SlideShare ist ein Scribd-Unternehmen logo

Qualification of Eclipse-based Tools according to ISO 26262

Oscar Slotosch
Oscar Slotosch
Technologie
1 von 23
Downloaden Sie, um offline zu lesen
Validas AG Method for Qualification of Eclipse- based Tools according to ISO 26262 4.11.2010 Dr. Oscar Slotosch
Page 2 Validas AG Content ‣Motivation for Tool Qualification ‣ISO 26262 Requirements ‣Tool Chain Analysis ‣Application to Eclipse ‣Summary
Page 3 Validas AG Motivation for Tool Qualification ‣Development tools can have errors that - Cause errors in the product - Hide errors in the product ‣Both has to be avoided ‣Safety standards require to protect customer from them - IEC 65108 - ISO 26262 - DO178 B/C ‣Product verification is required ‣Tool confidence is required
Page 4 Validas AG 4Seite 19.11.2009 Validas AG ÷ 11 11 00
Page 5 Validas AG Content ‣Motivation for Tool Qualification ‣ISO 26262 Requirements ‣Tool Chain Analysis ‣Application to Eclipse ‣Summary
Page 6 Validas AG ISO 26262 Requirements on Tools Part 8, Chapter 11: Tool Qualification ‣ Analyze all used tools (the complete “Tool Chain”) - Use cases - Inputs/outputs ‣ Determine impact on safety of the product - TI1: No impact => Tool Confidence Level (TCL 1) - TI2: Impact: For all potential errors determine tool detection (TD) probability in the applied process • TD1: High => tool has TCL 1 • TD2: Medium => tool has TCL 2 • TD3: other => tool has TCL 3 ‣ For a given ASIL and TCL select the qualification methods: all “++” or an equivalent combination ‣ Make a “Confirmation Review” of - TCL classification - Qualification methods of the tools
Page 7 Validas AG Confidence from Use Sufficient and adequate data for the use of the tool with ‣Tool version and configuration ‣Comparable use cases ‣Systematic error recording ‣details of the period of use and relevant data on its use ‣the safeguards, avoidance measures or work-arounds for the known malfunctions, or detection measures for a corresponding erroneous output, if applicable The increased confidence from use argument shall only be valid for the considered version of the software tool In Eclipe there is a Usage Data Collector that uploads usage data But where is the download? And where are the malfunctions and safeguards?
Page 8 Validas AG Evaluation of the Development Process The development process applied for the development of the software tool shall comply with an appropriate standard (?!) ‣NOTE For open source developments some of the standards used by those communities can also be appropriate ‣This assessment covers the development of an adequate and relevant subset of the features of the software tool (Automotive SPICE, CMMI, ISO 15504, etc.) Where are the details, like tests?
Page 9 Validas AG Validation the validation measures shall demonstrate that the software tool fulfils its specified requirements ‣Tests for functional and non-functional aspects ‣the malfunctions and their corresponding erroneous outputs of the software tool occurring during validation shall be analysed together with information on their possible consequences and with measures to avoid or detect them ‣the reaction of the software tool to anomalous operating conditions shall be examined ‣Validation suites can be build
Page 10 Validas AG Content ‣Motivation for Tool Qualification ‣ISO 26262 Requirements ‣Tool Chain Analysis ‣Application to Eclipse ‣Summary
Page 11 Validas AG Tool Chain Analysis ‣Validas developed a method to determine the TCL automatically ‣Based on a simple but formal tool model with - Tools, use cases, artefacts - Data flow, control flow ‣Enriched by specification of - Errors - Detection and prevention - Probabilities ‣Tool: Tool Chain Analyzer
Page 12 Validas AG Tool Chain Analyzer
Page 13 Validas AG Results of a Simple Example All tools have TCL 3 (unchecked errors) Error Flow Control Flow Data Flow Artefacts Process Tool / Use Case make dcc lcc
Page 14 Validas AG Results of an Extended Example Make has TCL 1 (all errors checked with TD1) make dcc lcc
Page 15 Validas AG Tool Qualification Lessons ‣New standards require to analyze all tools in the process for “potential errors that affect the safety” ‣One tool can have different TCLs in different processes ‣Reduction of TCL in the process causes effort ‣A high TCL saves the effort for detecting the tool errors in development ‣Required information for TCL determination - Application (Product development) process (from the user) - Uses cases of tools (from user/supplier) - Potential errors (from supplier) - Error detection and prevention methods (from supplier) ‣Tool Chain Analysis automatically determines the TCL
Page 16 Validas AG Content ‣Motivation for Tool Qualification ‣ISO 26262 Requirements ‣Tool Chain Analysis ‣Application to Eclipse ‣Summary
Page 17 Validas AG Eclipse Applications ‣ Structure of Eclipse Applications: - Plugins - Bundles - Packages - Functions ‣ Potential Errors (in each part) - Exceptions - Assertions - Semantic Errors ‣ Error Detection - Catch - Stack Traces - Assertions - Tests
Page 18 Validas AG Example: Tool Chain Analyzer ‣ RCP Application ‣ Based on an ecore model with EMF generator ‣ Plugin architecture ‣ Based on ISO 26262 and formal semantics ‣ Use cases - TCL determination - Generation of documentation / explanations - Generation of graphical views ‣ Saftey Critical Errors: - Wrong Classification (TCL) ‣ Not critical: - Exceptions, Crashes, Dialogs, Persistency,..
Page 19 Validas AG Bundles and Dependencies ‣Base model (Tools): determined from the OSGI structures ‣TODO: potential errors and possible checks ‣TCL has method to analyze it‘s own dependecies and generates the base models ‣Could be generated from every eclipse tool architecture ‣Basis for error analysis ?
Page 20 Validas AG TCA Classification Information ‣ The TCA provides the following use cases - Textual export with potential errors • Wrong TCL ❖ Ignoring reachable checks ❖ Using unreachable checks • Wrong Conformance check of ASIL / Qualification - Graphical export (for debugging) with irrelevant errors - Determination of TCL within the tree view (for development) with irrelevant errors ‣ If textual export is reviewed (against the above errors) the TCA has TCL 1 ‣ If the export is not reviewed it would have TCL 3 - We could build a validation suite for TCL 3 (ASIL D) with • test automatization • our tests models • comparing the TCA results with its formal semantics and • a coverage measurement (EMMA) ‣ Since „confirmation review“ is required in ISO 26262 the TCA has TCL 1
Page 21 Validas AG Content ‣Motivation for Tool Qualification ‣ISO 26262 Requirements ‣Tool Chain Analysis ‣Application to Eclipse ‣Summary
Page 22 Validas AG Summary ‣ ISO 26262 requires to check all used tools for confidence ‣ Tool Confidence Level (TCL) depends on the application process ‣ Tool User - has to classify tools - can restrict to safety relevant functions - check the result of tools (manually or by redundancy) ‣ Tool provider/developer (of each plugin) should - provide information on use cases and tools - provide information on potential errors and checks - can NOT restrict to safety relevant functions - provide help for qualification of tools • Usage information on versions, configuration • Development process • Test cases / code coverage ‣ Tool Chain Analyzer has TCL 1, but requires manual review ‣ Validation with Coverage Measurement can reduce reviews
Page 23 Validas AG Arnulfstraße 27 80335 München www.validas.de info@validas.de Your partner for innovation in embedded quality Thank You !

