05 Fakultät Informatik, Elektrotechnik und Informationstechnik

Permanent URI for this collectionhttps://elib.uni-stuttgart.de/handle/11682/6

Browse

Filters

2013 - 201712

Settings

Institute: search.filters.UBSInstitut.Institut für SoftwaretechnologieAuthor: search.filters.author.Abdulkhaleq, Asim

Search Results

Now showing 1 - 10 of 12
  • Thumbnail Image
    ItemOpen Access
    A comprehensive safety engineering approach for software-intensive systems based on STPA
    (2015) Abdulkhaleq, Asim; Wagner, Stefan; Leveson, Nancy
    Formal verification and testing are complementary approaches which are used in the development process to verify the functional correctness of software. However, the correctness of software cannot ensure the safe operation of safety-critical software systems. The software must be verified against its safety requirements which are identified by safety analysis, to ensure that potential hazardous causes cannot occur. The complexity of software makes defining appropriate software safety requirements with traditional safety analysis techniques difficult. STPA (Systems-Theoretic Processes Analysis) is a unique safety analysis approach that has been developed to identify system hazards, including the software-related hazards. This paper presents a comprehensive safety engineering approach based on STPA, including software testing and model checking approaches for the purpose of developing safe software. The proposed approach can be embedded within a defined software engineering process or applied to existing software systems, allow software and safety engineers integrate the analysis of software risks with their verification. The application of the proposed approach is illustrated with an automotive software controller.
  • Thumbnail Image
    ItemOpen Access
    XSTAMPP: An eXtensible STAMP platform as tool support for safety engineering
    (2015) Abdulkhaleq, Asim; Wagner, Stefan
    STPA (Systems-Theoretic Processes Analysis) is a new hazard analysis technique based on STAMP. STPA is already being used in different industrial domains (e.g. space, aviation, medical or automotive). To support the application of STPA and make using STPA more efficient, we developed an open tool called A-STPA. However, the current usage of ASTPA by safety analysts in different areas shows a number of shortcomings in terms of documenting unsafe control actions, drawing different levels of control structure diagrams, documenting the causal factors in STPA Step 2 and supporting the application of STPA in different areas. In this paper, we present an extensible STAMP platform called XSTAMPP as tool support designed specifically to serve the widespread adoption and use of STPA in different areas, to facilitate STPA application to different systems and to be easily extended to include different requirements and features. Moreover, XSTAMPP has the potential to be extended in the future to support the application of CAST for accident analysis. We believe that XSTAMPP is a useful first step toward establishing a base platform to support the application of STAMP methodologies in different domains.
  • Thumbnail Image
    ItemOpen Access
    An industrial case study on the evaluation of a safety engineering approach for software-intensive systems in the automotive domain
    (2016) Abdulkhaleq, Asim; Vöst, Sebastian; Wagner, Stefan; Thomas, John
    Safety remains one of the essential and vital aspects in today's automotive systems. These systems, however, become ever more complex and dependent on software which is responsible for most of their critical functions. Therefore, the software components need to be analysed and verified appropriately in the context of software safety. The complexity of software systems makes defining software safety requirements with traditional safety analysis techniques difficult. A new technique called STPA (Systems-Theoretic Process Analysis) based on system and control theory has been developed by Leveson to cope with complex systems. Based on STPA, we have developed a comprehensive software safety engineering approach in which the software and safety engineers integrate the analysis of software risks with their verification to recognize the software-related hazards and reduce the risks to a low level. In this paper, we explore and evaluate the application of our approach to a real industrial system in the automotive domain. The case study was conducted analysing the software controller of the Active Cruise Control System (ACC) of the BMW Group.
  • Thumbnail Image
    ItemOpen Access
    Experiences with applying STPA to software-intensive systems in the automotive domain
    (2013) Abdulkhaleq, Asim; Wagner, Stefan
    Hazard analysis is one of the most important elements in developing safe-critical systems. STPA (Systems-Theoretic Process Analysis) is a modern technique based on the new accident causation model STAMP (System-Theoretic Accident Model and Process) for analyzing hazard and safety issues, which can be applied early in the design process of a system to achieve an acceptable risk level. We have applied STPA to a well-known example of safety-critical systems in the automotive industries: Adaptive Cruise Control (ACC). The results of the application of STPA to our case study and the limitations and difficulties of applying STPA are presented.
  • Thumbnail Image
    ItemOpen Access
    An automatic safety-based test case generation approach based on systems-theoretic process analysis
    (2016) Abdulkhaleq, Asim; Wagner, Stefan
    Software safety remains one of the essential and vital aspects in today’s systems. Software is becoming responsible for most of the critical functions of systems. Therefore, the software components in the systems need to be tested extensively against their safety requirements to ensure a high level of system safety. However, performing testing exhaustively to test all software behaviours is impossible. Numerous testing approaches exist. However, they do not directly concern the information derived during the safety analysis. STPA (Systems-Theoretic Process Analysis) is a unique safety analysis approach based on system and control theory, and was developed to identify unsafe scenarios of a complex system including software. In this paper, we present a testing approach based on STPA to automatically generate test cases from the STPA safety analysis results to help software and safety engineers to recognize and reduce the associated software risks. We also provide an open-source safety-based testing tool called STPA TCGenerator to support the proposed approach. We illustrate the proposed approach with a prototype of a software of the Adaptive Cruise Control System (ACC) with a stop-and-go function with a Lego-Mindstorms EV3 robot.
