CHF46.90
Download est disponible immédiatement
"I highly recommend Mr. Hobbs' book." - Stephen Thomas, PE, Founder and Editor of FunctionalSafetyEngineer.com
Safety-critical devices, whether medical, automotive, or industrial, are increasingly dependent on the correct operation of sophisticated software. Many standards have appeared in the last decade on how such systems should be designed and built. Developers, who previously only had to know how to program devices for their industry, must now understand remarkably esoteric development practices and be prepared to justify their work to external auditors.
Embedded Software Development for Safety-Critical Systems discusses the development of safety-critical systems under the following standards: IEC 61508; ISO 26262; EN 50128; and IEC 62304. It details the advantages and disadvantages of many architectural and design practices recommended in the standards, ranging from replication and diversification, through anomaly detection to the so-called "safety bag" systems.
Reviewing the use of open-source components in safety-critical systems, this book has evolved from a course text used by QNX Software Systems for a training module on building embedded software for safety-critical devices, including medical devices, railway systems, industrial systems, and driver assistance devices in cars.
Although the book describes open-source tools for the most part, it also provides enough information for you to seek out commercial vendors if that's the route you decide to pursue. All of the techniques described in this book may be further explored through hundreds of learned articles. In order to provide you with a way in, the author supplies references he has found helpful as a working software developer. Most of these references are available to download for free.
Auteur
Chris is a programmer at QNX Software Systems with some 40 years of software development experience. His specialty is "Sufficiently Dependable Software," which is software that meets its dependability requirements with the minimum development effort and risk. In particular, he works with software for safety-critical systems that must meet the requirements of international safety standards such as IEC61508, ISO26262, EN50128 and IEC62304. Outside his professional work as a software developer, Chris is the author of several books including "Flying Beyond: The Canadian Commercial Pilot Textbook" and "Embedded Software Development for Safety-Critical Systems."
Résumé
"e;I highly recommend Mr. Hobbs' book."e; - Stephen Thomas, PE, Founder and Editor of FunctionalSafetyEngineer.com Safety-critical devices, whether medical, automotive, or industrial, are increasingly dependent on the correct operation of sophisticated software. Many standards have appeared in the last decade on how such systems should be designed and built. Developers, who previously only had to know how to program devices for their industry, must now understand remarkably esoteric development practices and be prepared to justify their work to external auditors. Embedded Software Development for Safety-Critical Systems discusses the development of safety-critical systems under the following standards: IEC 61508; ISO 26262; EN 50128; and IEC 62304. It details the advantages and disadvantages of many architectural and design practices recommended in the standards, ranging from replication and diversification, through anomaly detection to the so-called "e;safety bag"e; systems.Reviewing the use of open-source components in safety-critical systems, this book has evolved from a course text used by QNX Software Systems for a training module on building embedded software for safety-critical devices, including medical devices, railway systems, industrial systems, and driver assistance devices in cars. Although the book describes open-source tools for the most part, it also provides enough information for you to seek out commercial vendors if that's the route you decide to pursue. All of the techniques described in this book may be further explored through hundreds of learned articles. In order to provide you with a way in, the author supplies references he has found helpful as a working software developer. Most of these references are available to download for free.
Contenu
SECTION I: BACKGROUND Introduction Dependable, embedded software The safety culture Our path Choosing the techniques to describe The development approach Today's challenges References The Terminology of Safety General Safety Terminology Software-Specific Terminology References Safety Standards and Certification The standards bodies Accreditation and certification Why do we need these standards? Goal- and prescription-based standards Functional safety standards IEC 62304 and ISO 14971 Process and the standards Summary References Representative Companies Alpha Device Corp Beta Component Inc Using a Certified Component SECTION II: THE PROJECT The Foundational Analyses The Analyses The inter-relationships The hazard and risk analysis The safety case The failure analysis Analyses by the representative companies Summary References Certified and Uncertified Components SOUP by any other name Certified or uncertified SOUP Using non-certified components Using a certified component Aligning release cycles The example companies SECTION III: ARCHITECTURAL PATTERNS Architectural Balancing The availability/reliability balance The usefulness/safety balance The security/performance/safety balance The performance/reliability balance The implementation balance Summary References Error Detection and Handling Why detect errors? Error detection and the standards Anomaly detection Rejuvenation Recovery blocks A note on the diverse monitor Summary References Expecting the Unexpected The design safe state Recovery The crash-only model Anticipation of the unexpected by the example companies Summary References Replication and Diversification History of replication and diversification Replication in the standards Component or system replication? Replication Diversification Virtual synchrony Locked-step processors Diverse monitor Summary References SECTION IV: DESIGN VALIDATION Markov Models Markov models Markov models and the standards The Markovian assumptions An example calculation Markovian advantages and disadvantages References The Fault Tree FTA and FMECA Fault tree analysis in the standards Types of fault tree Example 1: The Boolean fault tree Example 2: The extended Boolean fault tree Example 3: The Bayesian fault tree Combining FTAs FTA Tools The use of FTA References Software Failure Rates The underlying heresy Assessing failure rates Modelling the failures References Semi-Formal Design Verification Verification of a reconstructed design Discrete event simulation Timed Petri nets Simulation and our sample companies References Formal Design Verification What are formal methods? History of formal methods Formal methods and the standards Do formal methods work? Types of formal methods Automatic code generation The Spin modelling system The Rodin modelling tool Our companies' use of Rodin and Spin Formal methods References SECTION V: CODING Coding Guidelines Programming language selection Programming languages and the standards Language features Use of language subsets So what is the best programming language? References Code Coverage Metrics Code coverage testing Types of code coverage Coverage and the standards The effectiveness of coverage testing Achieving coverage Combinatorial Testing Summary References Static Analysis What static analysis is asked to do Static code analysis and the standards Static code analysis Symbolic execution Summary References SECTION VI: VERIFICATION Integration Testing Fault injection testing Back-to-back comparison test between model and code Requirements-based testing References The Tool Chain Validation of the tool chain Tool classification BCI's tools classification U…