Empfohlen

ISO 26262 2nd Edition
ISO 26262 2nd EditionISO 26262 2nd Edition
ISO 26262 2nd EditionCedric Heller
 
Automotive functional safety iso 26262 training bootcamp 2019
Automotive functional safety iso 26262 training bootcamp 2019Automotive functional safety iso 26262 training bootcamp 2019
Automotive functional safety iso 26262 training bootcamp 2019Tonex
 
ISO26262-6 Software development process (Ver 3.0)
ISO26262-6 Software development process (Ver 3.0)ISO26262-6 Software development process (Ver 3.0)
ISO26262-6 Software development process (Ver 3.0)Hongseok Lee
 
End to End Communication protection
End to End Communication protectionEnd to End Communication protection
End to End Communication protectionSibiKrishnan
 
ISO 26262 Unit Testing | Functional Safety in Automotive
ISO 26262 Unit Testing | Functional Safety in Automotive ISO 26262 Unit Testing | Functional Safety in Automotive
ISO 26262 Unit Testing | Functional Safety in Automotive Embitel Technologies (I) PVT LTD
 
Developing functional safety systems with arm architecture solutions stroud
Developing functional safety systems with arm architecture solutions stroudDeveloping functional safety systems with arm architecture solutions stroud
Developing functional safety systems with arm architecture solutions stroudArm
 
ISO 26262 introduction
ISO 26262 introductionISO 26262 introduction
ISO 26262 introductionKoenLeekens
 
Linux Audio Drivers. ALSA
Linux Audio Drivers. ALSALinux Audio Drivers. ALSA
Linux Audio Drivers. ALSAGlobalLogic Ukraine
 

Empfohlen

ISO 26262 2nd Edition
ISO 26262 2nd EditionISO 26262 2nd Edition
ISO 26262 2nd EditionCedric Heller
 
Automotive functional safety iso 26262 training bootcamp 2019
Automotive functional safety iso 26262 training bootcamp 2019Automotive functional safety iso 26262 training bootcamp 2019
Automotive functional safety iso 26262 training bootcamp 2019Tonex
 
ISO26262-6 Software development process (Ver 3.0)
ISO26262-6 Software development process (Ver 3.0)ISO26262-6 Software development process (Ver 3.0)
ISO26262-6 Software development process (Ver 3.0)Hongseok Lee
 
End to End Communication protection
End to End Communication protectionEnd to End Communication protection
End to End Communication protectionSibiKrishnan
 
ISO 26262 Unit Testing | Functional Safety in Automotive
ISO 26262 Unit Testing | Functional Safety in Automotive ISO 26262 Unit Testing | Functional Safety in Automotive
ISO 26262 Unit Testing | Functional Safety in Automotive Embitel Technologies (I) PVT LTD
 
Developing functional safety systems with arm architecture solutions stroud
Developing functional safety systems with arm architecture solutions stroudDeveloping functional safety systems with arm architecture solutions stroud
Developing functional safety systems with arm architecture solutions stroudArm
 
ISO 26262 introduction
ISO 26262 introductionISO 26262 introduction
ISO 26262 introductionKoenLeekens
 
Linux Audio Drivers. ALSA
Linux Audio Drivers. ALSALinux Audio Drivers. ALSA
Linux Audio Drivers. ALSAGlobalLogic Ukraine
 
MISRA C in an ISO 26262 context
MISRA C in an ISO 26262 contextMISRA C in an ISO 26262 context
MISRA C in an ISO 26262 contextAdaCore
 
20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastruc20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastrucCISEC
 
Logging system of Android
Logging system of AndroidLogging system of Android
Logging system of AndroidTetsuyuki Kobayashi
 
19 Jun 2018 - Hazard Analysis and Functional Safety Compliance
19 Jun 2018 - Hazard Analysis and Functional Safety Compliance 19 Jun 2018 - Hazard Analysis and Functional Safety Compliance
19 Jun 2018 - Hazard Analysis and Functional Safety Compliance Intland Software GmbH
 
