D-RisQ was invited to participate in a collaborative project run by Ricardo Ltd called ‘Proving Integrity of Complex Automotive Systems of Systems’. The consortium included Jaguar Land Rover, Johnson Matthey Battery System, York Metrics, Warwick Manufacturing Group, and Coventry and Oxford Universities. It was on this project that Modelworks® was evolved and the foundations of Kapture® were laid. The project was used to trial analysis techniques in order to reduce the time and cost impact of poor requirements and design. This was conducted in the context of the automotive safety standard ISO26262. Other activities such as coding and test were outside the scope of the trials documented here.
DISCOVER MOREThe aim was to not only develop these technologies but to also independently measure how effective they were in terms of error detection and the time taken to undertake verification when compared to other techniques. At this stage, Kapture® was not available and requirements had to be translated and written in a semi-formal manner that required some training. Modelworks® also required some small amount of manual intervention. Engineers in two companies were trained how to use the tools which only took about half a day.
DISCOVER MORE
Warwick Manufacturing Group used an on- board electric vehicle charging system with Jaguar Land Rover as the trial; this had 6 major areas of functionality. There were 7 trials run on the various parts of the software and 48 errors were seeded into either the requirements or the Simulink/Stateflow design. One company carried out all the trials while another only carried out one; hence a total of 7 trials. York Metrics had set the measurement processes for the activities undertaken by the 3 sets of software engineers who were to work in the trial. The first set used the traditional review based techniques, the second used Simulink Design Verifier, while the third used the D-RisQ technologies. Time for the various parts of the verification process were measured, which, for the D-RisQ process, also included the translation of the requirements into the semi-formal representation. York Metrics monitored the trials and collated results. Note that D-RisQ personnel were not involved in the trials.
DISCOVER MOREThe graph shows the time results. The time allocated for the trial ran out hence the example PP had no results for D-RisQ (it was subsequently all proven). All 3 processes were able to detect all 48 seeded errors (not including PP), but the D-RisQ process detected an additional unknown 49th error. It can be seen that there is a consistent 60-80% saving through the use of D-RisQ prototype tools over traditional techniques and a broad range of savings over Simulink Design Verifier. Possibly the most interesting result was the repeat of TA independently done by the 2nd company as TA2 gave almost the same results. [Perhaps another result of interest was the 4 occasions where Simulink Design Verifier gave no savings.]
DISCOVER MORE
PICASSOS - A Collaborative Project
D-RisQ was invited to participate in a collaborative project run by Ricardo called ‘Proving Integrity of Complex Automotive Systems of Systems’. The consortium included Jaguar Land Rover, Johnson Matthey Battery System, York Metrics, Warwick Manufacturing Group, Coven-try and Oxford Universities. It was on this project that Modelworks was evolved and the foundations of Kapture were laid. The project was used to trial analysis techniques in order to reduce the time and cost impact of poor requirements and design. This was conducted in the context of the automotive safety standard ISO26262. Other activities such as coding and test were outside the scope of the trials documented here.
Project Aim
The aim was to not only develop these technologies but to also independently measure how effective they were in terms of error detection and the time taken to undertake verification when compared to other techniques. At this stage, Kapture was not available and requirements had to be translated written in a semi-formal manner that required some training. Modelworks also required some small amount of manual intervention. Engineers in 2 companies were trained how to use the tools which only took about half a day.
The Trial
Warwick Manufacturing Group used an electric vehicle charging systems being developed for Jaguar Land Rover as the trial; this had 6 major areas of functionality. There were 7 trials run on the various parts of the software 48 errors were seeded into either the requirements or the Simulink/Stateflow design. One company did all the trials while another only did one; hence a total of 7 trials. York Metrics had set the measurement processes for the activities undertaken by the 3 sets of software engineers who were to work in the trial. The 1st set used the traditional review based techniques, the second used Simulink Design Verifier, while the third used the D-RisQ technologies. Time for the various parts of the verification process were measured, which, for the D-RisQ process, also included the translation of the requirements into the semi-formal representation. York Metrics monitored the trials and collated results. Note that D-RisQ personnel were not involved in the trials.
The Results
The graph below show the time results. The time allocated for the trial ran out hence the example PP had no results for D-RisQ (it was subsequently all proven). All 3 processes were able to detect all 48 seeded errors (not including PP), but the D-RisQ process detected an additional unknown 49th error. It can be seen that there is a consistent 60-80% saving through the use of D-RisQ prototype tools over traditional techniques and a broad range of savings over Simulink Design Verifier. Possibly the most interesting result was the repeat of TA independently done by the 2nd company as TA2 gave almost the same results. [Perhaps another result of interest was the 4 occasions where Simulink Design Verifier gave no savings.]
“If General Motors had kept up with the technology like the computer industry has, we would all be driving $25.00 cars that got 1,000 miles to the gallon.”
Bill Gates
1. For no reason whatsoever, your car would crash twice a day.
2. Every time they repainted the lines in the road, you would have to buy a new car.
3. Occasionally your car would die on the freeway for no reason. You would have to pull over to the side of the road, close all of the windows, shut off the car, restart it, and reopen the windows before you could continue. For some reason, you would simply accept this.
4. Occasionally, executing a maneuver such as a left turn would cause your car to shut down and refuse to restart, in which case you would have to reinstall the engine.
5. Macintosh would make a car that was powered by the sun, was reliable, five times as fast and twice as easy to drive-but would run on only five percent of the roads.
6. The oil, water temperature, and alternator warning lights would all be replaced by a single "General Protection Fault" warning light.
7. The airbag system would ask "are you sure?" before deploying.
8. Occasionally, for no reason whatsoever, your car would lock you out and refuse to let you in until you simultaneously lifted the door handle, turned the key and grabbed hold of the radio antenna.
9. Every time GM introduced a new car, car buyers would have to learn to drive all over again, because none of the controls would operate in the same manner as the old car.
10. You'd have to press the "Start" button to turn the engine off. (Game, set and match)
Copyright © D-RisQ | Website Design by Design in the Shires
Privacy Policy | Terms & Conditions
Drisq Ltd 2024. All rights reserved. Design by Design in the Shires
