Embedded ubiquity keynote

®

IBM Software Group

© 2012 IBM CorporationInnovation for a smarter planet

Embedded Ubiquity and the Exigency of DependabilityDesigning systems as if our lives depend on them

Dr. Bruce Powel Douglass, Ph.D.Chief Evangelist, IBM [email protected]: @BruceDouglassYahoo: http://tech.groups.yahoo.com/group/RT-UML IBM: www-01.ibm.com/software/rational/leadership/thought/brucedouglass.html

IBM Software Group | Rational software

2Innovation for a smarter planet

Triathlon – A life without embedded devices?

Individual sport composed of Swimming

Bicycling

Running

And, occasionally, throwing up

You against the course, mano a mano

A sport of grit, determination, endurance, and pain tolerance

Surely this has nothing to do with embedded systems



A day in the (embedded) life of a triathlete

Yes, I am wearing devil horns – That’s the way I roll …



Embedded Systems for Triathletes?

Race timing system

GPS Sports Watch w/ HR, cadence, computer interfaceBike power meter

Bike computer



What about the stuff around the triathlete?









Healthcare is deeply electronically-interconnected

State & Central Programs

Health Plans

Employers

TelehealthConsultation

RemoteMonitoring

Emergency Services

RemoteData Diagnosis

Primary Care PhysicianSpecialists

Patient

Electronic Health Record

Personal Health Record

Medical Devices Imaging, Pumps,

Robotics

Surgery

Emergency Department

Pharmacy / Labs

Care Providers

Emergency Services



We live in a deeply electronically-interconnected world

Each subject area is rich with embedded systems closely interconnected

All subject areas interconnect with others providing and using data and services

This interconnection provides the basis for a technology-centric society

Health Care Imaging, Pumps,

Robotics

Pharmacy / Labs

Transportation Planes, Trains & Autos

Power Generation Generation and distribution

Communications Phone, Radio, TV

Water Treatment, Water management, sewer

Emergency Department



Are we ready to develop these systems?

Are we ready?• To deliver the functionality?• To deliver the performance?• To integrate dozens to hundreds of complex systems? • To deliver the system with adequate security? • To deliver the system with adequate safety?





Malware implicated in fatal Spanair plane crash

- msnbc.com August 23, 2010







Nuclear plant in Georgia forced into emergency shutdown due to

unintentional “cyber-incident”- Washington Post, June 5, 2008









Braking software glitch contributes to recall of hundreds of thousands of

vehicles worldwide- Associated Press, 2010









Braking software glitch contributes to recall of hundreds of thousands of

vehicles worldwide- Associated Press, 2010

Siemens SCADA system breached by weaponized computer virus

- ComputerWorld July 17, 2010



Systems Engineering – the solution to all our problems….?



State of the Practice for Systems Development Systems and Software Engineering Environment in general

Are document-centric

Require huge investment in planning that doesn’t reflect actual project execution

Have difficulty adapting to change.

Require expensive and error-prone manual review and update processes.

Require long integration and validation cycles

Are difficult to maintain over the long haul

Additional standards constraints (eg DO-178B, ISO26262, AUTOSAR, DoDAF) add to the challenge Tooling Selection

Dependability engineering

Safety

Reliability

Security

System certification



Modern Processes and Practices are Evolving

Past Future

Model-Based Engineering

Defect Avoidance

Defensive Design

Continuous Integration

Risk Management

Project Governance

Dynamic Planning THE AGILE MODEL

RequirementsDefinition &Management

Analysis & Design

Quality Management

Build & Release

Management

Construction

Configuration & Change

Mgmt

Asset Management

& Reuse

Production

Moving from waterfall “ballistic” planning to incremental, adaptive approach



High-Fidelity Modeling for Systems Engineering

Hi-MBE brings to engineering Precision

Executability

Stakeholder/Analysis-relevant viewpoints at any desired level of abstraction e.g.

Functionality

State-based behavior

Algorithmic/control behavior

Structure and Architecture

Integration of engineering work, e.g.