Android HAL Introduction: libhardware and its legacy
Android HAL Introduction: libhardware and its legacyAndroid HAL Introduction: libhardware and its legacy
Android HAL Introduction: libhardware and its legacyJollen Chen
 
Why safety plan is critical in development of iso 26262 complaint
Why safety plan is critical in development of iso 26262 complaint Why safety plan is critical in development of iso 26262 complaint
Why safety plan is critical in development of iso 26262 complaint Embitel Technologies (I) PVT LTD
 
Keil tutorial
Keil tutorialKeil tutorial
Keil tutorialanishgoel
 
Mixed-critical adaptive AUTOSAR stack based on VxWorks, Linux, and virtualiza...
Mixed-critical adaptive AUTOSAR stack based on VxWorks, Linux, and virtualiza...Mixed-critical adaptive AUTOSAR stack based on VxWorks, Linux, and virtualiza...
Mixed-critical adaptive AUTOSAR stack based on VxWorks, Linux, and virtualiza...Andrei Kholodnyi
 
Secret of Intel Management Engine by Igor Skochinsky
Secret of Intel Management Engine by Igor SkochinskySecret of Intel Management Engine by Igor Skochinsky
Secret of Intel Management Engine by Igor SkochinskyCODE BLUE
 
How to Apply Functional Safety to Autosar ECU's
How to Apply Functional Safety to Autosar ECU'sHow to Apply Functional Safety to Autosar ECU's
How to Apply Functional Safety to Autosar ECU'sRenesas America
 
RISC-V software state of the union
RISC-V software state of the unionRISC-V software state of the union
RISC-V software state of the unionRISC-V International
 
Embedded Android : System Development - Part III (Audio / Video HAL)
Embedded Android : System Development - Part III (Audio / Video HAL)Embedded Android : System Development - Part III (Audio / Video HAL)
Embedded Android : System Development - Part III (Audio / Video HAL)Emertxe Information Technologies Pvt Ltd
 
Autosar software component
Autosar software componentAutosar software component
Autosar software componentFarzad Sadeghi
 
Embedded Linux Kernel - Build your custom kernel
Embedded Linux Kernel - Build your custom kernelEmbedded Linux Kernel - Build your custom kernel
Embedded Linux Kernel - Build your custom kernelEmertxe Information Technologies Pvt Ltd
 
Debugging programs with Keil uVision
Debugging programs with Keil uVisionDebugging programs with Keil uVision
Debugging programs with Keil uVisionSaravananVijayakumar4
 
Autosar Basics hand book_v1
Autosar Basics hand book_v1Autosar Basics hand book_v1
Autosar Basics hand book_v1Keroles karam khalil
 
How to Choose a Software Update Mechanism for Embedded Linux Devices
How to Choose a Software Update Mechanism for Embedded Linux DevicesHow to Choose a Software Update Mechanism for Embedded Linux Devices
How to Choose a Software Update Mechanism for Embedded Linux DevicesLeon Anavi
 
OWASP Dependency-Track Introduction
OWASP Dependency-Track IntroductionOWASP Dependency-Track Introduction
OWASP Dependency-Track IntroductionSergey Sotnikov
 
Iso26262 component reuse_webinar
Iso26262 component reuse_webinarIso26262 component reuse_webinar
Iso26262 component reuse_webinarمحمدعبد الحى
 
OpenSynergy exhibiting at Berlin Tech Job Fair Autumn 2019
OpenSynergy exhibiting at Berlin Tech Job Fair Autumn 2019OpenSynergy exhibiting at Berlin Tech Job Fair Autumn 2019
OpenSynergy exhibiting at Berlin Tech Job Fair Autumn 2019TechMeetups
 
Achieve iso 26262 certification
Achieve iso 26262 certificationAchieve iso 26262 certification
Achieve iso 26262 certificationPRQA
 
TÜV SÜD on functional safety for multi-core architectures
TÜV SÜD on functional safety for multi-core architecturesTÜV SÜD on functional safety for multi-core architectures
TÜV SÜD on functional safety for multi-core architecturesTorben Haagh
 

Weitere ähnliche Inhalte

Was ist angesagt?

MISRA C in an ISO 26262 context
MISRA C in an ISO 26262 contextMISRA C in an ISO 26262 context
MISRA C in an ISO 26262 contextAdaCore
 
20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastruc20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastrucCISEC
 
19 Jun 2018 - Hazard Analysis and Functional Safety Compliance
19 Jun 2018 - Hazard Analysis and Functional Safety Compliance 19 Jun 2018 - Hazard Analysis and Functional Safety Compliance
19 Jun 2018 - Hazard Analysis and Functional Safety Compliance Intland Software GmbH
 
Android HAL Introduction: libhardware and its legacy
Android HAL Introduction: libhardware and its legacyAndroid HAL Introduction: libhardware and its legacy
Android HAL Introduction: libhardware and its legacyJollen Chen
 
Why safety plan is critical in development of iso 26262 complaint
Why safety plan is critical in development of iso 26262 complaint Why safety plan is critical in development of iso 26262 complaint
Why safety plan is critical in development of iso 26262 complaint Embitel Technologies (I) PVT LTD
 
Keil tutorial
Keil tutorialKeil tutorial
Keil tutorialanishgoel
 
Mixed-critical adaptive AUTOSAR stack based on VxWorks, Linux, and virtualiza...
Mixed-critical adaptive AUTOSAR stack based on VxWorks, Linux, and virtualiza...Mixed-critical adaptive AUTOSAR stack based on VxWorks, Linux, and virtualiza...
Mixed-critical adaptive AUTOSAR stack based on VxWorks, Linux, and virtualiza...Andrei Kholodnyi
 