  • Thumbnail Image
    ItemOpen Access
    A system-theoretic safety engineering approach for software-intensive systems
    (2017) Abdulkhaleq, Asim; Wagner, Stefan (Prof. Dr.)
    In the software development process, formal verification and functional testing are complementary approaches which are used to verify the functional correctness of software; however, even perfectly reliable software could lead to an accident. The correctness of software cannot ensure the safe operation of safety-critical software systems. Therefore, developing safety-critical software requires a more systematic software and safety engineering process that enables the software and safety engineers to recognize the potential software risks. For this purpose, this dissertation introduces a comprehensive safety engineering approach based on STPA for Software-Intensive Systems, called STPA SwISs, which provides seamless STPA safety analysis and software safety verification activities to allow the software and safety engineers to work together during the software development for safety-critical systems and help them to recognize the associated software risks at the system level.
  • Thumbnail Image
    ItemOpen Access
    A controlled experiment for the empirical evaluation of safety analysis techniques for safety-critical software
    (2015) Abdulkhaleq, Asim; Wagner, Stefan
    Context: Today's safety critical systems are increasingly reliant on software. Software becomes responsible for most of the critical functions of systems. Many different safety analysis techniques have been developed to identify hazards of systems. FTA and FMEA are most commonly used by safety analysts. Recently, STPA has been proposed with the goal to better cope with complex systems including software. Objective: This research aimed at comparing quantitatively these three safety analysis techniques with regard to their effectiveness, applicability, understandability, ease of use and efficiency in identifying software safety requirements at the system level. Method: We conducted a controlled experiment with 21 master and bachelor students applying these three techniques to three safety-critical systems: train door control, anti-lock braking and traffic collision and avoidance. Results: The results showed that there is no statistically significant difference between these techniques in terms of applicability, understandability and ease of use, but a significant difference in terms of effectiveness and efficiency is obtained. Conclusion: We conclude that STPA seems to be an effective method to identify software safety requirements at the system level. In particular, STPA addresses more different software safety requirements than the traditional techniques FTA and FMEA, but STPA needs more time to carry out by safety analysts with little or no prior experience.
  • Thumbnail Image
    ItemOpen Access
    XSTAMPP 2.0: new improvements to XSTAMPP Including CAST accident analysis and an extended approach to STPA
    (2016) Abdulkhaleq, Asim; Wagner, Stefan
    XSTAMPP (eXtensible STAMP Platform ) is a software tool developed to serve the widespread adoption and use of STAMP methodologies in different domains. The first version of XSTAMPP supported only the STPA application. In this paper, we present a new version of XSTAMPP, including CAST accident analysis and extended approach to STPA. We developed two new plug-in tools called (1) A-CAST (Automated CAST) which implements the CAST activities and (2) XSTPA (Extended Approach to STPA) which supports automatically generating the context tables which will be used to refine the safety requirements and automatically transform the refined safety requirements into a formal specification in Linear Temporal Logic (LTL) to support verification activities. XSTAMPP 2.0 is available as an open source platform at our repository http://sourceforge.net/projects/stampp/files/2.0.0/.
  • Thumbnail Image
    ItemOpen Access
    Open tool support for System-Theoretic Process Analysis
    (2014) Abdulkhaleq, Asim; Wagner, Stefan
    STPA (Systems-Theoretic Process Analysis) is a new hazard analysis technique which has been developed by Leveson based on the concept of systems and control theory. In this paper, we present a A-STPA tool as an appropriate tool which transforms STPA to executable STPA that automates the activities of STPA. The A-STPA tool is being developed to assist safety analysts in performing STPA. Moreover, the developing of such tool based on STPA will help safety analysts to have more various sights about STPA hazard analysis process. The design of the tool is discussed, and the usage of the tool is illustrated.
  • Thumbnail Image
    ItemOpen Access
    On the relationship of inconsistent software clones and faults : an empirical study
    (2016) Wagner, Stefan; Abdulkhaleq, Asim; Kaya, Kamer; Paar, Alexander
    Background: Code cloning - copying and reusing pieces of source code - is a common phenomenon in software development in practice. There have been several empirical studies on the effects of cloning, but there are contradictory results regarding the connection of cloning and faults. Objective: Our aim is to clarify the relationship between code clones and faults. In particular, we focus on inconsistent (or type-3) clones in this work. Method: We conducted a case study with TWT GmbH where we detected the code clones in three Java systems, set them into relation to information from issue tracking and version control and interviewed three key developers. Results: Of the type-3 clones, 17 % contain faults. Developers modified most of the type-3 clones simultaneously and thereby fixed half of the faults in type-3 clones consistently. Type-2 clones with faults all evolved to fixed type-3 clones. Clone length is only weakly correlated with faultiness. Conclusion: There are indications that the developers in two cases have been aware of clones. It might be a reason for the weak relationship between type-3 clones and faults. Hence, it seems important to keep developers aware of clones, potentially with new tool support. Future studies need to investigate if the rate of faults in type-3 clones justifies using them as cues in defect detection.