Towards an Integration of Standard Component-Based Safety Evaluation Techniques with SaveCCM

  • Lars Grunske
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4214)


To deliver complex functionalities in a cost effective manner, embedded software should ideally be developed with standardized interoperable components. At the same time, most of these embedded systems must be demonstrably safe and reliable. This paper aims to extend SaveCCM, a modelling language for component-based embedded systems, with standard safety evaluation models. Based on this extension, failure and hazard probabilities can be estimated early in the development process and can be used to check if a system can fulfil its safety requirements. The procedure of the safety evaluation is demonstrated with the case study of a computer assisted braking system.


Output Port Safety Evaluation Input Port Failure Propagation Hazard Probability 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Laprie, J.C. (ed.): Dependability: basic concepts and terminology. Springer, Heidelberg (1992)MATHGoogle Scholar
  2. 2.
    Lee, E.A.: 2. In: Embedded Software. Advances in Computers, vol. 56, pp. 56–97. Academic Press, London (2002)Google Scholar
  3. 3.
    Hissam, S.A., Moreno, G.A., Stafford, J.A., Wallnau, K.C.: Packaging Predictable Assembly. In: Bishop, J.M. (ed.) CD 2002. LNCS, vol. 2370, pp. 108–124. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  4. 4.
    PtolemyII: PtolemyII project website (2006),
  5. 5.
    van Ommering, R., van der Linden, F., Jeff, K., Magee, J.: The Koala component model for consumer electronics software. Computer 33(3), 78–85 (2000)CrossRefGoogle Scholar
  6. 6.
    Hansson, H., Åkerholm, M., Crnkovic, I., Törngren, M.: SaveCCM - A component model for safety-critical real-time systems. In: 30th EUROMICRO Conference 2004, Rennes, France, August 31- September 3, pp. 627–635. IEEE Computer Society, Los Alamitos (2004)CrossRefGoogle Scholar
  7. 7.
    Carlson, J., Håkansson, J., Pettersson, P.: SaveCCM: An analysable component model for real-time systems. In: International Workshop on Formal Aspects of Component Software, Macao, Elsevier, Amsterdam (2005)Google Scholar
  8. 8.
    Alur, R.: A theory of timed automata. Theoretical Computer Science 126, 183–235 (1994)MATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    Larsen, K.G., Pettersson, P., Yi, W.: UPPAAL in a nutshell. International Journal on Software Tools for Technology Transfer 1, 134–152 (1997)MATHCrossRefGoogle Scholar
  10. 10.
    Möller, A., Peake, I., Nolin, M., Fredriksson, J., Schmidt, H.: Component-based context-dependent hybrid property prediction. In: ERCIM - Workshop on Dependable Software Intensive Embedded systems, Porto, Portugal, ERCIM (2005)Google Scholar
  11. 11.
    Birolini, A.: Reliability Engineering: Theory and Practice, 3rd edn. Springer, Heidelberg (1999)MATHGoogle Scholar
  12. 12.
    Grunske, L., Kaiser, B., Reussner, R.: Specification and evaluation of safety properties in a component-based software engineering process. In: Atkinson, C., Bunse, C., Gross, H.-G., Peper, C. (eds.) Component-Based Software Development for Embedded Systems. LNCS, vol. 3778, pp. 249–274. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  13. 13.
    Grunske, L., Kaiser, B., Papadopoulos, Y.: Model-Driven Safety Evaluation with State-Event-Based Component Failure Annotations. In: Heineman, G.T., Crnković, I., Schmidt, H.W., Stafford, J.A., Szyperski, C.A., Wallnau, K. (eds.) CBSE 2005. LNCS, vol. 3489, pp. 33–48. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  14. 14.
    Elmqvist, J., Nadjm-Tehrani, S., Minea, M.: Safety Interfaces for Component-Based Systems. In: Winther, R., Gran, B.A., Dahll, G. (eds.) SAFECOMP 2005. LNCS, vol. 3688, pp. 246–260. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  15. 15.
    Alur, R., Henzinger, T.A.: Reactive modules. Formal Methods in System Design: An International Journal 15, 7–48 (1999)CrossRefGoogle Scholar
  16. 16.
    Clarke, E.M., Grumberg, O., Jha, S., Lu, Y., Veith, H.: Counterexample-guided abstraction refinement. In: Emerson, E.A., Sistla, A.P. (eds.) CAV 2000. LNCS, vol. 1855. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  17. 17.