Secret of Intel Management Engine by Igor Skochinsky
Secret of Intel Management Engine by Igor SkochinskySecret of Intel Management Engine by Igor Skochinsky
Secret of Intel Management Engine by Igor SkochinskyCODE BLUE
 
How to Apply Functional Safety to Autosar ECU's
How to Apply Functional Safety to Autosar ECU'sHow to Apply Functional Safety to Autosar ECU's
How to Apply Functional Safety to Autosar ECU'sRenesas America
 
RISC-V software state of the union
RISC-V software state of the unionRISC-V software state of the union
RISC-V software state of the unionRISC-V International
 
Autosar software component
Autosar software componentAutosar software component
Autosar software componentFarzad Sadeghi
 
Debugging programs with Keil uVision
Debugging programs with Keil uVisionDebugging programs with Keil uVision
Debugging programs with Keil uVisionSaravananVijayakumar4
 
How to Choose a Software Update Mechanism for Embedded Linux Devices
How to Choose a Software Update Mechanism for Embedded Linux DevicesHow to Choose a Software Update Mechanism for Embedded Linux Devices
How to Choose a Software Update Mechanism for Embedded Linux DevicesLeon Anavi
 
OWASP Dependency-Track Introduction
OWASP Dependency-Track IntroductionOWASP Dependency-Track Introduction
OWASP Dependency-Track IntroductionSergey Sotnikov
 
OpenSynergy exhibiting at Berlin Tech Job Fair Autumn 2019
OpenSynergy exhibiting at Berlin Tech Job Fair Autumn 2019OpenSynergy exhibiting at Berlin Tech Job Fair Autumn 2019
OpenSynergy exhibiting at Berlin Tech Job Fair Autumn 2019TechMeetups
 

Was ist angesagt? (20)

MISRA C in an ISO 26262 context
MISRA C in an ISO 26262 contextMISRA C in an ISO 26262 context
MISRA C in an ISO 26262 context
 
20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastruc20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastruc
 
Logging system of Android
Logging system of AndroidLogging system of Android
Logging system of Android
 
19 Jun 2018 - Hazard Analysis and Functional Safety Compliance
19 Jun 2018 - Hazard Analysis and Functional Safety Compliance 19 Jun 2018 - Hazard Analysis and Functional Safety Compliance
19 Jun 2018 - Hazard Analysis and Functional Safety Compliance
 
Android HAL Introduction: libhardware and its legacy
Android HAL Introduction: libhardware and its legacyAndroid HAL Introduction: libhardware and its legacy
Android HAL Introduction: libhardware and its legacy
 
Why safety plan is critical in development of iso 26262 complaint
Why safety plan is critical in development of iso 26262 complaint Why safety plan is critical in development of iso 26262 complaint
Why safety plan is critical in development of iso 26262 complaint
 
Keil tutorial
Keil tutorialKeil tutorial
Keil tutorial
 
Mixed-critical adaptive AUTOSAR stack based on VxWorks, Linux, and virtualiza...
Mixed-critical adaptive AUTOSAR stack based on VxWorks, Linux, and virtualiza...Mixed-critical adaptive AUTOSAR stack based on VxWorks, Linux, and virtualiza...
Mixed-critical adaptive AUTOSAR stack based on VxWorks, Linux, and virtualiza...
 
Secret of Intel Management Engine by Igor Skochinsky
Secret of Intel Management Engine by Igor SkochinskySecret of Intel Management Engine by Igor Skochinsky
Secret of Intel Management Engine by Igor Skochinsky
 
How to Apply Functional Safety to Autosar ECU's
How to Apply Functional Safety to Autosar ECU'sHow to Apply Functional Safety to Autosar ECU's
How to Apply Functional Safety to Autosar ECU's
 
RISC-V software state of the union
RISC-V software state of the unionRISC-V software state of the union
RISC-V software state of the union
 
Embedded Android : System Development - Part III (Audio / Video HAL)
Embedded Android : System Development - Part III (Audio / Video HAL)Embedded Android : System Development - Part III (Audio / Video HAL)
Embedded Android : System Development - Part III (Audio / Video HAL)
 
Autosar software component
Autosar software componentAutosar software component
Autosar software component
 
Embedded Linux Kernel - Build your custom kernel
Embedded Linux Kernel - Build your custom kernelEmbedded Linux Kernel - Build your custom kernel
Embedded Linux Kernel - Build your custom kernel
 
Debugging programs with Keil uVision
Debugging programs with Keil uVisionDebugging programs with Keil uVision
Debugging programs with Keil uVision
 
Autosar Basics hand book_v1
Autosar Basics hand book_v1Autosar Basics hand book_v1
Autosar Basics hand book_v1
 
How to Choose a Software Update Mechanism for Embedded Linux Devices
How to Choose a Software Update Mechanism for Embedded Linux DevicesHow to Choose a Software Update Mechanism for Embedded Linux Devices
How to Choose a Software Update Mechanism for Embedded Linux Devices
 
OWASP Dependency-Track Introduction
OWASP Dependency-Track IntroductionOWASP Dependency-Track Introduction
OWASP Dependency-Track Introduction
 
Iso26262 component reuse_webinar
Iso26262 component reuse_webinarIso26262 component reuse_webinar
Iso26262 component reuse_webinar
 
