• Journal of Aerospace System Engineering
• /
• v.7 no.2
• /
• pp.29-34
• /
• 2013

Safety requirements for aircraft and system functions include minimum performance constraints for both availability and integrity of the function. These safety requirements should be determined by conducting a safety assessment. The depths and contents of aircraft system safety assessment vary depending on factors such as the complexity of the system, how critical the system is to flight safety, what volume of experience is available on the type of system and the novelty and complexity of the technologies being used. Requirements that are defined to prevent failure conditions or to provide safety related functions should be uniquely identified and traceable through the levels of development. This will ensure visibility of the safety requirements at the software and electronic hardware design level. This paper has prepared to study on promoting the efficiency of establishing hierarchical safety requirements from aircraft level function to item level through system safety processes.

• Journal of the Korean Society for Railway
• /
• v.1 no.1 s.1
• /
• pp.10-19
• /
• 1998

Described in this paper is the software to design of a railway interlocking table, which describes the functional specifications of an interlocking device. Interlocking tables has been designed mainly based on personal expertise among signal engineers. However, this expertise needs to be analyzed with technical uniformity and integrated in an organized system. The proposed software is amount to the signal engineer's expertise, yet a generalization of interlocking reasoning. The algorithm is based on the train route setting principle, and is applicable in solving practical problems by computers. The software was evaluated through man-made and machine-made interlocking tables are compared. The evaluation results proves the software to be effective for computer control of the signaling system as interlocking system with a much improved safety.

• Journal of KIISE:Software and Applications
• /
• v.29 no.12
• /
• pp.860-872
• /
• 2002

Fault tree analysis is the most widely used saftly analysis technique in industry. However, the analysis is often applied manually, and there is no systematic and automated approach available to validate the analysis result. In this paper, we demonstrate that a real-time model checker UPPAAL is useful in formally specifying the required behavior of safety-critical software and to validate the accuracy of manually constructed fault trees. Functional requirements for emergency shutdown software for a nuclear power plant, named Wolsung SDS2, are used as an example. Fault trees were initially developed by a group of graduate students who possess detailed knowledge of Wolsung SDS2 and are familiar with safety analysis techniques including fault tree analysis. Functional requirements were manually translated in timed automata format accepted by UPPAAL, and the model checking was applied using property specifications to evaluate the correctness of the fault trees. Our application demonstrated that UPPAAL was able to detect subtle flaws or ambiguities present in fault trees. Therefore, we conclude that the proposed approach is useful in augmenting fault tree analysis.

• Journal of KIISE:Computing Practices and Letters
• /
• v.8 no.1
• /
• pp.46-61
• /
• 2002

Among the many phases involved in software development, requirements analysis phase in generally considered to play a crucial role in determining the overall software quality. Therefore, many software development companies manages the phase as one of the important phase. Especially, safety assurance through requirements analysis for safety-critical systems is quite demanding, and national and international bodies routinely require safety demonstration. Among various approaches, inspection and formal methods are generally shown to be effective. In this paper, we propose a formal verification procedure for SCR(Software Cost Reduction)-style SRS(Software Requirements Specification) using the PVS specification and verification procedure and applied this procedure to an industrial system such that a shutdown system for Wolsung nuclear power plant. This system had been verified through inspection not formal verification. The application of formal methods is rare in Korea, so it is very important to experiment about formal verification to industrial systems.

• Proceedings of the KSR Conference
• /
• 2008.06a
• /
• pp.603-609
• /
• 2008

Nowadays, double-system of TFM(Track-side Functional Modules) developed instead of single-system in use of high speed line to acquisition more availability. Safety Law for Railroad recommend to quality certification of development and general railway machines. It is important to select metrics which form the bases for testing software products. A number of package software development part do not open source cords, so testing external characteristic vectors having relationship with metrics. In this paper, review the process for the TFM Point Modules, Universal Modules and Switchers, think about the test methode of circuit boards output performance by using TFM tester and Simulators.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.10 no.5
• /
• pp.297-305
• /
• 2015

AFLS (Adaptive front lighting System) is being applied to improve safety in driving automotive at night. Safe embedded system for controlling head-lamp has to be tightly designed by considering safety requirement of hardware-dependent software, which is embedded in automotive ECU(Electronic Control Unit) hardware under severe environmental noise. In this paper, we propose an adaptive headlight controller with newly-designed symmetric angle sensor compensator, which is integrated with ECU-based adaptive front light system. The proposed system, on which additional backup hardware and emergency control algorithm are integrated, effectively detects abnormal situation and restore safe status of controlling the light-angle in AFLS operations by comparing result in symmetric angle sensor. The controlled angle value is traced into internal memory in runtime and will be continuously compared with the pre-defined lookup table (LUT) with symmetric angle value, which is used in normal operation. The watch-dog concept, which is based on using angle sensor and control-value tracer, enables quick response to restore safe light-controlling state by performing the backup sequence in emergency situation.

