• 소프트웨어공학소사이어티 논문지
• /
• 제29권1호
• /
• pp.7-12
• /
• 2020

최근 기능 안전에 대한 관심이 높아짐에 따라 다양한 산업 분야에서 기능 안전 표준의 적용이 요구되고 있다. 기능 안전 표준은 시스템의 오작동을 방지하기 위해 필요한 기능 안전 관련 활동들을 정의한 문서이다. 이 표준에 정의된 모든 활동들은 시스템의 위험 분석 및 평가를 통해 산출된 등급 분류 결과에 따라 차등적으로 요구된다. 국내 무기체계 분야에는 방위사업청에서 발간한 무기체계 소프트웨어 개발 및 관리 매뉴얼이 존재한다. 이 매뉴얼은 기능 안전 관련 활동으로 소프트웨어 정적 및 동적 분석 활동을 요구한다. 하지만 해당 매뉴얼에는 선행 활동으로 요구되는 위험 분석 및 평가를 통한 등급 분류 활동 관련 내용이 구체적으로 언급되고 있지 않다. 따라서 본 연구에서는 대표적인 기능 안전 표준들을 기반으로 무기체계 소프트웨어 개발 및 관리 매뉴얼의 문제점을 분석하고 이에 대한 개선 방안을 제시하도록 한다.

• Nuclear Engineering and Technology
• /
• 제27권3호
• /
• pp.385-392
• /
• 1995

월성원자력 2, 3, 4호기 safety-critical 소프트웨어에 대한 규제 기관의 요구사항을 만족시키기 위하여 소프트웨어 엔지니어링 절차가 개발되었다. 본 논문에서는 그 중에서 검증시험절차에 대하여 기술하였는데, 검증시험이란 설계그룹에서 개발된 소프트웨어가 독립된 기능그룹에서 부여한 요구사항을 모두 만족하는지를 확인하는 것이다. 이 검증시험을 수행하기 위하여 시험설비와 시험용 소프트웨어가 개발되었으며, 검증시험은 기능시험, 성능시험 및 자기점검시험 등으로 구성되었다. 시험결과를 분석하여, 불만족한 경우는 설계그룹에 통보되어 소프트웨어가 수정되었고, 최종결과는 보고서로 작성되어 규제기관에 제출될 것이다. 개발된 검증시험 방법과 절차는 효율적이고 성공적이었으며, 시험결과는 소프트웨어가 기능사양서를 충분히 만족시킨다는 것을 성공적으로 검증함을 보여주었다. 본 시험방법은 다른 safety-critical 소프트웨어 검증에도 적용될 수 있을 것이다.

• 대한임베디드공학회논문지
• /
• 제16권6호
• /
• pp.267-276
• /
• 2021

The automotive industry and academic research have been continuously conducting research on standardization such as AUTOSAR (AUTomotive Open System ARchitecture) and ISO26262 to solve problems such as safety and efficiency caused by the complexity of electric/electronic architecture of automotive. AUTOSAR is an automotive standard software platform that has a layered structure independent of MCU (Micro Controller Unit) hardware, and improves product reliability through software modularity and reusability. And, ISO26262, an international standard for automotive functional safety and suggests a method to minimize errors in automotive ECU (Electronic Control Unit)s by defining the development process and results for the entire life cycle of automotive electrical/electronic systems. These design methods are variously applied in representative automotive safety-critical systems. However, since the functional and safety requirements are different according to the characteristics of the safety-critical system, it is essential to research the AUTOSAR functional safety design method specialized for each application domain. In this paper, a software functional safety mechanism design method using AUTOSAR is proposed, and a new failure management framework is proposed to ensure the high reliability of the product. The AUTOSAR functional safety mechanism consists of memory partitioning protection, timing monitoring protection, and end-to-end protection. The fault management framework is composed of several safety SWCs to maintain the minimum function and performance even if a fault occurs during the operation of a safety-critical system. Finally, the proposed method is applied to the Shift-by-Wire system design to prove the validity of the proposed method.

• 디지털콘텐츠학회 논문지
• /
• 제18권2호
• /
• pp.393-401
• /
• 2017

각 산업분야에 사용되는 시스템의 소프트웨어 비중이 늘어남에 따라 소프트웨어 안전성과 관련된 사고가 증가하고 있다. 철도, 항공, 의료 등의 주요 산업분야에서는 이를 해결하기 위해 IEC 61508 기반의 안전표준을 작성하여 따르는 것을 권고하고 있다. 항해 장비분야에는 안전표준이 마련되어 있지 않아 기능안전에 대한 확인을 위해 적절한 가이드가 필요하다. 본 논문에서는 정보통신산업진흥원의 기능안전성 공통 개발 가이드를 참고하여 항해 장비의 소프트웨어 기능안전성 확보를 위한 위험분석 단계의 절차와 산출물을 정의하였다. 선박에 탑재하여 수심을 측정하는 음향측심기를 대상으로 사례 연구를 하였다.

• 한국신뢰성학회지:신뢰성응용연구
• /
• 제16권3호
• /
• pp.216-223
• /
• 2016

Purpose: This paper suggests the procedure to enhance the reliability of the software of the medical device that is to cure, treat, diagnose, and prevent a disease or an abnormal health conditions. Methods: After test requirements are classified by the software requirements specification for safety and backgrounds, reliability assessment methods are suggested. Results: Verification and validation for function and safety can be performed whether the medical device software are implemented as intended. Conclusion: Procedure on the static analysis, unit test, integration test, and system test are provided for the medical device software.

