AUTHORS: Ismael Etxeberria-Agiriano, Xabier Larrucea, Pablo Gonzalez-Nalda, Mari Carmen Otero, Isidro Calvo
Download as PDF
ABSTRACT: Robot Operating System (ROS) begins to be used in automotive industry as a component to be adapted and deployed in cars. However, its use varies according to a set of parameters, and its reliability depends on these values, and usage models. This paper proposes a certification approach based on evidences for a ROS based architecture aligned with the ISO26262 and its Safety Element out of Context (SEooC) component definition. This ROS based architecture is being tested in order to identify characteristics and thresholds to be used during the whole development life cycle, safety case definition and especially during the certification phase. Finally we have outlined an ISO26262 based certification process for this kind of component.
KEYWORDS: ROS, reliability, ISO26262, SEooC, Certification, Safety Case
REFERENCES:
[1] Jo K, Sunwoo M. Generation of a Precise Roadway Map for Autonomous Cars. IEEE Trans Intell Transp Syst 2014;15:925–37. doi:10.1109/TITS.2013.2291395.
[2] Kerr J, Nickels K. Robot Operating Systems: Bridging the gap between human and robot, 44th IEEE SouthE Symp System Theory; 2012, 99–104. doi:10.1109/SSST.2012.6195127.
[3] Zubrycki I, Granosik G. Test setup for multifinger gripper control based on Robot Operating System (ROS), 9th IEEE Intl Workshop Robot Motion and Control; 2013, p. 135–40. doi:10.1109/RoMoCo.2013.6614598. 4 https://www.automotivelinux.org/
[4] Sen Z, Lei S, Zhongliang C, Lishuang Z, Jingtai L. A ROS-based smooth motion planning scheme for a home service robot, 34th IEEE Chinese Control Conf; 2015, p. 5119–24. doi:10.1109/ChiCC.2015.7260438.
[5] Noh S, Park B, An K, Koo Y, Han W. Co-Pilot Agent for Vehicle/Driver Cooperative and Autonomous Driving. ETRI J 2015;37:1032– 43. doi:10.4218/etrij.15.0114.0095.
[6] Hawkins R, Habli I, Kelly T, McDermid J. Assurance cases and prescriptive software safety certification: A comparative study. Safety Science 2013; 59:55–71. doi:10.1016/j.ssci.2013.04.007.
[7] Gallina B. A Model-Driven Safety Certification Method for Process Compliance, IEEE Intl Symp Soft Reliability Eng Workshops; 2014, p. 204–9. doi:10.1109/ISSREW.2014.30.
[8] Larrucea X, Combelles A, Favaro J. SafetyCritical Software
[Guest editors’ introduction]. IEEE Software 2013; 30:25–7. doi:10.1109/MS.2013.55.
[9] Areias C, Cunha JC, Iacono D, Rossi F. Towards Certification of Automotive Software, IEEE Intl Symp Software Reliability Engin; 2014, p. 491–6. doi:10.1109/ISSREW.2014.54.
[10] International Standard Organisation. Road vehicles – Functional safety; ISO 26262, 2011.
[11] Adedjouma M, Hu H. Process Model Tailoring and Assessment for Automotive Certification Objectives, IEEE; 2014, p. 503–8. doi:10.1109/ISSREW.2014.23.
[12] Mader R, Armengaud E, Grießnig G, Kreiner C, Steger C, Weiß R. OASIS: An automotive analysis and safety engineering instrument. Reliability Eng & Syst Safety 2013;120:150– 62. doi:10.1016/j.ress.2013.06.045.
[13] OpenCert: Evolutionary Assurance and Certification for Safety-Critical Systems n.d. https://www.polarsys.org/introducing-opencertevolutionary-assurance-and-certificationsafety-critical-systems (Accessed March 16, 2017).
[14] Hawkins R, Habli I, Kelly T, McDermid J. Assurance cases and prescriptive software safety certification: A comparative study. Safety Science 2013; 59:55–71. doi:10.1016/j.ssci.2013.04.007.
[15] Dale C, Anderson T, editors. Advances in Systems Safety. London: Springer London; 2011.