    Fenelon, P., McDermid, J.A., Nicholson, M., Pumfrey, D.J.: Towards integrated safety analysis and design. ACM Computing Reviews 2, 21–32 (1994)CrossRefGoogle Scholar
  18. 18.
    Kaiser, B., Liggesmeyer, P., Mäckel, O.: A new component concept for fault trees. In: Proceedings of the 8th Australian Workshop on Safety Critical Systems and Software (SCS 2003), Adelaide, pp. 37–46 (2003)Google Scholar
  19. 19.
    Papadopoulos, Y., McDermid, J.A., Sasse, R., Heiner, G.: Analysis and synthesis of the behaviour of complex programmable electronic systems in conditions of failure. Int. Journal of Reliability Engineering and System Safety 71, 229–247 (2001)CrossRefGoogle Scholar
  20. 20.
    Papadopoulos, Y., Maruhn, M.: Model-based synthesis of fault trees from matlab-simulink models. In: 2001 International Conference on Dependable Systems and Networks (DSN 2001) (formerly: FTCS). Proceedings, Göteborg, Sweden, July 1-4, pp. 77–82. IEEE Computer Society, Los Alamitos (2001)CrossRefGoogle Scholar
  21. 21.
    Grunske, L.: Annotation of component specifications with modular analysis models for safety properties. In: Proceedings of the 1st International Workshop on Component Engineering Methodology (WCEM), Erfurt, pp. 737–738 (2003)Google Scholar
  22. 22.
    Wallace, M.: Modular architectural representation and analysis of fault propagation and transformation. Electr. Notes Theor. Comput. Sci. 141(3), 53–71 (2005)CrossRefGoogle Scholar
  23. 23.
    Bondavalli, A., Simoncini, L.: Failure Classification with respect to Detection. Esprit Project Nr 3092 (PDCS: Predictably Dependable Computing Systems) (1990)Google Scholar
  24. 24.
    Grunske, L., Kaiser, B.: Automatic generation of analyzable failure propagation models from component-level failure annotations. In: Fifth International Conference on Quality Software (QSIC 2005), Melbourne, September 19-20, pp. 117–123. IEEE Computer Society, Los Alamitos (2005)CrossRefGoogle Scholar
  25. 25.
    Pumfrey, D.J.: The Principled Design of Computer System Safety Analyses. PhD thesis, Department of Computer Science, University of York (1999)Google Scholar
  26. 26.
    ESSaRel: Embedded Systems Safety and Reliability Analyser, The ESSaRel Research Project (2005) Homepage:
  27. 27.
    Lutz, R.R.: Software engineering for safety: a roadmap. In: ICSE - Future of SE Track, pp. 213–226 (2000)Google Scholar
  28. 28.
    IEC 61025 (International Electrotechnical Commission): Fault-Tree-Analysis (FTA) (1990)Google Scholar
  29. 29.
    Prasad, D.K.: Dependable Systems Intergration using Measurement Theory and Decision Analysis. PhD thesis, Department of Computer Science, University of York (1998)Google Scholar
  30. 30.
    Pumfrey, D., Nicholson, M.: Hazard Analysis of a Computer Assisted Braking System. In: Hazard Analysis Course for MSc in Safety Critical Systems (1996)Google Scholar
  31. 31.
    Nicholson, M.: Selecting a Topology for Safety-Critical Real-Time Control Systems. PhD thesis, Department of Computer Science, University of York (1998)Google Scholar
  32. 32.
    Musa, J.D., Iannino, A., Okumoto, K.: Software Reliability: Measurement, Prediction, Application. MacGraw-Hill, New York (1987); ACM CR 8712-0965Google Scholar
  33. 33.
    CENELEC (European Committee for Electro-technical Standardisation): CENELEC EN 50126: Railway Applications – the specification and demonstration of Reliability, Availability, Maintainability and Safety. CENELEC EN 50128: Railway Applications: Software for Railway Control and Protection Systems CENELEC, Brussels (2000)Google Scholar
  34. 34.
    Grunske, L.: Identifying ”good” architectural design alternatives with multi-objective optimization strategies. In: Osterweil, L.J., Rombach, H.D., Soffa, M.L. (eds.) 28th International Conference on Software Engineering (ICSE 2006), Shanghai, China, May 20-28, pp. 849–852. ACM, New York (2006)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Lars Grunske
    • 1
  1. 1.School of Information Technology and Electrical Engineering, ARC Centre for Complex SystemsUniversity of QueenslandBrisbane (St.Lucia)Australia

Personalised recommendations