• Journal of the Korea Safety Management & Science
• /
• v.6 no.3
• /
• pp.211-235
• /
• 2004

Component based design is perceived as a key technology for developing advanced real-time systems in a both cost- and time effective manner. Already today, component based design is seen to increase software productivity, by reducing the amount of effort needed to update and maintain systems, by packaging solutions for re-use, and easing distribution. Nowdays, a thousand and one companies in If(Information Technology) industry such as Sl(System Integration) and software development companies, regardless of scale of their projects, has spent their time and endeavor on developing reusable business logic. The component software is the outcome of software developers effort on overcoming this problem; the component software is the way propositioned for quick and easy implementation of software. In addition, there has been lots of investment on researching and developing the software development methodology and leading If companies has released new standard technologies to help with component development. For instance, COM(Component Object Model) and DCOM(Distribute COM) technology of Microsoft and EJB(Enterprise Java Beans) technology of Sun Microsystems has turned up. Component-Based Development (CBD) has not redeemed its promises of reuse and flexibility. Reuse is inhibited due to problems such as component retrieval, architectural mismatch, and application specificness. Component-based systems are flexible in the sense that components can be replaced and fine-tuned, but only under the assumption that the software architecture remains stable during the system's lifetime. In this paper, It suggest that systems composed of components should be generated from functional and nonfunctional requirements rather than being composed out of existing or newly developed components. about implements and accomplishes the modeling for the Product Control component development by applying CCD(Contract-Collaboration Diagram), one of component development methodology, to MRP(Material Requirement Planning) System

• Journal of Advanced Navigation Technology
• /
• v.20 no.4
• /
• pp.285-291
• /
• 2016

Safety assessment is an essential activity for developing a system in the CNS/ATM domain. Up to now, there are many reference materials, but there is nothing that definitely specifies what to do and how to apply in the CNS/ATM. Another problem is that software assurance level has to be determined for a software under development. But there is nothing that defines a determination scheme of software assurance level. To solve these problems, this paper proposes a method to conduct a hazard assessment based on target level of safety defined in ICAO Doc 9689. To be applied generally in CNS/ATM domain, it mathematically defines procedures of hazard assessment. And it defines severity classification, probability, and safety objective of a system, which are necessary for hazard assessment, and it describes a method to apply event tree analysis process in order to conduct a hazard assessment.

• Journal of KIISE
• /
• v.44 no.9
• /
• pp.893-907
• /
• 2017

In safety-critical systems, software defects may have serious consequences. Therefore, defects should be considered during the requirements specification process, which is the first step of a software development lifecycle. Stakeholder requirements that are usually written in natural language are difficult to derived, and there may also be defects due to ambiguity and inaccuracy. To address these issues, we propose a requirement specification method using a standardized Boilerplate and a GSN Model. The Boilerplate is a semi-standard language that follows a predefined format. Due to its ability to provide a consistent representation of the requirements, boilerplate helps stakeholders avoid ambiguities about what they mean and to define the exact meaning of the requirement. Meanwhile, GSN is recognized notation to prepare a Safety Case to prove to authorities that a system is safe. It can be expressed as a functional goal, e.g., Safety Evidence, etc. The proposed study allows an analyst to easily identify a fault from the early stage of the software development lifecycle. The Boilerplate and GSN Model are designed to specify the requirements of safety critical systems and to prove safety conformity through a connection with Safety Evidence. In addition, the proposed approach is also useful to develop secure software by correcting deficiencies in the requirements found during this process.

• Proceedings of the KSR Conference
• /
• 2011.05a
• /
• pp.1195-1201
• /
• 2011

Since the release of safety standard IEC 61508 which defines functional safety of electronic safety-related systems, SIL(Safety Integrity Level) certification for railway systems has gained lots of attention lately. In this paper, we propose a new design technique of the computer board for train control systems with high reliability and safety. The board is designed with TMR(Triple Modular Redundancy) using a certified SIL3 Texas Instrument(TI)'s TMS570 MCU(Micro-Controller Unit) to guarantee safety and reliability. TMR for the control device is implemented on FPGA(Field Programmable Gate Array) which integrates a comparator, a CAN(Controller Area Network) communication module, built-in self-error checking, error discriminant function to improve the reliability of the board. Even if a malfunction of a processing module occurs, the safety control function based on the proposed technique lets the system operate properly by detecting and masking the malfunction. An RTOS (Real Time Operation System) called FreeRTOS is ported on the board so that reliable and stable operation and convenient software development can be provided.