Prof. Dr.-Ing. habil.

Trapp, Mario

Filters

9
Reset filters

Settings
Now showing 1 - 9 of 9
  • Publication
    Extensible and automated model-evaluations with INProVE
    ( 2011)
    Kemmann, Sören
    ;
    Kuhn, Thomas
    ;
    Trapp, Mario
    Model-based development is gaining more and more importance for the creation of software-intensive embedded systems. One important aspect of software models is model quality. This does not imply functional correctness, but non-functional properties, such as maintainability, scalability, extensibility. Lots of effort was put into development of metrics for control flow models.In the embedded systems domain however, domain specific- and data flow languages are commonly applied for model creation. For these languages, existing metrics are not applicable. Domain and project specific quality metrics therefore are informally defined; tracking conformance to these metrics is a manual and effort consuming task. To resolve this situation, we developed INProVE. INProVE is a model-based framework that supports definition of quality metrics in an intuitive, yet formal notion. It provides automated evaluation of design models through its indicators.Applied in different industry projects to complex models, INProVE has proven its applicability for quality assessment of dataflow oriented design models not only in research, but also in practice.
  • Publication
    ARID - Analysis of Risk through In-system Degradation
    ( 2011)
    Kemmann, Sören
    ;
    Adler, Rasmus
    ;
    Trapp, Mario
    The first and maybe most important step in the development of complex safey-critical systems is the risk analysis. The ever increasing complexity and the functional interaction of today's systems require a stricter interpretation of risks. It is not sufficient to only focus on single service failures and assess their criticality. One has to be sure that every possible system risk, consisting of possibly more than one service failure, is acceptably safe. Standards such as the ISO 26262 show their awareness for those challenges, by stating that "multifunctional degradation" should be considered as well. This burdens the risk analysis process with the challenge to consider not only the number of service failures, Nsf, but all possible combinations: 2Nsf. With traditional analysis techniques this is impossible to handle. In this paper we present ARID, a model-based approach for efficiently dealing with the 2Nsf possible effects. With this we solve not only the challenge of assessing multifunctional degradation scenarios, but we enable a way to ensure that every possible system failure effect has correct safety margins, i.e., a safe risk assessment.
  • Publication
    Integration of component fault trees into the UML
    ( 2011)
    Adler, Rasmus
    ;
    Domis, Dominik J.
    ;
    Höfig, Kai
    ;
    Kemmann, Sören
    ;
    Kuhn, Thomas
    ;
    Schwinn, Jean-Pascal
    ;
    Trapp, Mario
    Efficient safety analyses of complex software intensive embedded systems are still a challenging task. This article illustrates how model-driven development principles can be used in safety engineering to reduce cost and effort. To this end, the article shows how well accepted safety engineering approaches can be shifted to the level of model-driven development by integrating safety models into functional development models. Namely, we illustrate how UML profiles, model transformations, and techniques for multi language development can be used to seamlessly integrate component fault trees into the UML.
  • Publication
    SAHARA - Systematic Approach for Hazard Analysis and Risk Assessment
    ( 2011)
    Kemmann, Sören
    ;
    Trapp, Mario
    With the upcoming introduction of ISO DIS 26262 the awareness for safety in automotive systems has relumed. The standard describes a safety process starting with the Item Definition and with a Hazard Analysis and Risk Assessment (H+R). Hazards and their related risks affect all manufacturers in the same way. Hence, a common understanding and appraisal of Hazards should be established in a systematic way. Therefore, comparability, and consistency among H+Rs of different persons, different groups or even different companies should be established. Furthermore, the consistency of the Item Definition, the H+R, and following safety engineering activities has to be assured. The challenge is that H+Rs are solely based on creativity techniques, which produce an informal representation of information (usually an Excel sheet). This makes it hard to impossible to systematically analyse, compare, and reuse H+R results or to ensure the consistency in a holistic safety engineering process without a significant effort. Numerous methods, and techniques for formalisations und structuring of processes and artefacts in safety critical development exist, but most of those deal with challenges arising once a hazard is defined and one is interested in its origin, or its mitigation strategy. The research and practical approaches to support the prerequisite for all the other techniques, the hazard analysis and risk assessment, is still weak. Therefore, SAHARA's goal is to close this gap by providing a more formal and semantically enriched approach for defining hazards and assessing their risks. The condensed information necessary form ISO DIS 26262 point of view is (1) the situation analysis (2) hazard identification and analysis, and (3) a classification of the contributing factors exposure, severity, and controllability, which results in an ASIL assignment for each hazard. SAHARA yields the benefit of producing machine processable artefacts, and therefore enables comparability, consistency, reusability for increasing the confidence, quality, and efficiency of H+Rs.
