (SCOPES), St. Goar, Germany, June 19-21, pp. 6:1-6:10. ACM, New York, NY, USA.
33. Audsley, N.C., Burns, A., Davis, R.I., Tindell, K.W. and Wellings, A.J. (1995) Fixed priority pre-emptive scheduling: An historical perspective. Real-Time Syst., 8, 173-198.
34. Hutchesson, S. and Hayes, N. (1998) Technology Transfer and Certification Issues in Safety Critical Real Time Systems. Digest of the IEE Colloquium on Real-Time Systems, York, UK, April 21, pp. 2/1-2/4. IET, London, UK.
35. Defence Standard 00-56 (2007) Safety Management Requirements for Defence Systems, Issue 4, Part 1: Requirements. Ministry of Defence, Glasgow, UK.
36. EUROCAE ED-12B (2012)SoftwareConsiderations inAirborne Systems and Equipment Certification. EUROCAE, Malakoff, France.
37. EUROCAE ED-12C (2012)SoftwareConsiderations inAirborne Systems and Equipment Certification. EUROCAE, Malakoff, France.
38. RTCA DO-178C (2011) Software Considerations in Airborne Systems and Equipment Certification. RTCA, Inc., Washington, DC, USA.
39. RTCA DO-248B (2001) Final Report For Clarification Of DO-178B 'Software Considerations In Airborne Systems And Equipment Certification'. RTCA, Inc., Washington, DC, USA.
40. Kelly, T., Bate, I., McDermid, J. and Burns, A. (1997) Building a Preliminary Safety Case: An Example from Aerospace. Proc. 1997 Australian Workshop on Industrial Experience with Safety Critical Systems and Software, Sydney, Australia, October 3. Australian Computer Society, Inc., Sydney, Australia.
41. Defence Standard 00-56 (2007) Safety Management Requirements for Defence Systems, Issue 4, Part 2: Guidance on Establishing a Means of Complying with Part 1. Ministry of Defence, Glasgow, UK.
42. Kelly, T.P. (1998) Arguing safety-a systematic approach to managing safety cases. DPhil Thesis, University of York York, UK.
43. Bate, I. and Kelly, T. (2003) Architectural considerations in the certification of modular systems. Reliab. Eng. Syst. Saf., 81, 303-324.
44. Attwood, K. et al. (2011) GSN Community Standard Version 1. Origin Consulting Limited, York, UK.
45. Liu, J.W.S. (2000) Real-Time Systems. Prentice Hall, Upper Saddle River, NJ, USA.
46. Burns, A. and Wellings, A. (2001) Real-Time Systems and Programming Languages:Ada 95, Real-time Java, and Real-time POSIX (3rd edn). Addison Wesley, London, UK.
47. Buttazzo, G.C. (2004) Hard Real-time Computing Systems: Predictable Scheduling Algorithms And Applications. Real-Time Systems Series. Springer TELOS, Santa Clara, CA, USA.
48. Souyris, J. (2004) Industrial Experience of Abstract Interpretation-based Static Analyzers. Building the Information Society: Proc. IFIP 18th World Computer Congress, Tolouse, France, August 22-27, pp. 393-400. Springer, Boston.
49. Leveson, N. and Turner, C. (1993)An investigation of the Therac-25 accidents. IEEE Comput., 26, 18-41.
50. Aircraft Accident Report No. 4/90 (EW/C1095) (1990) Report on the accident to Boeing 737-400-G-OBME near Kegworth, Leicestershire on 8 January 1989. Air Accidents Investigation Branch, Department of Transport, Aldershot, UK.
51. IAWG-MSSC-0401 (2010) IAWG Modular Software Safety Case Process Guidance on Process for an ASAAC Architecture, Issue 1. Industrial Avionics Working Group, Rochester, UK.
52. Wilson, S.P., Kelly, T.P. and McDermid, J.A. (1997) Safety Case Development: Current Practice, Future Prospects. Proc. 12th Annual CSR Workshop of Software-Based Systems, Bruges, Belgium, September 12-15, 1995, pp. 135-156. Springer, London, UK.
53. Grunske, L. (2006) Towards an Integration of Standard Component-based Safety EvaluationTechniques with SaveCCM. Quality of Software Architectures: Proc. 2nd Int. Conf. on Quality of Software Architectures (QoSA), Västerås, Sweden, June 27-29, pp. 199-213. Springer, Berlin/Heidelberg, Germany.
54. Menon, C., Hawkins, R. and McDermid, J. (2009) Interim standard of best practice on software in the context of DS 00-56 Issue 4, Issue 1. Interim Standard of Best Practice SSEI-BP-000001. Software Systems Engineering Initiative, York, UK.
55. Schoeberl, M. and Puschner, P. (2009) Is Chip-multiprocessing the End of Real-time Scheduling? Proc. 9th Int. Workshop on Worst-Case Execution Time Analysis (WCET), Dublin, Ireland, July 1-3, pp. 1-11. Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik, Dagstuhl, Germany.
56. Bonenfant, A. et al. (2010) Coding Guidelines for WCET Analysis Using Measurement-based and Static Analysis Techniques. Technical Report IRIT/RR-2010-8-FR. Institut de Recherche en Informatique de Toulouse, Toulouse, France.
57. ISO/IEC TR 24772:2010(E) (2010) Information Technology- Programming Languages-Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use (1.0 edn). International Organization for Standardization, Geneva, Switzerland.
58. Kelly, T.P. (2001) Concepts and Principles of Compositional Safety Cases. Research Report COMSA/2001/1/1. University of York, York, UK.
59. Pitter, C. (2008) Time-predictable Memory Arbitration for a Java Chip-multiprocessor. Proc. 6th Int. Workshop on Java Technologies for Real-Time and Embedded Systems (JTRES), Santa Clara, CA, USA, September 24-26, pp. 115-122. ACM, NewYork, NY, USA.
60. PROARTIS (2010). Probabilistic analysis takes critical real-time safety certification and verification to new level, says EU project. Electronic document.
61. Ungerer, T. et al. (2010) Merasa: Multicore execution of hard real-time applications supporting analyzability. IEEE Micro, 30, 66-75.
62. Yan, J. and Zhang, W. (2008) WCET Analysis for Multi-core Processors with Shared L2 Instruction Caches. Proc. Real-Time and Embedded Technology and Applications Symposium (RTAS), St. Louis, MO, USA, April 22-24, pp. 80-89. IEEE Computer Society, Washington, DC, USA.
63. Zhang, W. and Yan, J. (2009) Accurately Estimating Worst-case Execution Time for Multi-core Processors with Shared Direct-mapped Instruction Caches. Proc. 15th Int. Conf. on Embedded and Real-Time Computing Systems and Applications (RTCSA), Beijing, China, August 24-26, pp. 455-463. IEEE Computer Society, Washington, DC, USA.
64. Li, Y., Suhendra, V., Liang, Y., Mitra, T. and Roychoudhury, A. (2009) Timing Analysis of Concurrent Programs Running on Shared Cache Multi-cores. Proc. 30th Real-Time Systems Symposium (RTSS), Washington, DC, USA, December 1-4, pp. 57-67. IEEE Computer Society, Washington, DC, USA.
65. Hawkins, R., Kelly, T., Knight, J. and Graydon, P. (2011) A New Approach to Creating Clear Safety Arguments. Advances in Systems Safety: Proc. 19th Safety-Critical Systems Symposium, Southampton, UK, February 8-10, pp. 3-23. Springer, London, UK.