A Structured Approach to the Formal Certification of Safety of Computer Aided Development Tools.

Acknowledgments The authors wish to acknowledge the following people for their contributions to this article: Joseph Poole, NIST; Wayne Salamon, NIST; James Graham, NIST; Uma Satyen, The MITRE Corporation ... The general characteristics of formal methods for software development were addressed, examples of using the Z Formal Method were given, and a demonstration of the tool CADIZ (Computer Aided Design in ... "A Development of Hazard Analysis to Aid Software Design" was presented by John McDermid and D. J. Pumfrey (University of York). ...

doi:10.6028/jres.099.072 fatcat:xcmn2ohgsjenrjvve36m63chye

DOAJ Multiple Versions

Extensive literature review of the subject is given, including current views on and experiences of chip manufacturers and EDA industry with qualification of hardware design tools, including formal approaches ... A B S T R A C T This paper discusses issues related to the RTCA document DO-254 Design Assurance Guidance for Airborne Electronic Hardware and its consequences for hardware certification. ... Findings contained herein are not necessarily those of the FAA. The authors are grateful to the anonymous reviewers for constructive comments. ...

doi:10.1016/j.arcontrol.2009.12.003 fatcat:tqz3ftovubcclcsuu5bypjlelm

The necessary normative measures that are covered are discussed. The algorithm and our methodology have been certified for use in applications up to SIL 3 of IEC 61508-3 by a certification authority. ... Throughout, issues we recognised as being important for a successful application of formal methods in the domain at hand are highlighted. ... With regard to software design and development (A.4), four out of six measures are covered: the use of formal methods, of computer-aided design tools, of design and coding guidelines, and of structured ...

doi:10.1007/978-3-642-15651-9_26 fatcat:6z5sorcyfba65auf2dttrkm3jm

Specifically, the AutoCert tool supports certification by formally verifying that the generated code is free of different safety violations, by constructing an independently verifiable certificate, and ... Since the direct V&V of code generators is too laborious and complicated due to their complex (and often proprietary) nature, we have developed a generator plug-in to support the subsequent certification ... Specifically, our tool supports certification by formally verifying that the generated code is free of a range of safety violations, by constructing an independently verifiable certificate, and by explaining ...

doi:10.1109/aero.2008.4526576 fatcat:qf7eavtftzdfldfrqbpsdc7riu

To improve the current state of practice, we introduce a structured ACG tool which uses system design artifacts, accumulated evidence, and developer expertise to construct a safety case and evaluate it ... We also illustrate the applicability of the ACG tool on a remote-control car testbed case study. ... Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of DARPA or AFRL. ...

arXiv:2003.05388v1 fatcat:hdrbapttfnghnir23fhp63uaxy

Some results of the authors' own study on tool qualification are presented. ... Extensive literature review of the subject is given, including current views on and experiences with qualification of hardware design tools. ... Findings contained herein are not necessarily those of the FAA. ...

doi:10.3182/20090210-3-cz-4002.00005 fatcat:xklmphvk25f43jcg2uvglcrsb4

The majority of the papers propose various solutions to achieve safety, and about half of the papers refer to non-standardised approaches that mainly address the methodical rather than the development ... The purpose of the study is to identify practices used for the development of autonomous field robots and how these practices relate to available safety standards. ... Title Subject/Contribution [38] Guaranteeing Functional Safety: Design for Provability and Computer-Aided Verification certification of safety zones for vehicles and robots. ...

doi:10.1007/978-3-319-26844-6_25 fatcat:ppn3d45ecnbcxonzcondl73iqi

This paper provides a discussion of our experiences pertaining to (a) the methodology for creating and structuring safety arguments containing heterogeneous reasoning and information (b) the comprehensibility ... Our approach combines formal and non-formal reasoning, yielding a semi-automatically assembled safety case, in which part of the argument for autopilot software safety is automatically generated from formal ... Through this approach, we are able to integrate formal reasoning into the construction of a (software) safety case. ...

doi:10.1109/dsn.2012.6263939 dblp:conf/dsn/DenneyPH12 fatcat:gbc4fcnvzjdyhl3ezsd354cxkm

We outline the current approach to certification of aircraft software, and the rôle of the DO-178B guidelines. We consider evidence for its effectiveness and discuss possible explanations for this. ... We then describe how changes in aircraft systems and in the air traffic system pose new challenges for certification, chiefly by increasing the extent of interaction and integration. ... One, relatively new, approach requires the "applicant" to develop a safety case [8, 18] that makes explicit the claims, evidence, and argument for the safety of the system; the general content or form ...

