ERCIM

1
ERCIM Strategy Paper on European ICT WG
Dependable Software-Intensive Embedded
SystemsUniversity of Malaga, Nov. 3rd, 2004

• Comments on the ICT strategy paper
• Most of the important issues for an European ICT
  Strategy are covered by the Paper
• With respect to critical embedded control
  systems, the following aspects should be
  emphasized more
• Functional Safety and Reliability/Availability
  Aspects
• System validation, evaluation and certification
  (standards !)
• Holistic system view, merging of safety and
  security considerations, basic dependable
  infrastructures on core-service level (e.g.
  TTP/C, )
• Examples from the DES-Roadmap (EU - AMSD project)
  technical safety applications vs. fun and
  entertainment world

2
Characteristics of Embedded Systems

• Embedded Systems Combination of processors,
  sensors, actuators, intelligence, hidden
  computers and massive deployment, intensive
  interaction with uncertain environment A
  physical process with dynamics, fault, noise,
  dependability, power, size (in general resource
  -) and memory restrictions (Foundational
  Infrastructure needed)
• Embedded Software new capabilities to HW
  transducers added by embedded software
  (defines physical behaviour of a complex
  non-linear device), HW/SW co-design,
  dependability, low power, timeliness,
  characteristics
• Systems are NOT always safety-critical by
  definition often the actual criticality and
  dependability levels rise based on our desire for
  enhanced reliance on them !! (Human Factors
  safer cars imply more aggressive driving
  behaviour after some time)
• Security Aspects often neglected by Safety Design
  Engineers, and vice versa !!

3
Application Assessment Human centered,
Vision-Driven, Safety?

• Automotive Accident free Driving
• Avionics Safe Sky for Europe
• Medical Robot Surgeon
• Communications Seamless Connectivity
• E-Life Ubiquitous Computing, environment
  awareness
• personalised (user centered, dynamically adapted
  to user preferences),
• dependable (time dynamics, timely responsiveness,
  secure),
• context-awareness (person, object, location,
  time),
• natural interaction

Industrial Vision Aerospace Safety at
Automotive Cost
Industrial Need From Supply Chain to Design Chain
4
Trends in Medical SystemsComponent Healthcare
System
Around us ...
Micro-capsule
Products and equipment at the service of
individuals
inside us ?
5

Trends in Automotive (on-board embedded systems)

• Three groups of trends
• Advanced comfort
• e.g. Car Body Electronics (adaptive equipment
  seats, superposed adjustable steering wheel, (no)
  pedals, .)
• Noise suppression, adaptive air conditioning,
  configurable cockpit, .
• Navigation, communication, information, new types
  of displays
• Safety enhancement
• Vehicle Dynamics (ABS, ASR, ABC, ESP (Electronic
  Stability Program), AAS (Active Additional
  Steering), Adaptive Cruise Control, Road Tire
  friction Control, ) . Safety critical
  controls !
• Advanced Warning- and Control Systems (pedestrian
  protection, crash avoidance, track control, lane
  support, ) . Safety critical controls !
• Driver Monitoring, Predicitive Driver Assistance,
  Emergency call system
• Optimized resource usage
• Power Train (Integrated Engine Control,
  Transmission Control) . Safety critical
  controls !
• Fully integrated Electrical Energy Management

6

• Trends in Automotive
• (eSafety on the road)

• Extending autonomous on-board functions with
  interactive and co-operative systems
• Roadside embedded systems and interaction
  (intersection, speed control, emergency call
  systems)
• Local connectivity vehicle to vehicle (long
  term) highway throughput optimization, advanced
  adaptive cruise control
• Global Connectivity Satellite, traffic
  navigation and control
• Ultimate Goal Autonomous Driving, Platooning
  of vehicles
• Liability, Legal and Standardization Issues !!
• Linking of local to global infrastructures Link
  to Ambient Intelligence
• Security Issues Connectivity during Operations
  Maintenance !! (Call-back, Upgrades off-line or
  on-line ?)
• Enabling Technology for all of these trends DES
  !!

