hide all comments


Modeling for Safety Engineering

January 12, 2015 12:27:41 +0200 (EET)

Related to the released EAST-ADL support in MetaEdit+, I was last month working a bit with safety engineering following standards like ISO 13849-1 and ISO 26262 that focus on the development of software for electrical and/or electronic (E/E) systems. Rather than creating models for safety analysis from the scratch we applied the already existing architecture models. As a result, safety engineers can choose the nominal architecture, or part of it, and translate it to equivalent safety model. In MetaEdit+ this model-to-model transformation takes existing functional architecture model and transfers it to a dependability model and to a number of error models depending on the size of the architecture chosen. Safety engineers can then adapt the model for various safety cases and run safety analysis calling the wanted analysis tool.

Due to customer request I applied Sistema tool but it would work similarly for other tools too. Tool integration was straightforward after having created a generator that takes dependability model and related error models and produces Sistema's project file and at the end opens the tool for it. Analysis tool then has already the safety functions, subsystems, blocks, channels etc. and can then be used to run analysis with different options.

This integration provides several benefits, including:

  • Ensures that safety analysis is done for the intended/designed architecture
  • Makes safety analysis faster as it is largely automated
  • Error-prone routine work is reduced

What makes this even more interesting is the feedback back to architecture models. First, models in MetaEdit+ could already include component specific performance levels permitting even more automated calculation of reliability values. In fact, my colleague even made performance level annotations back to MetaEdit+ by calculating ASIL values (as used in automotive). This kind of extension naturally called for modifying the language which was EAST-ADL in our case.

Another interesting direction is updating the model data and annotating it based on the analysis. In the sample screenshot below I've tried to illustrate this by highlighting blocks influenced with the blue color. If the analysis tool has open interfaces then MetaEdit+ and its integration mechanisms (command line, XML, API, generator-based parsing) can utilize it.

Error Model sample