OpenSynergy exhibiting at Berlin Tech Job Fair Autumn 2019
OpenSynergy exhibiting at Berlin Tech Job Fair Autumn 2019OpenSynergy exhibiting at Berlin Tech Job Fair Autumn 2019
OpenSynergy exhibiting at Berlin Tech Job Fair Autumn 2019
 

Andere mochten auch

Achieve iso 26262 certification
Achieve iso 26262 certificationAchieve iso 26262 certification
Achieve iso 26262 certificationPRQA
 
TÜV SÜD on functional safety for multi-core architectures
TÜV SÜD on functional safety for multi-core architecturesTÜV SÜD on functional safety for multi-core architectures
TÜV SÜD on functional safety for multi-core architecturesTorben Haagh
 
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...RAKESH RANA
 
Requirements of ISO 26262
Requirements of ISO 26262Requirements of ISO 26262
Requirements of ISO 26262Torben Haagh
 
ARP4754a, DO-178C 발표자료
ARP4754a, DO-178C 발표자료ARP4754a, DO-178C 발표자료
ARP4754a, DO-178C 발표자료Hongseok Lee
 
Introduction to arp4754a
Introduction to arp4754aIntroduction to arp4754a
Introduction to arp4754aHongseok Lee
 
ISO 26262 Approval of Automotive Software Components
ISO 26262 Approval of Automotive Software ComponentsISO 26262 Approval of Automotive Software Components
ISO 26262 Approval of Automotive Software ComponentsReal-Time Innovations (RTI)
 
Lean Six Sigma Mistake-Proofing Process Training Module
Lean Six Sigma Mistake-Proofing Process Training ModuleLean Six Sigma Mistake-Proofing Process Training Module
Lean Six Sigma Mistake-Proofing Process Training ModuleFrank-G. Adler
 
Risk Management by using FMEA
Risk Management by using FMEARisk Management by using FMEA
Risk Management by using FMEANukool Thanuanram
 
Jamil R. Mazzawi, Founder and CEO, Optima Design Automation
Jamil R. Mazzawi, Founder and CEO, Optima Design AutomationJamil R. Mazzawi, Founder and CEO, Optima Design Automation
Jamil R. Mazzawi, Founder and CEO, Optima Design Automationchiportal
 
Narated mike bartley reqs signoff
Narated mike bartley reqs signoffNarated mike bartley reqs signoff
Narated mike bartley reqs signoffMikeBartley
 
ISApaperIEC61508_AMN_Final
ISApaperIEC61508_AMN_FinalISApaperIEC61508_AMN_Final
ISApaperIEC61508_AMN_FinalAndy Nack
 
Dorner works do-254_information
Dorner works do-254_informationDorner works do-254_information
Dorner works do-254_informationAnnmarie Davidson
 

Andere mochten auch (15)

Achieve iso 26262 certification
Achieve iso 26262 certificationAchieve iso 26262 certification
Achieve iso 26262 certification
 
TÜV SÜD on functional safety for multi-core architectures
TÜV SÜD on functional safety for multi-core architecturesTÜV SÜD on functional safety for multi-core architectures
TÜV SÜD on functional safety for multi-core architectures
 
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...
 
Requirements of ISO 26262
Requirements of ISO 26262Requirements of ISO 26262
Requirements of ISO 26262
 
ARP4754a, DO-178C 발표자료
ARP4754a, DO-178C 발표자료ARP4754a, DO-178C 발표자료
ARP4754a, DO-178C 발표자료
 
091 Process Mapping
091 Process Mapping091 Process Mapping
091 Process Mapping
 
Introduction to arp4754a
Introduction to arp4754aIntroduction to arp4754a
Introduction to arp4754a
 
Fmea
FmeaFmea
Fmea
 
ISO 26262 Approval of Automotive Software Components
ISO 26262 Approval of Automotive Software ComponentsISO 26262 Approval of Automotive Software Components
ISO 26262 Approval of Automotive Software Components
 
Lean Six Sigma Mistake-Proofing Process Training Module
Lean Six Sigma Mistake-Proofing Process Training ModuleLean Six Sigma Mistake-Proofing Process Training Module
Lean Six Sigma Mistake-Proofing Process Training Module
 
Risk Management by using FMEA
Risk Management by using FMEARisk Management by using FMEA
Risk Management by using FMEA
 
Jamil R. Mazzawi, Founder and CEO, Optima Design Automation
Jamil R. Mazzawi, Founder and CEO, Optima Design AutomationJamil R. Mazzawi, Founder and CEO, Optima Design Automation
Jamil R. Mazzawi, Founder and CEO, Optima Design Automation
 
Narated mike bartley reqs signoff
Narated mike bartley reqs signoffNarated mike bartley reqs signoff
Narated mike bartley reqs signoff
 
ISApaperIEC61508_AMN_Final
ISApaperIEC61508_AMN_FinalISApaperIEC61508_AMN_Final
ISApaperIEC61508_AMN_Final
 
Dorner works do-254_information
Dorner works do-254_informationDorner works do-254_information
Dorner works do-254_information
 

Ähnlich wie Qualification of Eclipse-based Tools according to ISO 26262

Towards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industryTowards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industryAshley Zupkus
 
Afry software safety ISO26262 (Embedded @ Gothenburg Meetup)
Afry software safety ISO26262 (Embedded @ Gothenburg Meetup)Afry software safety ISO26262 (Embedded @ Gothenburg Meetup)
Afry software safety ISO26262 (Embedded @ Gothenburg Meetup)Dimitrios Platis
 
Why requirements - for Medical Devices
Why requirements - for Medical DevicesWhy requirements - for Medical Devices
Why requirements - for Medical DevicesYves Berquin
 