  • Publication
    Extensible and automated model-evaluations with INProVE
    ( 2011)
    Kemmann, Sören
    ;
    Kuhn, Thomas
    ;
    Trapp, Mario
    Model-based development is gaining more and more importance for the creation of software-intensive embedded systems. One important aspect of software models is model quality. This does not imply functional correctness, but non-functional properties, such as maintainability, scalability, extensibility. Lots of effort was put into development of metrics for control flow models. In the embedded systems domain however, domain specific- and data flow languages are commonly applied for model creation. For these languages, existing metrics are not applicable. Domain and project specific quality metrics therefore are informally defined; tracking conformance to these metrics is a manual and effort consuming task. To resolve this situation, we developed INProVE. INProVE is a model-based framework that supports definition of quality metrics in an intuitive, yet formal notion. It provides automated evaluation of design models through its indicators. Applied in different industry projects to complex models, INProVE has proven its applicability for quality assessment of data flow-oriented design models not only in research, but also in practice.
  • Publication
    Multi-language development of embedded systems
    ( 2009)
    Kuhn, Thomas
    ;
    Kemmann, Sören
    ;
    Trapp, Mario
    ;
    Schäfer, Christian
    Graphical, well focused and intuitive domain specific languages (DSLs) are more and more used to design parts of embedded systems. These languages are highly specialized and often tailored to one domain; one single language therefore cannot describe all relevant aspects of systems and system components. This raises the need for heterogeneous modeling approaches that are capable of combining multiple DSLs into holistic system models. Our CompoSE modeling approach focuses on this problem; it does not only cover system modeling with DSLs, but provides also interfacing of language specific generators and harmonization of generated code. In this paper, we describe the principles of CompoSE, together with the integration of an existing modeling language with industrial strength tool support into CompoSE. Supporting the integration of existing languages is of particular importance in the domain of embedded systems, because modern modeling approaches will only be accepted in industry if they support existing and proven technologies.
  • Publication
    Safety concept trees
    ( 2009)
    Domis, Dominik J.
    ;
    Förster, Marc
    ;
    Kemmann, Sören
    ;
    Trapp, Mario
    The development of safety-critical systems requires the 'safe' development of a 'safe' system. Not only should the realized system fulfill specific safety goals, but for certification purposes the development process itself has to comply with safety standards. Both of these tasks are complex and cause a lot of effort and costs that cannot be sufficiently reduced by existing safety engineering methods. To facilitate these tasks, we developed the SICMA method. SICMA guides the engineer in following safety standards in the development of a system, in developing a system design that fulfills its safety goals and in documenting that the developed system is sufficiently safe. SICMA introduces Safety Concept Trees (SCTs) as a backbone to achieve vertical and horizontal traceability between all safety information, as needed for certification purposes. SCTs represent and fully preserve the component-oriented perspective assumed by state-of-the-art development methods, facilitating the handling and maintenance of complex systems. Using SCTs, a system design and its artifacts can be rigorously analyzed on every refinement level and it can be shown that they adhere to safety and certification criteria. This will lead to significantly reduced effort and costs in the standard-compliant development of safety-critical systems.
  • Publication
    Safety-Analyse für Embedded-Software
    ( 2009)
    Kemmann, Sören
    ;
    Trapp, Mario
    ;
    Kalmar, Ralf
    Der Safety-Standard ISO 26262 hat mittlerweile den Status "committee draft" erreicht und wird die Softwareentwicklung sicherheitsrelevanter Funktionen für Fahrzeugsteuergeräte nachhaltig beeinflussen. Forscher des Fraunhofer IESE beschäftigen sich gemeinsam mit Unternehmen mit der Fragestellung, Software-Safety im Zuge der Entwicklung effizient zu bewerten, so dass resultierende Systeme sicher sind und ein Mehraufwand bei der Analyse vermieden werden kann.
  • Publication
    Efficient safety analysis of automotive software systems
    ( 2009)
    Trapp, Mario
    ;
    Kemmann, Sören
    ;
    Kalmar, Ralf
    ;
    Denger, Christian
    Software has rapidly gained importance as a driver for innovation in automobiles. Since many safety-related automotive systems make intensive use of software, the upcoming ISO 26262 poses several requirements addressing software development, including safety analyses for software. For software, however, safety analysis techniques are seldom applied in practice. It is unclear how to apply them and in many cases even their usefulness in general is questioned. This article illustrates why software safety analyses are indispensable, how they can be efficiently applied to complex systems, and how they relate to existing software quality assurance techniques and system safety analyses.