Continuous Deployment for Dependable Systems with Continuous Assurance Cases

Warg, Fredrik; Blom, Hans W.; Borg, Jonas

doi:10.1109/issrew.2019.00091

Cited by 12 publications

(5 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Safety of AD has become a growing challenge during the last decade, especially after tragic accidents during public testing that made research groups and industrial organizations to increase their activities to significantly improve the safety during the development and operations of such functions. Zeller started to shed light on challenges for safety-critical applications regarding DevOps way of working [11], but it is yet immature in the automotive domain due to complex product structures [12]. The Swedish research project SALIENCE 4CAV 2 is aiming at finding solutions for the safety life-cycle of AD to enable continuous deployment .…”

Section: Related Workmentioning

confidence: 99%

An Industrial Experience Report about Challenges from Continuous Monitoring, Improvement, and Deployment for Autonomous Driving Features

Nouri

Berger

Törner

2022

2022 48th Euromicro Conference on Software Engineering and Advanced Applications (SEAA)

View full text Add to dashboard Cite

Using continuous development, deployment, and monitoring (CDDM) to understand and improve applications in a customer's context is widely used for non-safety applications such as smartphone apps or web applications to enable rapid and innovative feature improvements. Having demonstrated its potential in such domains, it may have the potential to also improve the software development for automotive functions as some OEMs described on a high level in their financial company communiqués. However, the application of a CDDM strategy also faces challenges from a process adherence and documentation perspective as required by safety-related products such as autonomous driving systems (ADS) and guided by industry standards such as ISO-26262 [1] and ISO21448 [2]. There are publications on CDDM in safety-relevant contexts that focus on safety-critical functions on a rather generic level and thus, not specifically ADS or automotive, or that are concentrating only on software and hence, missing out the particular context of an automotive OEM: Well-established legacy processes and the need of their adaptations, and aspects originating from the role of being a system integrator for software/software, hardware/hardware, and hardware/software. In this paper, particular challenges from the automotive domain to better adopt CDDM are identified and discussed to shed light on research gaps to enhance CDDM, especially for the software development of safe ADS. The challenges are identified from today's industrial well-established ways of working by conducting interviews with domain experts and complemented by a literature study.

show abstract

Section: Related Workmentioning

confidence: 99%

An Industrial Experience Report about Challenges from Continuous Monitoring, Improvement, and Deployment for Autonomous Driving Features

Nouri

Berger

Törner

2022

2022 48th Euromicro Conference on Software Engineering and Advanced Applications (SEAA)

View full text Add to dashboard Cite

show abstract

“…VII-B. Furthermore, Warg et al [75] suggest using contracts in all abstraction levels of the ADS in order to achieve a continuous assurance case, thus mitigating challenge (C8). The interested reader is referred to [76], where these methods are discussed more in detail with respect to their potential contributions to safety assurance in the scope of ADSs.…”

Section: Contract-based Designmentioning

confidence: 99%

Holistic Perspectives on Safety of Automated Driving Systems - Methods for Provision of Evidence

Gyllenhammar¹,

Campos²,

Törngren³

2022

Preprint

View full text Add to dashboard Cite

<p>In recent years, the enormous investments in Automated Driving Systems (ADSs) have distinctly advanced ADS technologies. Despite promises made by several high profile auto-makers, it has however become clear that the challenges involved for deploying ADS have been drastically underestimated. This paper focuses on the challenge of providing sufficient evidence to support the safety claims of ADSs. The provisioning of such evidence clearly relates both to technical maturity of ADS systems (including actual experiences from deploying such systems), and on the development of methodologies for reasoning about ADS safety claims. Contrary to previous generations of automotive systems, common design, development, verification and validation methods for safety critical systems do not suffice to cope with the increased complexity and operational uncertainties of an ADS. Therefore, the aim of this paper is to provide an understanding of existing methods focusing on the development of a safe ADS and, most importantly, identifying the associated challenges and gaps. </p> <p>We present eight challenges, collectively distinguishing ADSs from safety critical systems in general, and discuss the existing methods in the light of these eight challenges. Based on this discussion, a set of research gaps are identified.</p>

show abstract

“…Another branch of research is Continuous Development, in which contract-based approaches are also used. Warg et al [18] present a development process for dependent systems and show how continuous assurance processes can be realized with the help of contracts for product lines. As with this work, contracts are used and demonstrated along the development process of dynamically changing systems, but not along all phases of the product's lifecycle and not specifically for all forms of update processes.…”

Section: Related Workmentioning

confidence: 99%

Continuous Contract Based Verification of Updates in Maritime Shipboard Equipment

Hake

Hohl

Hahn

2021

JMSE

View full text Add to dashboard Cite

Modern control systems in the maritime domain are increasingly controlled by software systems and become subject to updates and configuration changes during operation. Moreover, with the shift to autonomous vessels and cars, these software-based systems are taking on more and more safety-critical tasks, so the risks associated with system failures are increasing. Unlike before, it becomes necessary to verify the continuously adapting modules of a vehicle not only before deployment, but to establish continuous verification capabilities during all phases of the product lifecycle, from the design to the system in operation. Hence, in case of an update, deviations from the expected behavior can be automatically detected and relevant measures can be initiated. In this work, a contract-based verification framework is presented that includes automatable and formally analyzable behavioral descriptors in form of assumption-guarantee contracts for all phases of the software lifecycle to provide static and dynamic verification capabilities alongside a dynamically changing system composition. By utilizing contractually defined behavior descriptions, classic test procedures, such as simulations, are supplemented by a formally testable level that is applied to all phases of the update process. A conceptual-deductive methodology was chosen, building on the identified requirements to develop an overarching update framework that adds contractual descriptions to the traditional development case. Based on the presented framework, the verifiable modification of a safety-critical software system is demonstrated. The approach is evaluated using a maritime collision-avoidance system and the verification steps are evaluated along the update process. The framework offers a novel approach to complement existing test procedures by enabling formal impact analysis and incremental verification of updates.

show abstract

Continuous Deployment for Dependable Systems with Continuous Assurance Cases

Cited by 12 publications

References 16 publications

An Industrial Experience Report about Challenges from Continuous Monitoring, Improvement, and Deployment for Autonomous Driving Features

An Industrial Experience Report about Challenges from Continuous Monitoring, Improvement, and Deployment for Autonomous Driving Features

Holistic Perspectives on Safety of Automated Driving Systems - Methods for Provision of Evidence

Continuous Contract Based Verification of Updates in Maritime Shipboard Equipment

Contact Info

Product

Resources

About