TÜV Certification: Simplify Tool Qualification for safety-critical Development
TÜV Certification: Simplify Tool Qualification for safety-critical DevelopmentTÜV Certification: Simplify Tool Qualification for safety-critical Development
TÜV Certification: Simplify Tool Qualification for safety-critical DevelopmentIntland Software GmbH
 
Transcat Webinar: :Suitability Of Instruments: Presented By: Howard Zion
Transcat Webinar: :Suitability Of Instruments: Presented By: Howard ZionTranscat Webinar: :Suitability Of Instruments: Presented By: Howard Zion
Transcat Webinar: :Suitability Of Instruments: Presented By: Howard ZionTranscat
 
Best Way to Prepare for the ISTQB Technical Test Analyst (CTAL-TTA) Certifica...
Best Way to Prepare for the ISTQB Technical Test Analyst (CTAL-TTA) Certifica...Best Way to Prepare for the ISTQB Technical Test Analyst (CTAL-TTA) Certifica...
Best Way to Prepare for the ISTQB Technical Test Analyst (CTAL-TTA) Certifica...Meghna Arora
 
SIL Awareness | Introduction to Safety Life-Cycle | IEC - 61508 & IEC- 61511 ...
SIL Awareness | Introduction to Safety Life-Cycle | IEC - 61508 & IEC- 61511 ...SIL Awareness | Introduction to Safety Life-Cycle | IEC - 61508 & IEC- 61511 ...
SIL Awareness | Introduction to Safety Life-Cycle | IEC - 61508 & IEC- 61511 ...Gaurav Singh Rajput
 
Navigating the jungle of Secure Coding Standards
Navigating the jungle of Secure Coding StandardsNavigating the jungle of Secure Coding Standards
Navigating the jungle of Secure Coding StandardsChantalWauters
 
Zero-bug Software, Mathematically Guaranteed
Zero-bug Software, Mathematically GuaranteedZero-bug Software, Mathematically Guaranteed
Zero-bug Software, Mathematically GuaranteedAshley Zupkus
 
Webinar manage risk using traceability fnl (2)
Webinar manage risk using traceability fnl (2)Webinar manage risk using traceability fnl (2)
Webinar manage risk using traceability fnl (2)Perforce
 
Architecture for Disaster Resistant Systems @I TAKE Unconference 29 05 2015
Architecture for Disaster Resistant Systems @I TAKE Unconference 29 05 2015Architecture for Disaster Resistant Systems @I TAKE Unconference 29 05 2015
Architecture for Disaster Resistant Systems @I TAKE Unconference 29 05 2015Adi Bolboaca
 
Requirements of ISO 26262
Requirements of ISO 26262Requirements of ISO 26262
Requirements of ISO 26262Torben Haagh
 
Software Testing interview - Q&A and tips
Software Testing interview - Q&A and tipsSoftware Testing interview - Q&A and tips
Software Testing interview - Q&A and tipsPankaj Dubey
 
Дмитро Терещенко, "How to secure your application with Secure SDLC"
Дмитро Терещенко, "How to secure your application with Secure SDLC"Дмитро Терещенко, "How to secure your application with Secure SDLC"
Дмитро Терещенко, "How to secure your application with Secure SDLC"Sigma Software
 
Risk management and business protection with Coding Standardization & Static ...
Risk management and business protection with Coding Standardization & Static ...Risk management and business protection with Coding Standardization & Static ...
Risk management and business protection with Coding Standardization & Static ...Itris Automation Square
 
Agile for Software as a Medical Device
Agile for Software as a Medical DeviceAgile for Software as a Medical Device
Agile for Software as a Medical DeviceOrthogonal
 
Adi Bolboacă: Architecture For Disaster Resistant Systems at I T.A.K.E. Unco...
Adi Bolboacă: Architecture For Disaster Resistant Systems at I T.A.K.E. Unco...Adi Bolboacă: Architecture For Disaster Resistant Systems at I T.A.K.E. Unco...
Adi Bolboacă: Architecture For Disaster Resistant Systems at I T.A.K.E. Unco...Mozaic Works
 
ISO/PAS 21448 (SOTIF) in the Development of ADAS and Autonomous Vehicles
ISO/PAS 21448 (SOTIF) in the Development of ADAS and Autonomous VehiclesISO/PAS 21448 (SOTIF) in the Development of ADAS and Autonomous Vehicles
ISO/PAS 21448 (SOTIF) in the Development of ADAS and Autonomous VehiclesIntland Software GmbH
 

Ähnlich wie Qualification of Eclipse-based Tools according to ISO 26262 (20)

Towards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industryTowards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industry
 
Project P Open Workshop
Project P Open WorkshopProject P Open Workshop
Project P Open Workshop
 
Afry software safety ISO26262 (Embedded @ Gothenburg Meetup)
Afry software safety ISO26262 (Embedded @ Gothenburg Meetup)Afry software safety ISO26262 (Embedded @ Gothenburg Meetup)
Afry software safety ISO26262 (Embedded @ Gothenburg Meetup)
 
FuSA_upload.pptx
FuSA_upload.pptxFuSA_upload.pptx
FuSA_upload.pptx
 
Why requirements - for Medical Devices
Why requirements - for Medical DevicesWhy requirements - for Medical Devices
Why requirements - for Medical Devices
 
TÜV Certification: Simplify Tool Qualification for safety-critical Development
TÜV Certification: Simplify Tool Qualification for safety-critical DevelopmentTÜV Certification: Simplify Tool Qualification for safety-critical Development
TÜV Certification: Simplify Tool Qualification for safety-critical Development
 
Transcat Webinar: :Suitability Of Instruments: Presented By: Howard Zion
Transcat Webinar: :Suitability Of Instruments: Presented By: Howard ZionTranscat Webinar: :Suitability Of Instruments: Presented By: Howard Zion
Transcat Webinar: :Suitability Of Instruments: Presented By: Howard Zion
 
Best Way to Prepare for the ISTQB Technical Test Analyst (CTAL-TTA) Certifica...
Best Way to Prepare for the ISTQB Technical Test Analyst (CTAL-TTA) Certifica...Best Way to Prepare for the ISTQB Technical Test Analyst (CTAL-TTA) Certifica...
Best Way to Prepare for the ISTQB Technical Test Analyst (CTAL-TTA) Certifica...
 