7

Trends in Automotive

• Less mechanics does not only allow lighter,
  cheaper, safer, environmentally more sustainably
  operating cars, but also incredibly NEW CARS !
• (Examples DaimlerChrysler F300, F200, F500).
• Obstacles to mass deployment electronic/SW
  failures up to 55 !!

8

• DES Challenges
• Major Issues in System Software Technology

• Requirements Engineering, with respect to
  Dependability,
• Model Based Development
• Reuse/COTS/Composability/Scalability wrt.
  Dependability
• Standardisation (cost, maintainability,
  interoperability)
• (Modular) Certification, component-based Safety
  Case
• Dynamic Environments (ubiquity/nomadicity -
  mobility, low power)
• Systematic Testing, Validation and Certification
• Temporal Predictability (TTP) vs. Uncertainty
• Human Factors (HCI)
• SoC Shrinking feature size, new failure modes
• Diagnosis and Maintenance Autoconfigurability,
  Plug Play, Diagnosis
• Dependability
• The 10-9 Challenge can only be managed by an
  architectural approach (components about 10-4 to
  10-5 only the system is more dependable than
  each of its components !)

9
DES - Challenges

• Safety Systems Concerns
• resources shared between functions (encapsulation
  of task environs)
• stronger interactions among them
• more functionality at less cost (cost explosion
  in development ?!)
• Safety is a system property
• New hazards arise from fault propagation in
  composed systems and unintended emergent
  behaviour
• Need for modular Safety Analysis and
  Certification, depending on
• Partitioning
• Safety Function
• Controlled Failure

10
DES Challenges

• Trends in component-based DES
• Development of semi-standardized components,
  packaged with a certification argument or
  pre-certified
• System calibration will become largely a
  composition of component-level pre-certification
  arguments
• Foundational infrastructure required Time
  Triggered -paradigm Fundamental Progress
  achieved during the last years !!
• Building Blocks for HRT Middleware,
• System Simulation and Emulation
  (Co-Design/Co-Simulation),
• Performance Modeling

11
DES Roadmap Synthesis

• COTS, Sensors Enormous challenge and chance for
  SMEs !!!!
• Standardise sensorial interfaces
• Standardise API, architecture and external
  behaviour of IP components, HW/SW Design IP
  protection !!
• Debugging facilities, Diagnosis (transient vs.
  permanent faults)
• Intra component VV
• Inter component VV
• Composability and reusability
• Safe reuse of COTS software certification,
  sufficient understanding of system and
  environment (both original and target) to
  identify when software is used outside the
  operational envelope for which it was
  originally designed and tested
• Confirmation, that COTS does not other
  (unexpected) things as well (hierarchical
  verification via functional refinement may be
  inadequate, notions of architectural refinement
  may provide better verification).

12
Economic Impact of DES (examples)

• Electronics in Cars 170 billion HW, 100 b SW
  (2010), Europe in leading position
• Driver assistance systems 2-3 b 2007,
  increasing by 50 within a few years
• Aerospace industry revenues 265 b total, 70 b
  civil, Europe in leading position
• European mechanical Engineering Industry 353 b
  turnover, 129 b exports, 32 of innovations
  DES-based (HW, SW) rising to 40
• SMEs in active safety systems electronics
  consultation and know-how transfer services in
  the validation and certification market 5 b
  (2010), annual growth about 30
• Tool and component manufacturer annual increase
  expected in DES market by 20 - 40 , depending
  on sector.
• Environmental, Quality and Safety of Life,
  Employment impact expected to be considerable
  large by means of DES mass deployment

13
AMSD - DES Roadmap EU-FP5 Project IST-2001-37553

Thank You For Your Kind Attention
Roadmaps available at http//www.am-sd.org Ema
il erwin.schoitsch_at_arcs.ac.at