• Communications of the Korean Institute of Information Scientists and Engineers
• /
• v.30 no.2
• /
• pp.62-71
• /
• 2012

• Journal of the Korea Institute of Military Science and Technology
• /
• v.15 no.5
• /
• pp.543-549
• /
• 2012

Hybrid electric propulsion systems are expected as future primary combat platforms because the systems can supply enough electric power, easily locate components inside vehicles, and maneuver without undesired noise. However, increasing electric/electronic/software usage causes abnormal failure patterns which have not been noticeable in conventional automotive. Recently, the functional safety standard for road vehicles were enacted and vehicle manufacturers request their components which satisfy standardized quality. This research analyzes functional safety standards(IEC 61508 and ISO 26262) and compares the standards for road vehicles with military standards of system safety. Strategies to apply functional safety in the combat hybrid electric vehicle are scrutinized.

• IE interfaces
• /
• v.25 no.4
• /
• pp.416-421
• /
• 2012

One of the activities to improve software quality in ISO 26262 is to apply the design principles for software unit design and implementation mentioned in ISO 26262-6, including the evaluation activity. Before evaluation activity, the tool is compared and selected for evaluation. Because the results of the tool a company selected might have an effect on product quality. In this paper, we suggest the method to compare industrial static analysis tools with some of "MISRA C : 2004 Exemplar Suite" and all lessons learned from comparing tools are described. The result on comparison shows that we just couldn't rely on a result of Static Analysis Tool and need to have another appropriate processes and guidelines to evaluate a software.

• Journal of Advanced Navigation Technology
• /
• v.19 no.2
• /
• pp.91-97
• /
• 2015

This paper specifies several considerations about assessing safety-critical software in the aerospace domain. In order to evaluate safety critical software in the aerospace industry, it is required to identify an information of evaluation criteria of software under evaluation. The information is specified in the standard, but determination of evaluation criteria cannot be decided by itself and depends on the results of safety assessment of a system and system design. Thus, this paper explains required information of system development standard and safety assessment standard to determine software evaluation criteria. It surveys existing methodologies about evaluating software, and suggests method which is adapted to evaluation of an advanced surface movement guidance and control system (A-SMGCS) software.

• Nuclear Engineering and Technology
• /
• v.32 no.6
• /
• pp.537-548
• /
• 2000

The requirement of ultra high reliability of the safety critical software can not be demonstrated by testing alone. The specification based on formal method is recommended for safety system software. But there exist various kinds of formal methods, and this variety of formal method is recognized as an obstacle to the wide use of formal method. In this paper six different formal method have been applied to the same part of the functional requirements that is calculation algorithm intensive. The specification results were compared against the criteria that is derived from the characteristics that good software requirements specifications should have and regulatory body recommends to have. The application experience shows that the critical characteristics should be defined first, then appropriate method has to be selected. In our case, the Software Cost Reduction method was recommended for internal condition or calculation algorithm checking, and statechart method is recommended for the external behavioral description.

• Journal of the Korean Society for Railway
• /
• v.3 no.3
• /
• pp.147-153
• /
• 2000

The train control and monitoring system (TCMS) is an on board computer system in railway vehicles performing the control, supervisory and diagnostic functions of the complete train system. This system replaces a lot of hard-wired relays and minimizes the necessary vehicle wiring thus increasing the reliability of the train. It is also one of more important equipment on vehicle to implement much higher safety and reliability train system. We studied a software design technique of TCMS using a CASE tool that is a kind of safety critical software engineering tool (SCADE). This tool has mainly four functions such as the graphical editor, the document maker, tile automatically code generator, and the test simulator. The several functions of TCMS are implemented in this software easily programmed using a functional block diagram and a graphic programming language. We applied to automatically generated TCMS modules on the SCADE each functional block for the Standard type EMU in Korea. We performed the combination test using TCMS simulator and the running test in Seoul subway 7 Line. We proved that this technique is more useful for the software design of TCMS in urban transit

• Journal of Ocean Engineering and Technology
• /
• v.24 no.6
• /
• pp.103-108
• /
• 2010

WIG crafts are high speed vessels with the features of a dynamic supported craft. These crafts, which are predominantly lightweight and operate at substantially greater speeds than conventional craft, could not be accommodated under traditional maritime safety instruments. WIG crafts inherently possess more hazard factors than conventional ships because of their relatively high speed, lightweight, and navigational characteristics, and an accident is likely to cause damage to the ship and a high loss of life. Because WIG crafts are composed of many systems and subsystems, the safety assessment of a WIG must use a commercial software system in the design stage. This paper reviews a safety assessment process and methodology proposed by the IMO interim guideline, which were developed in view of the configuration of WIG crafts. This safety assessment system was developed to fit the WIG's safety assessment process using a reliability analysis system widely used in commercial systems. The FHA was performed on the functional hazards of systems in the conceptual design stage.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.11 no.4
• /
• pp.59-67
• /
• 2008

In the next near future, the human would like to use the small unmanned ground vehicle(SUGV) on the diverse fields. Specially the world of today is tried to apply with operating the task on very difficult working environments such as some dangerous or unreachable area. To work this task, this vehicle should be guaranteed with the high level of reliability, safety, and performance. In this paper, we propose to focus on not only the functional requirements, but also the non-functional requirements based on software architecture at the design stage for developing the embedded system. Through focusing on the non-functional requirements on this software architecture, we can obtain the design goal of the target system and also show the enhancement of reliability, safety and performance with 'Vtune' performance analysis tool.

• Nuclear Engineering and Technology
• /
• v.27 no.1
• /
• pp.84-95
• /
• 1995

Application of computer software to safety-critical systems is on the increase. To be successful, the software must be designed and constructed to meet the functional and performance requirements of the system. For safety reason, the software must be demonstrated not only to meet these requirements, but also to operate safely as a component within the system. For longer-term cost consideration, the software must be designed and structured to ease future maintenance and modifications. This paper present a software engineering process for the production of safety-critical software for a nuclear power plant The presentation is expository in nature of a viable high quality safety-critical software development. It is based on the ideas of a rational design process and on the experience of the adaptation of such process in the production of the safety-critical software for the Shutdown System Number Two of Wolsong 2, 3 & 4 nuclear power generation plants. This process is significantly different from a conventional process in terms of rigorous software development phases and software design techniques. The process covers documentation, design, verification and testing using mathematically precise notations and highly reviewable tabular format to specify software requirements and software design. These specifications allow rigorous, stepwise verification of software design against software requirements, and code against software design using static analysis. The software engineering process described in this paper applies the principle of information-hiding decomposition in software design using a modular design technique so that when a change is' required or an error is detected, the affected scope can be readily and confidently located. It also facilitates a sense of high degree of confidence in the ‘correctness’ of the software production, and provides a relatively simple and straightforward code implementation effort.

• Journal of Information Processing Systems
• /
• v.14 no.2
• /
• pp.309-321
• /
• 2018

In the conventional computing environment, users use only a small number of software systems intensively. So it had been enough to check and guarantee the functional correctness and safety of a small number of giant systems in order to protect the user systems and their information inside the systems from outside attacks. However, checking the correctness and safety of giant systems is not enough anymore, since users are using various software systems or web services provided by unskilled developers. To prove or guarantee the safety of software system, a lot of research has been conducted in diverse areas of computer science. We will discuss the on-going approaches for guaranteeing or verifying the safety of software systems in this paper. We also discuss the future research challenge which must be solved with better solutions in the near future.