SIL Awareness | Introduction to Safety Life-Cycle | IEC - 61508 & IEC- 61511 ...
SIL Awareness | Introduction to Safety Life-Cycle | IEC - 61508 & IEC- 61511 ...SIL Awareness | Introduction to Safety Life-Cycle | IEC - 61508 & IEC- 61511 ...
SIL Awareness | Introduction to Safety Life-Cycle | IEC - 61508 & IEC- 61511 ...
 
Navigating the jungle of Secure Coding Standards
Navigating the jungle of Secure Coding StandardsNavigating the jungle of Secure Coding Standards
Navigating the jungle of Secure Coding Standards
 
Zero-bug Software, Mathematically Guaranteed
Zero-bug Software, Mathematically GuaranteedZero-bug Software, Mathematically Guaranteed
Zero-bug Software, Mathematically Guaranteed
 
Webinar manage risk using traceability fnl (2)
Webinar manage risk using traceability fnl (2)Webinar manage risk using traceability fnl (2)
Webinar manage risk using traceability fnl (2)
 
Architecture for Disaster Resistant Systems @I TAKE Unconference 29 05 2015
Architecture for Disaster Resistant Systems @I TAKE Unconference 29 05 2015Architecture for Disaster Resistant Systems @I TAKE Unconference 29 05 2015
Architecture for Disaster Resistant Systems @I TAKE Unconference 29 05 2015
 
Requirements of ISO 26262
Requirements of ISO 26262Requirements of ISO 26262
Requirements of ISO 26262
 
Software Testing interview - Q&A and tips
Software Testing interview - Q&A and tipsSoftware Testing interview - Q&A and tips
Software Testing interview - Q&A and tips
 
Дмитро Терещенко, "How to secure your application with Secure SDLC"
Дмитро Терещенко, "How to secure your application with Secure SDLC"Дмитро Терещенко, "How to secure your application with Secure SDLC"
Дмитро Терещенко, "How to secure your application with Secure SDLC"
 
Risk management and business protection with Coding Standardization & Static ...
Risk management and business protection with Coding Standardization & Static ...Risk management and business protection with Coding Standardization & Static ...
Risk management and business protection with Coding Standardization & Static ...
 
Agile for Software as a Medical Device
Agile for Software as a Medical DeviceAgile for Software as a Medical Device
Agile for Software as a Medical Device
 
Adi Bolboacă: Architecture For Disaster Resistant Systems at I T.A.K.E. Unco...
Adi Bolboacă: Architecture For Disaster Resistant Systems at I T.A.K.E. Unco...Adi Bolboacă: Architecture For Disaster Resistant Systems at I T.A.K.E. Unco...
Adi Bolboacă: Architecture For Disaster Resistant Systems at I T.A.K.E. Unco...
 
ISO/PAS 21448 (SOTIF) in the Development of ADAS and Autonomous Vehicles
ISO/PAS 21448 (SOTIF) in the Development of ADAS and Autonomous VehiclesISO/PAS 21448 (SOTIF) in the Development of ADAS and Autonomous Vehicles
ISO/PAS 21448 (SOTIF) in the Development of ADAS and Autonomous Vehicles
 

Kürzlich hochgeladen

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfOverkill Security
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 

Kürzlich hochgeladen (20)