doi:10.1145/2038642.2038675 dblp:conf/emsoft/Rushby11 fatcat:h7llozqz75fn3pgr7hn67ienb4

This, together with the sheer complexity of robotic systems, leads us to argue that diverse formal techniques must be integrated in order to develop, verify, and provide certification evidence for, robotic ... Furthermore, we propose the fast evolving field of robotics as an ideal catalyst for the advancement of integrated formal methods research, helping to drive the field in new and exciting directions and ... This approach could also aid in the verification of heterogeneous teams of robots as discussed in §2.3. ...

doi:10.1007/978-3-319-98938-9_10 fatcat:kklbl7yxjzdb5exiom2z5valma

Multiple Versions

Railway signalling software and safety requirements are summarized, and three short examples of the application of new methods to the assurance of dependability are provided. ... The strengths and shortcomings of existing methods relative to application needs are illustrated. ... A prototype tool called SF2SMV was developed for applying the model checking capability of SMV to the state chart structures in Stateflow™, 2 a MATLAB™ toolbox for implementing discrete-state transition ...

doi:10.3182/20050703-6-cz-1902.01432 fatcat:6msyr6tljnf2zkoi7rw4x2diyq

This deliverable summarizes consortium experience and expectations for a number of tools that can support high-assurance development for embedded systems. ...  Field Site Level: This level was composed by the Acquisition System. This system ... In order not to stifle creativity by a too formal approach, it was intentionally left optional, whether a description was more based on a specific tool or a specific technique. ...

doi:10.5281/zenodo.2586480 fatcat:nd3vi7gqt5ewjfnghfmzed4j4a

Open Access

models based on this approach, including mechanisms for protecting information and knowledge from unauthorized access, certificates that describe the level of trust and the design of a secure user interface ... The investigations were presented in light of safety mechanisms whose implementation is necessary when using a semantic approach in describing the organizational knowledge resources and creating new business ... A basic notion in the management of formal knowledge is development of ontology as a common layer of terms for managers and computer programs (Cardoso,et al., 2008; Goczyła, 2011) . ...

doi:10.2478/czoto-2019-0121 fatcat:ku65e43qmfb2flhied3r7wlso4

Open Access

In this paper we begin by examining the "certification" of a consumer product, a baby walker, that is product-focused, i.e., the certification process requires the performance of precisely defined tests ... We then review current practices in software certification and contrast the software regime's process-oriented approach to certification with the product-oriented approach typically used in other engineering ... Structural coverage for testing plays a key role in development and certification of safety-critical software. ...

doi:10.1007/978-3-642-12566-9_13 fatcat:qshwp3wmnrhzzgpyy3wxriknv4

of a known critical error and to one case study where we anticipate potential safety hazards. ... In this article, we propose a formal framework for the effective implementation of traceability between work product sections along with a technique for discovering potential causes of critical failures ... Hayhurst from the NASA Langley Research Center for providing us with a full set of work products (full documentation and source code) for the Guidance and Control Software (GCS) case study. ...

doi:10.1109/tse.2006.103 fatcat:fg3yznbynreapmfi6edqorurha

Compass '94, Ninth Annual Conference on Computer Assurance - Gaithersburg, Md - June 27 July 1, 1994

Preserved Fulltext

Hardware certification for real-time safety-critical systems: State of the art

Preserved Fulltext

Experiences in Applying Formal Verification in Robotics [chapter]

Preserved Fulltext

A Software Safety Certification Tool for Automatically Generated Guidance, Navigation and Control Code

Preserved Fulltext

A Methodology for Automating Assurance Case Generation [article]

Preserved Fulltext

Hardware Certification for Safety-Critical Real-Time Systems

Preserved Fulltext

On the Use of Safety Certification Practices in Autonomous Field Robot Software Development: A Systematic Mapping Study [chapter]

Preserved Fulltext

Perspectives on software safety case development for unmanned aircraft

Preserved Fulltext

New challenges in certification for aircraft software

Preserved Fulltext

Robotics and Integrated Formal Methods: Necessity Meets Opportunity [chapter]

Preserved Fulltext

Other Versions

DEPENDABLE SOFTWARE IN RAILWAY SIGNALLING

Preserved Fulltext

List of tools and techniques applicable for high and medium assurance for efficient assurance

Preserved Fulltext

Semantic Description of the Organizational Knowledge Resources - Selected Aspects of Security

Preserved Fulltext

On Software Certification: We Need Product-Focused Approaches [chapter]

Preserved Fulltext

Hidden Implementation Dependencies in High Assurance and Critical Computing Systems

Preserved Fulltext