• International Journal of Internet, Broadcasting and Communication
• /
• 제15권3호
• /
• pp.219-230
• /
• 2023

With the development of autonomous driving technology, as the use of software in vehicles increases, the complexity of the system increases and the difficulty of development increases. Developments that meet ISO 26262 must be carried out to reduce the malfunctions that may occur in vehicles where the system is becoming more complex. ISO 26262 for the functional safety of the vehicle industry proposes to consider functional safety from the design stage to all stages of development. Specifically at the software level, the requirements to be complied with during development and the requirements to be complied with during verification are defined. However, it is not clearly expressed about specific design methods or development methods, and it is necessary to supplement development guidelines. The importance of analysis and verification of requirements is increasing due to the development of technology and the increase of system complexity. The vehicle industry must carry out developments that meet functional safety requirements while carrying out various development activities. We propose a process that reflects the perspective of system engineering to meet the smooth application and developmentrequirements of ISO 26262. In addition, the safety analysis/verification FMEA processforthe safety of the proposed ISO 26262 function was conducted based on the FCAS (Forward Collision Avoidance Assist System) function applied to autonomous vehicles and the results were confirmed. In addition, the safety analysis/verification FMEA process for the safety of the proposed ISO 26262 function was conducted based on the FCAS (Forward Collision Avoidance Assist System) function applied to the advanced driver assistance system and the results were confirmed.

• 전기학회논문지P
• /
• 제64권3호
• /
• pp.138-142
• /
• 2015

Most of the existing studies on functional safety testing for the railway signaling system software have focused on verifying the functional safety through the monitoring of internal memory embedded railway signaling system. However, the railway signaling system is one of the typical embedded control system in the railway sector, and the embedded software has a characteristic of generating an appropriate outputs through the combination of internal processing in consideration of the current internal status and external input. Therefore, the test approach of using the interface communication channel can be effective way for the functional testing for railway signaling system software in consideration of these characteristic. Since a communication interface specification of the railway signal system has a the properties of the sequence input and output signals, test-case for software testing is the most effective methodology by MSC (Message Sequence Chart) language, one of the graphic language. The MSC-based test-case generating methodology for signaling system software was proposed in this paper.

• Journal of Electrical Engineering and Technology
• /
• 제10권4호
• /
• pp.1915-1920
• /
• 2015

ISO 26262 is an international standard for the functional safety of electric and electronic systems in vehicles, and this standard has become a major issue in the automotive industry. In this paper, a functional safety compliant electronic control unit (ECU) for an electric power steering (EPS) system and a demonstration purposed EPS system are developed, and a software and hardware structure for a safety critical system is presented. EPS is the most recently introduced power steering technology for vehicles, and it can improve driver’s convenience and fuel efficiency. In conformity with the design process specified in ISO 26262, the Automotive Safety Integrity Level (ASIL) of an EPS system is evaluated, and hardware and software are designed based on an asymmetric dual processing unit architecture and an external watchdog. The developed EPS system effectively demonstrates the fault detection and diagnostic functions of a functional safety compliant ECU as well as the basic EPS functions.

• 시스템엔지니어링학술지
• /
• 제13권1호
• /
• pp.57-65
• /
• 2017

Recently, the ratio of electrical part and embedded software has grown in automotive industry. ISO 26262, 'Road Vehicles - Functional Safety', was published to guide development of automotive electrical and electronic part in 2011. This paper describes definition of functional safety and analyzes ISO 26262. The comparison of ISO 26262 and DO-178C is made, then difference between them is identified. DO-178C provides guidance for the production of software for airborne system and equipment. The core of DO-178C is a relatively minor update to the previous DO-178B, however, the big changes are captured in the supplemented documents such as DO-331, 'Model-Based Development and Verification Supplement to DO-178C and DO-278A'. Model-based design is important to develop automotive and aircraft meeting the guidelines of ISO 26262 and DO-178C. In this paper, the sample case of applying MBSE(Model-Based Systems Engineering) to AVCS(Active Vibration Control System) software development is discussed.

• 중소기업융합학회논문지
• /
• 제2권1호
• /
• pp.11-18
• /
• 2012

소프트웨어의 규모가 커지고 복잡해지면서 소프트웨어의 기능적 실패(Functional Failure)를 만들어 내는 위험(Hazard) 요소들을 분석하기가 어려워지고 있다. 안전 필수 시스템(원자력 발전소, 항공관제 시스템, 철도 운영 시스템)에서 이런 기능적 실패는 곧 큰 사고 (인명피해, 환경오염) 로 이어지게 된다. 따라서 이러한 기능적 실패를 방지하고 소프트웨어의 안전성을 높이기 위해서는 소프트웨어 안전성 분석이 필요하다. 하지만 몇 가지 이유 (시간과 노력, 안전성 분석 기법의 다양한 지식 부족, 기관이나 회사의 관습적인 방법 사용) 로 적절하지 못한 안전성 분석 기법을 선택하게 되는 경우가 있다. 따라서 본 논문에서는 기존 안전성 분석 기법과 최신 안전성 분석 기법, 통합 모델 몇 가지를 소개 하겠다. 이것을 통해 전문가는 여러 종류의 안전성 기법을 간략하게 확인 할 수 있을 것이고, 시스템에 맞는 안전성 분석 기법을 선택하는데 도움을 받을 수 있을 것이다.