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 

Qualification of Eclipse-based Tools according to ISO 26262

  • 1. Validas AG Method for Qualification of Eclipse- based Tools according to ISO 26262 4.11.2010 Dr. Oscar Slotosch
  • 2. Page 2 Validas AG Content ‣Motivation for Tool Qualification ‣ISO 26262 Requirements ‣Tool Chain Analysis ‣Application to Eclipse ‣Summary
  • 3. Page 3 Validas AG Motivation for Tool Qualification ‣Development tools can have errors that - Cause errors in the product - Hide errors in the product ‣Both has to be avoided ‣Safety standards require to protect customer from them - IEC 65108 - ISO 26262 - DO178 B/C ‣Product verification is required ‣Tool confidence is required
  • 5. Page 5 Validas AG Content ‣Motivation for Tool Qualification ‣ISO 26262 Requirements ‣Tool Chain Analysis ‣Application to Eclipse ‣Summary
  • 6. Page 6 Validas AG ISO 26262 Requirements on Tools Part 8, Chapter 11: Tool Qualification ‣ Analyze all used tools (the complete “Tool Chain”) - Use cases - Inputs/outputs ‣ Determine impact on safety of the product - TI1: No impact => Tool Confidence Level (TCL 1) - TI2: Impact: For all potential errors determine tool detection (TD) probability in the applied process • TD1: High => tool has TCL 1 • TD2: Medium => tool has TCL 2 • TD3: other => tool has TCL 3 ‣ For a given ASIL and TCL select the qualification methods: all “++” or an equivalent combination ‣ Make a “Confirmation Review” of - TCL classification - Qualification methods of the tools
  • 7. Page 7 Validas AG Confidence from Use Sufficient and adequate data for the use of the tool with ‣Tool version and configuration ‣Comparable use cases ‣Systematic error recording ‣details of the period of use and relevant data on its use ‣the safeguards, avoidance measures or work-arounds for the known malfunctions, or detection measures for a corresponding erroneous output, if applicable The increased confidence from use argument shall only be valid for the considered version of the software tool In Eclipe there is a Usage Data Collector that uploads usage data But where is the download? And where are the malfunctions and safeguards?
  • 8. Page 8 Validas AG Evaluation of the Development Process The development process applied for the development of the software tool shall comply with an appropriate standard (?!) ‣NOTE For open source developments some of the standards used by those communities can also be appropriate ‣This assessment covers the development of an adequate and relevant subset of the features of the software tool (Automotive SPICE, CMMI, ISO 15504, etc.) Where are the details, like tests?
  • 9. Page 9 Validas AG Validation the validation measures shall demonstrate that the software tool fulfils its specified requirements ‣Tests for functional and non-functional aspects ‣the malfunctions and their corresponding erroneous outputs of the software tool occurring during validation shall be analysed together with information on their possible consequences and with measures to avoid or detect them ‣the reaction of the software tool to anomalous operating conditions shall be examined ‣Validation suites can be build
  • 10. Page 10 Validas AG Content ‣Motivation for Tool Qualification ‣ISO 26262 Requirements ‣Tool Chain Analysis ‣Application to Eclipse ‣Summary
  • 11. Page 11 Validas AG Tool Chain Analysis ‣Validas developed a method to determine the TCL automatically ‣Based on a simple but formal tool model with - Tools, use cases, artefacts - Data flow, control flow ‣Enriched by specification of - Errors - Detection and prevention - Probabilities ‣Tool: Tool Chain Analyzer
  • 13. Page 13 Validas AG Results of a Simple Example All tools have TCL 3 (unchecked errors) Error Flow Control Flow Data Flow Artefacts Process Tool / Use Case make dcc lcc
  • 14. Page 14 Validas AG Results of an Extended Example Make has TCL 1 (all errors checked with TD1) make dcc lcc
  • 15. Page 15 Validas AG Tool Qualification Lessons ‣New standards require to analyze all tools in the process for “potential errors that affect the safety” ‣One tool can have different TCLs in different processes ‣Reduction of TCL in the process causes effort ‣A high TCL saves the effort for detecting the tool errors in development ‣Required information for TCL determination - Application (Product development) process (from the user) - Uses cases of tools (from user/supplier) - Potential errors (from supplier) - Error detection and prevention methods (from supplier) ‣Tool Chain Analysis automatically determines the TCL
  • 16. Page 16 Validas AG Content ‣Motivation for Tool Qualification ‣ISO 26262 Requirements ‣Tool Chain Analysis ‣Application to Eclipse ‣Summary
  • 17. Page 17 Validas AG Eclipse Applications ‣ Structure of Eclipse Applications: - Plugins - Bundles - Packages - Functions ‣ Potential Errors (in each part) - Exceptions - Assertions - Semantic Errors ‣ Error Detection - Catch - Stack Traces - Assertions - Tests
  • 18. Page 18 Validas AG Example: Tool Chain Analyzer ‣ RCP Application ‣ Based on an ecore model with EMF generator ‣ Plugin architecture ‣ Based on ISO 26262 and formal semantics ‣ Use cases - TCL determination - Generation of documentation / explanations - Generation of graphical views ‣ Saftey Critical Errors: - Wrong Classification (TCL) ‣ Not critical: - Exceptions, Crashes, Dialogs, Persistency,..
  • 19. Page 19 Validas AG Bundles and Dependencies ‣Base model (Tools): determined from the OSGI structures ‣TODO: potential errors and possible checks ‣TCL has method to analyze it‘s own dependecies and generates the base models ‣Could be generated from every eclipse tool architecture ‣Basis for error analysis ?
  • 20. Page 20 Validas AG TCA Classification Information ‣ The TCA provides the following use cases - Textual export with potential errors • Wrong TCL ❖ Ignoring reachable checks ❖ Using unreachable checks • Wrong Conformance check of ASIL / Qualification - Graphical export (for debugging) with irrelevant errors - Determination of TCL within the tree view (for development) with irrelevant errors ‣ If textual export is reviewed (against the above errors) the TCA has TCL 1 ‣ If the export is not reviewed it would have TCL 3 - We could build a validation suite for TCL 3 (ASIL D) with • test automatization • our tests models • comparing the TCA results with its formal semantics and • a coverage measurement (EMMA) ‣ Since „confirmation review“ is required in ISO 26262 the TCA has TCL 1
  • 21. Page 21 Validas AG Content ‣Motivation for Tool Qualification ‣ISO 26262 Requirements ‣Tool Chain Analysis ‣Application to Eclipse ‣Summary
  • 22. Page 22 Validas AG Summary ‣ ISO 26262 requires to check all used tools for confidence ‣ Tool Confidence Level (TCL) depends on the application process ‣ Tool User - has to classify tools - can restrict to safety relevant functions - check the result of tools (manually or by redundancy) ‣ Tool provider/developer (of each plugin) should - provide information on use cases and tools - provide information on potential errors and checks - can NOT restrict to safety relevant functions - provide help for qualification of tools • Usage information on versions, configuration • Development process • Test cases / code coverage ‣ Tool Chain Analyzer has TCL 1, but requires manual review ‣ Validation with Coverage Measurement can reduce reviews
  • 23. Page 23 Validas AG Arnulfstraße 27 80335 München www.validas.de info@validas.de Your partner for innovation in embedded quality Thank You !