PICASSOS – Practical Applications of Automated Formal Methods to Safety Related Automotive Systems

PICASSOS was a UK government funded program to improve the ability of automotive supply chains to develop demonstrably safe highly complex software-intensive systems cost effectively. This was executed by a consortium of three universities and five companies including an automotive OEM and suppliers. Three major elements of the PICASSOS project were: use of automated model based verification technology utilising formal methods; application of this technology in the context of ISO 26262; and evaluation to measure the impact of this approach to inform key management decisions on the costs, benefits and risks of applying this technology on live projects. The project spanned system level design and software development. This was achieved by using a unified model based process incorporating SysML at the system level and using Simulink and Stateflow auto-coded into C at the software level. An ISO 26262 compliant development process based on those already used by the commercial partners was used as a baseline, and a modified process using formal methods was developed. Tools that are commercially available were used wherever possible, and technology demonstrators were generated within the program. One of the program partners is enhancing these tools to make them suitable for commercial sale. A number of trials were undertaken comparing these two processes on Electric Vehicle based systems. The paper includes the results of one of the trials, showing that the formal methods based approach found errors that were missed by the standard process without significantly increasing the development time.

[1]  Peter Jesty,et al.  Safety Cases and Their Role in ISO 26262 Functional Safety Assessment , 2013, SAFECOMP.

[2]  Pierre David,et al.  Reliability study of complex physical systems using SysML , 2010, Reliab. Eng. Syst. Saf..

[3]  Avner Engel Verification, Validation, and Testing of Engineered Systems: Engel/Verification , 2010 .

[4]  Alexandre Mota,et al.  Model-based development of fault tolerant systems of systems , 2013, 2013 IEEE International Systems Conference (SysCon).

[5]  B.H.C. Cheng,et al.  Real-time specification patterns , 2005, Proceedings. 27th International Conference on Software Engineering, 2005. ICSE 2005..

[6]  Jean-Yves Choley,et al.  Safety analysis integration in a SysML-based complex system design process , 2013, 2013 IEEE International Systems Conference (SysCon).

[7]  Tim Kelly,et al.  Model-based safety assessment: Review of the discipline and its challenges , 2011, The Proceedings of 2011 9th International Conference on Reliability, Maintainability and Safety.

[8]  D. Sexton,et al.  Practical experiences of using formal requirements and their role in an overall work-flow , 2013 .

[9]  Edmund M. Clarke,et al.  Formal Methods: State of the Art and Future Directions Working Group Members , 1996 .

[10]  N. J. Tudor,et al.  Proving properties of automotive systems of systems under ISO 26262 using automated formal methods , 2014 .

[11]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[12]  Mark Ryan,et al.  Logic in Computer Science: Modelling and Reasoning about Systems , 2000 .

[13]  Ramin Tavakoli Kolagari,et al.  EAST-ADL: An Architecture Description Language for Automotive Software-Intensive Systems , 2013 .

[14]  Paul Jennings,et al.  Incorporating ISO 26262 Concepts in an Automated Testing Toolchain Using Simulink Design Verifier , 2016 .