Functional requirements

Dependability analysis

– Safety

– Reliability

– Security/Information Assurance

Architectural structure, behavior, and allocation

Control analysis



Models and Viewpoints in Model-Based Systems Engineering

Functional Model

Executable use casesFunctional and

QoS requirements

DependabilityModel

Safety, reliability,and security analysisFTA, FMEA, FEMCA,Asset Diagram, SAD

ControlModel

Control algorithms,mathematical models

ArchitecturalModel

Subsystems, interfaces, Subsystem use cases/

Requirements

Model-based

handoff

SubsystemModel(s)

Mechanical Specification

ElectronicSpecification

SoftwareSpecification Model and text

Model and text

Model and text



Dependability == ∑ Safety, Reliability, and Security

Cyberphysical systems and system of systems exist today that create and manage society-supporting services and systems, including Power grids

Transportation (air, ground, and sea)

Emergency response

Water and sewage

Communications

… to name just a few

Cyberphysical systems and systems of systems have the potential for extremely impactful consequences in terms of safety, reliability, and security

It is crucial that we can reason appropriately about these concerns early and not rely on ex post facto analyses



Model-Based Dependability Analysis



Model-Based Threat Analysis

Security Analysis Diagram (SAD) is like a Fault Tree Analysis (FTA) but for security, rather than safety It looks for the logical relation

between assets, vulnerabilities, attacks, and security violations

Permits reasoning about security

What kind?

How much?

Where?

When?

Risk assessments



Model-Based Threat Analysis An Asset Diagram looks at

the semantic relations between roles, authentication, vulnerabilities, and countermeasures. It is a way of representing the security-relevant design elements. Here it is shown with

traceability links to requirements

Assets can be Physical

Informational

Currency

Resource

Security

Services



Auto-generation of dependability-relevant summary data

Fault Source Matrix, Fault Detection Matrix, Fault-Requirement Matrix, FMEA, FMCA, Hazard Analysis…Fault Source Matrix, Fault Detection Matrix, Fault-Requirement Matrix, FMEA, FMCA, Hazard Analysis…

• Traceability improves your ability to make your safety/security case

Dependability metadata guides- System requirements- Downstream engineering work- Regulatory approval submissions

• Traceability improves your ability to make your safety/security case

Dependability metadata guides- System requirements- Downstream engineering work- Regulatory approval submissions



Design for Dependability

Requirements Analysis:• Functional and Non-Functional

Requirements• Safety Requirements• Business and Regulatory

Requirements

Requirements Analysis:• Functional and Non-Functional

Requirements• Safety Requirements• Business and Regulatory

RequirementsARP-4754

Systems Eng.

SoftwareDeveloper

System and Software Design:• Structural• Behavioral• Temporal

• …

System and Software Design:• Structural• Behavioral• Temporal

• … DO-178BIEC 62304

Safety Eng.

Dependability Analysis:• Fault Tree Analysis (FTA)• Fault Means and Effective

Analysis (FMEA)• Hazard Analysis• Security Analysis Diagram• Asset Diagram

Dependability Analysis:• Fault Tree Analysis (FTA)• Fault Means and Effective

Analysis (FMEA)• Hazard Analysis• Security Analysis Diagram• Asset Diagram

ARP-4761ISO

26262IEC 61508



Systems Engineering Workflows (e.g. Safety Analysis)

Harmony/SESystems Engineering:

Requirements Analysis



Harmony/SE: Design Synthesis



Update Safety Analysis Task



Achieve “quality by design” with an integrated, automated

testing process

Manage all system requirements with full traceability across

the lifecycle

Use modeling to validate requirements, architecture and design throughout the development process

Architecture & DesignRational Rhapsody

Quality ManagementRational Quality Manager

Requirements ManagementRational DOORS

Tooling automates best practice workflows

Practices

and Process

Collaborate across diverse engineering disciplines and development teams

Achieve common goals by optimizing how people work

Increase efficiency and predictability by integrating workflows

COLLABORATEContinuously improve

by measuring and reporting progress

REPORTAUTOMATE

CollaborationRational Team Concert



Designing systems as if our lives depend on them

Our society is only sustainable with technological assistance Reliable, safe, and secure delivery of services

Productivity of agriculture and industry

Unbroken distribution chains

Low cost of energy

Balancing dwindling resources

Innovation in production

The systems we create today are absolutely crucial in supporting our society, health, and well-being

(Hard) Each individual system must be designed to be reliable, safe, and secure

(Harder) The totality of systems acting in concert must be reliable, safe and secure

This can be done by innovatively supporting systems development with Intelligence

Best Practices

Tooling



Thank you very much!

Date post:	20-May-2015
Category:	Technology
Upload:	bruce-douglass
View:	1,152 times
Download:	1 times

Embedded ubiquity keynote

Technology