[16] Steele P. Certification-based development of critical systems, IEEE; 2012, p. 1575–8. doi:10.1109/ICSE.2012.6227033.
[17] Ayoub A, Kim B, Lee I, Sokolsky O. A Systematic Approach to Justifying Sufficient Confidence in Software Safety Arguments. In: Ortmeier F, Daniel P, editors. Comput. Saf. Reliab. Secur., vol. 7612, Berlin, Heidelberg: Springer Berlin Heidelberg; 2012, p. 305–16.
[18] Dardar R, Gallina B, Johnsen A, Lundqvist K, Nyberg M. Industrial Experiences of Building a Safety Case in Compliance with ISO 26262, IEEE; 2012, p. 349–54. doi:10.1109/ISSREW.2012.86.
[19] Wassyng A, Maibaum T, Lawford M, Bherer H. Software Certification: Is There a Case against Safety Cases? In: Calinescu R, Jackson E, editors. Found. Comput. Softw. Model. Dev. Verification Adapt. Syst., vol. 6662, Berlin, Heidelberg: Springer Berlin Heidelberg; 2011, p. 206–27.
[20] Barry MR. CertWare: A workbench for safety case production and analysis, IEEE; 2011, p. 1– 10. doi:10.1109/AERO.2011.5747648.
[21] Hernandez C, Abella J. Timely Error Detection for Effective Recovery in Light-Lockstep Automotive Systems. IEEE Trans ComputAided Des Integr Circuits Syst 2015;34:1718– 29. doi:10.1109/TCAD.2015.2434958.
[22] Lyu MR. Software Reliability Engineering: A Roadmap, IEEE; 2007, p. 153–70. doi:10.1109/FOSE.2007.24.
[23] Hernandez C, Abella J. Timely Error Detection for Effective Recovery in Light-Lockstep Automotive Systems. IEEE Trans ComputAided Des Integr Circuits Syst 2015;34:1718– 29. doi:10.1109/TCAD.2015.2434958.
[24] Morris J, Lee G, Parker K, Bundell GA, Chiou Peng Lam. Software component certification. Computer 2001; 34:30–6. doi:10.1109/2.947086.
[25] Voas JM. Certifying off-the-shelf software components. Computer 1998; 31:53–9. doi:10.1109/2.683008.
[26] Musa JD, Everett WW. Software-reliability engineering: technology for the 1990s. IEEE Software 1990;7:36–43. doi:10.1109/52.60588.
[27] Musa JD. A theory of software reliability and its application. IEEE Trans Softw Eng 1975;SE-1:312–27. doi:10.1109/TSE.1975.6312856.
[28] Software Reliability. Reliab. Saf. Eng., vol. 0, London: Springer London; 2010, p. 193–228.
[29] Jung H-J, Yang H-S. Software Reliability Measurement Use Software Reliability Growth Model in Testing. In: Gervasi O, Gavrilova ML, Kumar V, Laganà A, Lee HP, Mun Y, et al., editors. Comput. Sci. Its Appl. – ICCSA 2005, vol. 3482, Berlin, Heidelberg: Springer Berlin Heidelberg; 2005, p. 739–47.
[30] Panesar-Walawege RK, Sabetzadeh M, Briand L. Using Model-Driven Engineering for Managing Safety Evidence: Challenges, Vision and Experience, IEEE; 2011, p. 7–12. doi:10.1109/WoSoCER.2011.8.
[31] Wohlin C, Regnell B. Reliability certification of software components, IEEE Comput. Soc; 1998, p. 56–65. doi:10.1109/ICSR.1998.685730.
[32] Bruyninckx H. Robotics Software: The Future Should Be Open
[Position]. IEEE Robot Autom Mag 2008;15:9–11. doi:10.1109/MRA.2008.915411.
[33] Quigley M, Conley K, Gerkey B, Faust J, Foote T, Leibs J, et al. ROS: an open-source Robot Operating System. ICRA Workshop Open Source Softw 2009;3:5.
[34] Staranowicz A, Mariottini GL. A survey and comparison of commercial and open-source robotic simulator software, ACM Press; 2011, p. 1. doi:10.1145/2141622.2141689.
