Conferences and supporting programme
High Integrity Software is Fundamental to Autonomous Embedded Systems
A fundamental principle of an autonomous embedded system is that it must be trusted to do the right thing, always. The early automobiles required a high degree of operator interaction for the automobile to function. The operator had to be mindful of a wide array of complex interactions and be skilled in understanding the correct settings and operations required to run the automobile. Over time these systems, such as the transmission and the carburetor choke became automatic, meaning the operator no longer needed to worry about that aspect of the operation of the car. These systems worked autonomously and could be relied on to do the right thing. In today’s modern automobile we have beyond mechanical autonomous systems to using Electronic Control Units (ECUs), leveraging the power of computers and software to provide sophisticated autonomous control systems for anti-lock braking, collision detection, and lane change warnings just to name a few. Ultimately this pattern continues and now we see the emergence of Advanced Driver Assistance Systems (ADAS) and Automated Driving Systems promising a future when manually operating an automobile will be considered reckless behavior. But as we advance this technology, we see the increasing dependence of software in autonomous systems. Understanding the behavior of this software is the key to assessing its integrity. By their nature, autonomous embedded systems carry with them a degree of risk for the potential to cause injury or loss of life. To meet the goal of a fully automated driving system, we must return to lessons learned by the safety critical industries for the development of high integrity software. The automobile industry itself has taken a lead in establishing standards for software integrity. ISO 26262 and MISRA are the two software standards applying to verification and validation of vehicle based software. ISO 26262 is a Functional Safety standard for Road vehicles. Part 6 of this standard addresses the recommendations for software testing and verification as part of the standard for software development. Recommended activities include both unit level and system level testing such as functional tests (requirement-based tests and partition tests) and structural coverage tests. Test tools that support capture and reporting of structural code coverage for all Automotive Safety Integrity Levels (ASIL) required by ISO 26262 are highly recommended. ASIL is the automotive-specific risk-based approach for determining product risk classes. These standards must however be practical from a business perspective. The level of testing effort must be correlated to associated level of risk. Inefficient testing practices must be replaced with an automated repeatable software quality testing process allowing for rapid innovation (agility) while at the same time maintaining the integrity levels mandatory for an autonomous embedded system.
--- Date: 01.03.2018 Time: 9:30 AM - 10:00 AM Location: Conference Counter NCC Ost