diff --git a/mybib.bib b/mybib.bib index 73ab943..c34dd53 100644 --- a/mybib.bib +++ b/mybib.bib @@ -25,7 +25,7 @@ volume={6351}, series={Lecture Notes in Computer Science}, editor={Schoitsch, Erwin}, doi={10.1007/978-3-642-15651-9_18}, -title={Overcoming Non-determinism in Testing Smart Devices: A Case Study}, +title={Testing Smart Devices: A Case Study}, url={http://dx.doi.org/10.1007/978-3-642-15651-9_18}, publisher={Springer Berlin Heidelberg}, keywords={testing; non-determinism; smart instruments; safety}, @@ -393,6 +393,7 @@ URL = {http://search.ebscohost.com.ezproxy.brighton.ac.uk/login.aspx?direct=true Year = {2005} } + @INPROCEEDINGS{931423, author={Throop, D.R. and Malin, J.T. and Fleming, L.D.}, booktitle={Aerospace Conference, 2001, IEEE Proceedings.}, @@ -487,17 +488,14 @@ ISSN={2166-563X},} YEAR = "1980" } -@ARTICLE{5492693, -author={Bishop, P. and Bloomfield, R. and Littlewood, Bev and Povyakalo, A. and Wright, D.}, -journal={Software Engineering, IEEE Transactions on}, -title={Toward a Formalism for Conservative Claims about the Dependability of Software-Based Systems}, -year={2011}, -volume={37}, -number={5}, -pages={708-717}, -keywords={probability;software fault tolerance;uncertainty handling;conservative claims;formal support;probability of failure on demand;software-based system dependability;software-based system reliability;software-based system safety;Battery powered vehicles;Phase frequency detector;Power engineering and energy;Power engineering computing;Programming;Reliability engineering;Software reliability;Software safety;Software systems;Uncertainty;Bayesian probability;safety case;software reliability.}, -doi={10.1109/TSE.2010.67}, -ISSN={0098-5589},} +@article{silsandsoftware, +author={Bishop, P.}, +journal={Safety-Critical Systems Club Newsletter, 14(2)}, +title={SILs and software}, +year={2005}, +volume={14}, +number={2}, +} % $Id: mybib.bib,v 1.3 2009/11/28 20:05:52 robin Exp $ @article{Clark200519, @@ -985,8 +983,27 @@ ISSN={1530-2059},} TITLE = " The Joy of Sets: 2nd edition: ISBN 978-0-387-94094-6", PUBLISHER = " Springer", YEAR = "1993" -} +} +@ARTICLE{5492693, +author={Bishop, P. and Bloomfield, R. and Littlewood, Bev and Povyakalo, A. and Wright, D.}, +journal={Software Engineering, IEEE Transactions on}, +title={Toward a Formalism for Conservative Claims about the Dependability of Software-Based Systems}, +year={2011}, +volume={37}, +number={5}, +pages={708-717}, +keywords={probability;software fault tolerance;uncertainty handling;conservative claims;formal support;probability of failure on demand;software-based system dependability;software-based system reliability;software-based system safety;Battery powered vehicles;Phase frequency detector;Power engineering and energy;Power engineering computing;Programming;Reliability engineering;Software reliability;Software safety;Software systems;Uncertainty;Bayesian probability;safety case;software reliability.}, +doi={10.1109/TSE.2010.67}, +ISSN={0098-5589},} + + +@MISC{concurrency_c_tool, + author = "D. Sheridan", + title = "Simple Concurrency Analysis Plugin for Frama-C", + howpublished = "Available from https://bitbucket.org/adelard/simple-concurrency", + year = "2013" +} @MISC{microchip, author = "Microchip", diff --git a/related_papers_books/SCSC_Newsletter_Software_SILs.pdf b/related_papers_books/SCSC_Newsletter_Software_SILs.pdf new file mode 100644 index 0000000..3f405e7 Binary files /dev/null and b/related_papers_books/SCSC_Newsletter_Software_SILs.pdf differ diff --git a/submission_thesis/CH2_FMEA/copy.tex b/submission_thesis/CH2_FMEA/copy.tex index d018ed5..b5f223d 100644 --- a/submission_thesis/CH2_FMEA/copy.tex +++ b/submission_thesis/CH2_FMEA/copy.tex @@ -1271,9 +1271,13 @@ That is that the SIF can recognise that it has a fault condition and can take ap % The MTTF value for each component {\fm} is denoted using the symbol `$\lambda$'. % +\paragraph{SIL and Software.} EN61508 regulation in relation to software provides procedural quality guidelines and constraints (such as forbidding certain programming languages and/or features): it does not provide a means to trace failure mode effects in software -or across the software/hardware interface. +or across the software/hardware interface. +% +While procedural guidelines and constraints can improve software reliability, ensuring that reliability targets, for software, +are actually met for given SIL levels is currently almost impossible~\cite{silsandsoftware}. %\subsection{ FMEDA - Failure Modes Effects and Diagnostic Analysis} diff --git a/submission_thesis/CH3_FMEA_criticism/copy.tex b/submission_thesis/CH3_FMEA_criticism/copy.tex index 638d05a..3552198 100644 --- a/submission_thesis/CH3_FMEA_criticism/copy.tex +++ b/submission_thesis/CH3_FMEA_criticism/copy.tex @@ -174,8 +174,9 @@ Modern control systems nearly always have a significant software/firmware elemen and not being able to model software with current FMEA methodologies is a cause for criticism~\cite{safeware}[Ch.12]. % -Some techniques apply conservative estimates of a given software implementation -and use those to estimate reliability statistics~\cite{5492693}. +Some techniques apply blanket estimates for a given software implementation, based +on the verification techniques applied in its testing, +to aid calculation of system level reliability statistics~\cite{5492693}. %Even the traditionally conservative nuclear industry is now %facing up to the ubiquity of software in control systems~\cite{parnas1991assessment}. Similar difficulties in integrating mechanical and electronic/software @@ -198,13 +199,16 @@ and FMEA (bottom-up inductive) to be performed on the same system to provide insight into the software hardware/interface~\cite{embedsfmea}. % -Although this -should give a better picture of the failure mode behaviour, it -is by no means a rigorous approach to tracing errors that may occur in hardware +Subtle problems in embedded software are often due to interrupt contention causing unintended +corruption of variables: automated tools to aid in the detection of these +are becoming available~\cite{concurrency_c_tool}. +% +Although these +should give a better picture of the failure mode behaviour, they are by no means a rigorous approach to tracing errors that may occur in hardware through to the top (and therefore ultimately controlling) layer of software. % With the increasing use of micro-controllers in place of analogue electronics -for most new designs of electronic product, the poor integration capabilities of FMEA +for most new designs of electronic product, the poor software integration capabilities of FMEA are now being seen as deficiencies. This is becoming apparent in a dilemma now faced