Change Management in Families of Safety-Critical Embedded Systems

Change Management in Families of Safety-Critical Embedded Systems

Zo¨e Rachael Stephenson

This thesis is submitted in partial ful?lment of the

requirements for the degree of

Doctor of Philosophy.

University of York

York

YO105DD

UK

Department of Computer Science

March2002

Abstract

This thesis addresses the problem of understanding change and reducing the work needed to estimate and respond to change in families of safety-critical embedded systems.Explicit fam-ily feature modelling techniques are developed that record the context within which a feature is valid for each family member.These features are combined with a description of their allowed variation among different members,to provide a complete family feature model.These tech-niques are used to create a family feature model for a number of industrial 27d40dd4195f312b3169a5cepar-isons are made between the ability of the family model and the project processes to accurately estimate change impact.Results show that the family model provides more accurate change impact estimation than the existing project processes.It also provides an understanding of the role of domain knowledge in impact estimation,a method by which different types of speci-?cation may be traced to one another throughout the development process,and a process by which individual feature descriptions are transformed into single family descriptions.

2

Contents

Abstract2

Acknowledgement12 Declaration13

1Introduction15

1.1Embedded Systems (15)

1.2Operating Constraints (19)

1.3Safety-related Software (20)

1.4Families (21)

1.5Change Characteristics (22)

1.6Hypothesis (23)

2Literature Review25

2.1Design Process (25)

2.1.1Development Lifecycle Models (25)

2.1.2Automation (32)

2.1.3Traceability (34)

2.1.4Rationale Description (35)

2.2Families and Domains (47)

2.3Change Impact (52)

2.3.1Software Change Impact (54)

2.3.2Non-software Change (56)

2.4Summary (58)

3Feature Representation59

3

CONTENTS CONTENTS

CONTENTS CONTENTS

CONTENTS CONTENTS

List of Figures

1.1Generic Design Process Context (16)

1.2Embedded System Customers (17)

1.3Software and Hardware Control (17)

1.4Preliminary Concept Summary (24)

2.1Program Production[8] (26)

2.2Waterfall Model[82] (28)

2.3V Model[87,p36] (30)

2.4Spiral Model[10,p25] (31)

2.5Organisational Context of Draco[69,p565] (33)

2.6Intent Structure[93] (36)

2.7Example Design Development:Intent Structure (37)

2.8IBIS (37)

2.9Example Design Development:IBIS (38)

2.10The REMAP Scheme[79] (39)

2.11Example Design Development:REMAP (40)

2.12The OSC Shell Scheme[2] (41)

2.13Example Design Development:OSC Shell (42)

2.14The Redux Scheme[76] (43)

2.15Example Design Development:Redux (43)

2.16The DRCS Scheme[50] (44)

2.17Example Design Development:DRCS (45)

2.18Intent Speci?cation Structure[54,p4] (47)

2.19Extended Automatic Programming Paradigm[5,p1263] (48)

2.20Example Extended FODA Feature Model[20] (50)

7

LIST OF FIGURES LIST OF FIGURES

LIST OF FIGURES LIST OF FIGURES

LIST OF FIGURES LIST OF FIGURES

List of Tables

3.1Decision Representations (75)

3.2Development Progress Representations (76)

4.1Common Types of Choice Description (107)

4.2Choice Operator Abbreviations (109)

7.1Industrial Project Accuracy Data (179)

7.2Feature Model Accuracy Data (179)

7.3Comparison of Actual Impact Set Sizes (180)

11

Acknowledgement

The author would like to acknowledge the support of the Engineering and Physical Sciences Research Council“Systems Engineering for Business Process Change”managed research pro-gramme.Work presented in this thesis was carried out under grant GR/L4872within that programme.

The author would also like to thank Rolls-Royce plc.for additional support and access to in-dustrial project data and domain experts.

12

Declaration

This thesis makes use of a case study model.Parts of the speci?cation of this model were validated in collaboration with Simon Burton,and all of the detailed implementation work was carried out by Darren Buttle.All other work presented in the thesis was carried out by the author.

Earlier results from this strand of work have been presented in a number of workshops,covering issues concerning the safe context of reuse[88],the relationship between change and product families[84],the relationship between decisions and features[85]and the integration of the context analysis techniques into a complete process[1].Contributions have also been made to a book[17]and a journal paper[15].

13

Declaration

Chapter1

Introduction

Embedded systems are commonplace nowadays,found in systems such as mobile telephones, televisual equipment,washing machines,dryers,cars and aircraft engines.The development of such systems is a complex engineering process,involving many different disciplines,but it is usually characterised as a design process—it takes requirements from customers,designs a product for delivery,assembles it from components and custom parts,and supplies it to the customer.This customer/supplier context is shown in Figure1.1.The customers are usually everyday consumers,but in some situations,such as the development of car or aircraft engine systems,the customer is an organisation that is also developing a system.

In modern embedded systems,there is always a software element.Furthermore,that software is typically used to control a larger system of which it is only one part.The presence of software in the embedded system means that there is a software engineering process within that complex engineering process.Embedded systems research has traditionally not been a popular aspect of software engineering,but recent trends have been addressing this area,particularly product-line software engineering[26].A product line is a group of systems that share enough similarities for it to be bene?cial to build a production environment speci?cally for that group of systems —and embedded systems typically have this type of similarity.

This thesis addresses issues surrounding the development of embedded software for families of safety-critical systems.Not only do the issues of embedded software development and safety provide challenges for the process,but that process must re?ect the needs of family development as well.This introduces a number of factors,discussed in the following sections.

1.1Embedded Systems

An embedded system is a system that exists within the context of a larger engineered product or environment,called the embedding system.The embedded system typically controls the operation of its surrounding system,although in some situations,such as the mobile telephone, the embedding system is primarily there to make the device portable.When the embedded

15

1.1.EMBEDDED SYSTEMS Introduction

1FPGAs are a type of integrated circuit that can be reprogrammed after manufacture.

16

Introduction 1.1.EMBEDDED SYSTEMS

1.1.EMBEDDED SYSTEMS Introduction

Introduction 1.2.OPERATING CONSTRAINTS

1.3.SAFETY-RELATED SOFTWARE Introduction

Introduction 1.4.FAMILIES

本文来源：https://www.bwwdw.com/article/jrpq.html