[35] Noh S, Han W-Y. Collision avoidance in onroad environment for autonomous driving, IEEE; 2014, p. 884–9. doi:10.1109/ICCAS.2014.6987906.
[36] Nair S, de la Vara JL, Sabetzadeh M, Briand L. Classification, Structuring, and Assessment of Evidence for Safety - A Systematic Literature Review, IEEE; 2013, p. 94–103. doi:10.1109/ICST.2013.30.
[37] Ayoub A, Kim B, Lee I, Sokolsky O. A Systematic Approach to Justifying Sufficient Confidence in Software Safety Arguments. In: Ortmeier F, Daniel P, editors. Comput. Saf. Reliab. Secur., vol. 7612, Berlin, Heidelberg: Springer Berlin Heidelberg; 2012, p. 305–16.
[38] Linling S, Wenjin Z, Kelly T. Do safety cases have a role in aircraft certification? Procedia Eng 2011;17:358–68. doi:10.1016/j.proeng.2011.10.041.
[39] Dodd I, Habli I. Safety certification of airborne software: An empirical study. Reliab Eng Syst Saf 2012;98:7–23. doi:10.1016/j.ress.2011.09.007.
[40] Fachet R. Re-use of software components in the IEC-61508 certification process. vol. 2004, IEE; 2004, p. 8–8. doi:10.1049/ic:20040532.
[41] Zeng F, Lu M, Zhong D. Software Safety Certification Framework Based on Safety Case, IEEE; 2012, p. 566–9. doi:10.1109/CSSS.2012.147.
[42] Hawkins R, Kelly T, Knight J, Graydon P. A New Approach to creating Clear Safety Arguments. In: Dale C, Anderson T, editors. Adv. Syst. Saf., London: Springer London; 2011, p. 3–23.
[43] Musa JD, Iannino A, Okumoto K. Software reliability: measurement, prediction, application. New York: McGraw-Hill; 1987.
[44] Sârbu C, Johansson A, Suri N, Nagappan N. Profiling the operational behavior of OS device drivers. Empir Softw Eng 2010;15:380–422. doi:10.1007/s10664-009-9122-z.
[45] Jiang B, Chen P, Chan WK, Zhang X. To What Extent is Stress Testing of Android TV Applications Automated in Industrial Environments? IEEE Trans Reliab 2015:1–17. doi:10.1109/TR.2015.2481601.
[46] Baker R, Habli I. An Empirical Evaluation of Mutation Testing for Improving the Test Quality of Safety-Critical Software. IEEE Trans Softw Eng 2013;39:787–805. doi:10.1109/TSE.2012.56.
[47] Jelinska Z, Moranda PB. Software reliability research. Stat. Comput. Perform. Eval., n.d., p. 465–84.
[48] Goel AL, Okumoto K. Time-Dependent ErrorDetection Rate Model for Software Reliability and Other Performance Measures. IEEE Trans Reliab 1979;R-28:206–11. doi:10.1109/TR.1979.5220566.
[49] Davidsson M, Jiang Zheng, Nagappan N, Williams L, Vouk M. GERT: An Empirical Reliability Estimation and Testing Feedback Tool, IEEE; 2004, p. 269–80. doi:10.1109/ISSRE.2004.21.
[50] Xi J. Outlier Detection Algorithms in Data Mining, IEEE; 2008, p. 94–7. doi:10.1109/IITA.2008.26.
[51] Josephs HJ. The fixing of confidence limits to measurements. J Inst Electr Eng - Part II Power Eng 1945;92:194–206. doi:10.1049/ji- 2.1945.0049.
[52] Hatton L. Reexamining the fault density component size connection. IEEE Software 1997;14:89–97. doi:10.1109/52.582978.
[53] Hamlet D. Theory of Software Testing With Persistent State. IEEE Transactions Reliability 2015; 64:1098–115. doi:10.1109/TR.2015.2436443.
[54] Matsubara T. Process certification: a doubleedged sword. IEEE Softw 2000;17:104–5. doi:10.1109/52.895176.
[55] Davis RI, Burns A, Bril RJ, Lukkien JJ. Controller Area Network (CAN) schedulability analysis: Refuted, revisited and revised. RealTime Systems 2007; 35:239–72. doi:10.1007/s11241-007-9012-7.