Skip to content

Safety Telco: Agenda and Results

Jump to bottom Edit New page
Jan Welte edited this page Aug 6, 2013 · 7 revisions

This page provides an overview for the safety activities mainly covered during the safety telco of the openETCS WP 4 Validation and Verification workpackage.

This page provides an overview for the safety activities mainly covered during the safety telco of the openETCS WP 4 Validation and Verification workpackage.

Weekly Safety Telco 06.08.2013

Follow up of last week

  • There has been no safety telco at the 23. & 30.07.2013

  • Verification and Validation plan is release for review, please check how to add further safety aspects

  • WP 4 plans to start the VnV Level 1 tomorrow (07.08.2013)

  • the VnV Level 1 shall be beformed with daily scrum meeting to organise the work

Agenda this week’s Tuesday Safety Telco

1. What are the next steps for safety (Jan)

   * How to go on from the hazardous events
   * Which tools shall be used in the VnV Level 1

Jan will add backlog tasks to the VnVlevel 1 backlog Possible tools shall be choosen by eery contributer taking a tasks corresponding to the suggesting of the secondary tool evaluation

2. Task for the backlog in VnV Level 1 (Jan)

   * How to split the working stream
   * Who would be able to do a task

Proposal by Jan, shall be discussed in the VnV Level 1 kick-off

3. Other issues

For the time of the VnV Level 1 Scrum process the Safety telco will be suspended as the issues shall become part of the VnV Level 1 activities.

Weekly Safety Telco 16.07.2013

Follow up of last week

  • Decision on exemplary hazardous (Subset 91 Annex A) from events which shall be used for the safety activities in the VnV Level 1

    a. KERNEL-6 Manage communication session failure

      Related to model of Subset 26 §3.5.3 Establishing a communication session

    b. KERNEL-9 Speed calculation underestimates train speed (or KERNEL-25 Incorrect traction/braking model (Acceleration only))

      Related to model of Subset 26 §3.13 Braking curves

    c. KERNEL-19 Failure of train trip supervision in OS, LS and FS

      Related to model of Subset 26 §5.9 Procedure On-Sight

  • Please propose tools for VnV Level 1 on the wiki page https://github.com/openETCS/model-evaluation/wiki/Secondary-tools-for-Safety-activities TOPCASED is a strong candidate which has to be examined further: http://www.topcased.org/index.php?idd_projet_pere=20

Agenda this week’s Tuesday Safety Telco

1. Recap of V&V level 1 progress decisions (Jan)

   * What we plan to do with the hazardous events

VnV level 1 will start with hazardous events and uses available tools to refine this done to model and code level. Then it shall be examined with which methods and tools the respective properties can be validated.

   * What VnV tries to do with its exampliery functions

Example functions are taken to define respective verifications methods, which then can be applied at the benchmark models.

2. Internal Assessment plan (Cyril)

   * Status and general comments

Revision open til August the 26th, comments expected from main reviewers and all other stackholders * Structure of further work and participation After first revision continues refinement of document with respect to the actual design and VnV activities.

3. Justification and traceability process for safety documentation (Jan)

   * What are the legal documents we have to work with and how are their priorities?

     Baseliyos already started a prio-list for his SSRS (https://github.com/openETCS/SSRS/wiki/SSRS-  Documents#data-dictionary)
     
     We need general list for VnV and especially safety!

Merlin will work with Baseliyos to finish the SSRS list.

    * Where is the justification documented?

       - Level at which the safety case start completeness checks for justification
       - Does the high level documents have to reference WP2 deliverable or specific points within the WP2 deliverables itself
       - Criteria for assessment of justification completeness and traceability

Based on the SSRS and the respective project document control, which will be developed by the safety plan in the next month, the respective references for all documents will be defined and prioritiesed. Clear criteria for the assessment have to be defined during this process.

4. Other issues

Nod further issues.

There is no safety telco planed for next week.

Weekly Safety Telco 09.07.2013

Follow up of last week

  • No Telco due to the ITEA2 review meeting in Paris.

  • Results of the WP 7 workshop concerning safety: The priority of the 1st VnV level has been identified:

    • WP4 will do complete run through the full VnV process. This also includes the brake down, verification and validation for at least a few safety properties based on potential hazards (e.g. Subset 91 Annex A – Hazardous Event MMI-2d - Failure to present Entry in FS/OS information)

    • The overall VnV process shall be reach in three steps: 1a Goal: full artifacts traceability, meta-formats 1b Goal: test and proof coverage 1c Goal: Complete VnV level 1 process

The Safety artifacts have to be developed to cover these three steps.

Agenda this week’s Tuesday Safety Telco

1. Recap of the WP 7 primary tool chain workshop

Conclusion presented by Jan Welte: Safety activities will work according to the first VnV level plan and use the SysML Papyrus and the SCADE models to apply and further develop the openETCS safety process

Models:

SysML model Papyrus by CEA and All4tec

Fraunhofer

[Scade model by Siemens] (https://github.com/openETCS/model-evaluation/tree/master/model/SCADE_Siemens/Subset_026_Chapt_3.5_ManagementOfRadioCommunication/Generated_C_Code)

2. Priorities concerning the safety artifacts and the needed tools (secondary tool chain decision)

  • Process and artifacts Based on the VnV decision presented on the WP7 workshop last week in Paris, the safety activities shall be applied on the SysML and the SCADE models.

Proposed process:

1 Choosing hazardous events from Subset 91 Annex A fitting to the benchmark models available

     Possible events agreed on during the telco:

           a.	KERNEL-6  Manage communication session failure
                    Related to model of Subset 26 §3.5.3 Establishing a communication session

           b.	KERNEL-9  Speed calculation underestimates train speed (or KERNEL-25  Incorrect traction/braking model (Acceleration only))
                    Related to model of Subset 26 §3.13 Braking curves

           c.	KERNEL-19  Failure of train trip supervision in OS, LS and FS
                    Related to model of Subset 26 §5.9 Procedure On-Sight

2 Defining system requirement based on the hazardous event

3 Refine requirement to safety property for software model level of abstraction

4 Refine requirement to safety property for source code level of abstraction

5 Select method and tool to test, check or proof the safety properties on every development artefact (high level model, low level model, source code)

6 Demonstrate traceability from hazard up to validation of property

Steps 1 – 4 have to be done by safety experts (assisted by modeller)

Steps 5 and 6 have to be done in collaboration between VnV and safety experts

  • Tools:

MariellePetitDoche:

Wiki page for discussion and presentation of the scondary tool chain for safety activities - https://github.com/openETCS/model-evaluation/wiki/Secondary-tools-for-Safety-activities

Everyone shall propose tools which can be used to complete the process.

TOPCASED is a strong candidate which has to be examined further: http://www.topcased.org/index.php?idd_projet_pere=20

3. Review and Discussion of the Internal Assessment Plan

Moved to Friday telco due to the absence of the author Cyril Cornu

4. Other issues

It has to be evaluated which parts of environment models (train, track) are needed to check safety properties

Add a custom footer
Add a custom sidebar
Clone this wiki locally