skip to main content

Attention:

The NSF Public Access Repository (NSF-PAR) system and access will be unavailable from 11:00 PM ET on Friday, July 12 until 2:00 AM ET on Saturday, July 13 due to maintenance. We apologize for the inconvenience.


This content will become publicly available on September 1, 2024

Title: GRuM — A flexible model-driven runtime monitoring framework and its application to automated aerial and ground vehicles
When dealing with safety-critical systems, various regulations, standards, and guidelines stipulate stringent requirements for certification and traceability of artifacts, but typically lack \rev{details} with regards to the corresponding software engineering process. Given the industrial practice of only using semi-formal notations for describing engineering processes with the lack of proper tool mapping engineers and developers need to invest a significant amount of time and effort to ensure that all steps mandated by quality assurance are followed. The sheer size and complexity of systems and regulations make manual, timely feedback from Quality Assurance (QA) engineers infeasible. In order to address these issues, in this paper, we propose a novel framework for tracking, and ``passively'' executing processes in the background, automatically checking QA constraints depending on process progress, and informing the developer of unfulfilled QA constraints. We evaluate our approach by applying it to three case studies: a safety-critical open-source community system, a safety-critical system in the air-traffic control domain, and a non-safety-critical, web-based system. Results from our analysis confirm that trace links are often corrected or completed after the work step has been considered finished, and the engineer has already moved on to another step. Thus, support for timely and automated constraint checking has significant potential to reduce rework as the engineer receives continuous feedback already during their work step.  more » « less
Award ID(s):
1931962
NSF-PAR ID:
10468153
Author(s) / Creator(s):
; ; ; ;
Publisher / Repository:
Elsevier
Date Published:
Journal Name:
Journal of Systems and Software
Volume:
203
Issue:
C
ISSN:
0164-1212
Page Range / eLocation ID:
111733
Subject(s) / Keyword(s):
Cyber-Physical Systems Runtime Monitoring Model-Driven Engineering
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. When dealing with safety–critical systems, various regulations, standards, and guidelines stipulate stringent requirements for certification and traceability of artifacts, but typically lack details with regards to the corresponding software engineering process. Given the industrial practice of only using semi-formal notations for describing engineering processes – with the lack of proper tool mapping – engineers and developers need to invest a significant amount of time and effort to ensure that all steps mandated by quality assurance are followed. The sheer size and complexity of systems and regulations make manual, timely feedback from Quality Assurance (QA) engineers infeasible. In order to address these issues, in this paper, we propose a novel framework for tracking, and “passively” executing processes in the background, automatically checking QA constraints depending on process progress, and informing the developer of unfulfilled QA constraints. We evaluate our approach by applying it to three case studies: a safety–critical open-source community system, a safety–critical system in the air-traffic control domain, and a non-safety–critical, web-based system. Results from our analysis confirm that trace links are often corrected or completed after the work step has been considered finished, and the engineer has already moved on to another step. Thus, support for timely and automated constraint checking has significant potential to reduce rework as the engineer receives continuous feedback already during their work step. 
    more » « less
  2. null (Ed.)
    Regulations, standards, and guidelines for safety-critical systems stipulate stringent traceability but do not prescribe the corresponding, detailed software engineering process. Given the industrial practice of using only semi-formal notations to describe engineering processes, processes are rarely ``executable'' and developers have to spend significant manual effort in ensuring that they follow the steps mandated by quality assurance. The size and complexity of systems and regulations makes manual, timely feedback from Quality Assurance (QA) engineers infeasible. In this paper we propose a novel framework for tracking processes in the background, automatically checking QA constraints depending on process progress, and informing the developer of unfulfilled QA constraints. We evaluate our approach by applying it to two different case studies; one open source community system and a safety-critical system in the air-traffic control domain. Results from the analysis show that trace links are often corrected or completed after the fact and thus timely and automated constraint checking support has significant potential on reducing rework. 
    more » « less
  3. As assurance cases have grown in popularity for safety-critical systems, so too has their complexity and thus the need for methods to systematically build them. Assurance cases can grow too large and too abstract for anyone but the original builders to understand, making reuse difficult. Reuse is important because different systems might have identical or similar components, and a good solution for one system should be applicable to similar systems. Prior research has shown engineers can alleviate some of the complexity issues through modularity and identifying common patterns which are more easily understood for reuse across different systems. However, we believe these patterns are too complicated for users who lack expertise in software engineering or assurance cases. This paper suggests the concept of lower-level patterns which we call recipes. We use the safety-critical field of synthetic biology, as an example discipline to demonstrate how a recipe can be built and applied. 
    more » « less
  4. We present a principal-agent model of a one-shot, shallow, systems engineering process. The process is "one-shot" in the sense that decisions are made during a one-time step and that they are final. The term "shallow" refers to a one-layer hierarchy of the process. Specifically, we assume that the systems engineer has already decomposed the problem in subsystems and that each subsystem is assigned to a different subsystem engineer. Each subsystem engineer works independently to maximize their own expected payoff. The goal of the systems engineer is to maximize the system-level payoff by incentivizing the subsystem engineers. We restrict our attention to requirements-based system-level payoffs, i.e., the systems engineer makes a profit only if all the design requirements are met. We illustrate the model using the design of an Earth-orbiting satellite system where the systems engineer determines the optimum incentive structures and requirements for two subsystems: the propulsion subsystem and the power subsystem. The model enables the analysis of a systems engineer's decisions about optimal passed-down requirements and incentives for sub-system engineers under different levels of task difficulty and associated costs. Sample results, for the case of risk-neutral systems and subsystems engineers, show that it is not always in the best interest of the systems engineer to pass down the true requirements. As expected, the model predicts that for small to moderate task uncertainties the optimal requirements are higher than the true ones, effectively eliminating the probability of failure for the systems engineer. In contrast, the model predicts that for large task uncertainties the optimal requirements should be smaller than the true ones in order to lure the subsystem engineers into participation. 
    more » « less
  5. null (Ed.)
    Purpose Due to the complexity of and variations in additive manufacturing (AM) processes, there is a level of uncertainty that creates critical issues in quality assurance (QA), which must be addressed by time-consuming and cost-intensive tasks. This deteriorates the process repeatability, reliability and part reproducibility. So far, many AM efforts have been performed in an isolated and scattered way over several decades. In this paper, a systematically integrated holistic view is proposed to achieve QA for AM. Design/methodology/approach A systematically integrated view is presented to ensure the predefined part properties before/during/after the AM process. It consists of four stages, namely, QA plan, prospective validation, concurrent validation and retrospective validation. As a foundation for QA planning, a functional workflow and the required information flows are proposed by using functional design models: Icam DEFinition for Function Modeling. Findings The functional design model of the QA plan provides the systematically integrated view that can be the basis for inspection of AM processes for the repeatability and qualification of AM parts for reproducibility. Research limitations/implications A powder bed fusion process was used to validate the feasibility of this QA plan. Feasibility was demonstrated under many assumptions; real validation is not included in this study. Social implications This study provides an innovative and transformative methodology that can lead to greater productivity and improved quality of AM parts across industries. Furthermore, the QA guidelines and functional design models provide the foundation for the development of a QA architecture and management system. Originality/value This systematically integrated view and the corresponding QA plan can pose fundamental questions to the AM community and initiate new research efforts in the in-situ digital inspection of AM processes and parts. 
    more » « less