Abstract
Modern control systems in the maritime domain are increasingly controlled by software systems and become subject to updates and configuration changes during operation. Moreover, with the shift to autonomous vessels and cars, these software-based systems are taking on more and more safety-critical tasks, so the risks associated with system failures are increasing. Unlike before, it becomes necessary to verify the continuously adapting modules of a vehicle not only before deployment, but to establish continuous verification capabilities during all phases of the product lifecycle, from the design to the system in operation. Hence, in case of an update, deviations from the expected behavior can be automatically detected and relevant measures can be initiated. In this work, a contract-based verification framework is presented that includes automatable and formally analyzable behavioral descriptors in form of assumption-guarantee contracts for all phases of the software lifecycle to provide static and dynamic verification capabilities alongside a dynamically changing system composition. By utilizing contractually defined behavior descriptions, classic test procedures, such as simulations, are supplemented by a formally testable level that is applied to all phases of the update process. A conceptual-deductive methodology was chosen, building on the identified requirements to develop an overarching update framework that adds contractual descriptions to the traditional development case. Based on the presented framework, the verifiable modification of a safety-critical software system is demonstrated. The approach is evaluated using a maritime collision-avoidance system and the verification steps are evaluated along the update process. The framework offers a novel approach to complement existing test procedures by enabling formal impact analysis and incremental verification of updates.
Highlights
The results are the analysis models for abstract verification without actual realization of the module, as well as implementation models that can be transferred to implementation and configuration management
For the purpose of demonstrating the procedure, we focus on the time constraints that the respective modules and sub-modules have to fulfill and on which we will show how the composition can be verified by an update along the overall process
The present work has mapped a continuous verification framework based on module contracts along the update process of maritime systems
Summary
The control and monitoring units used to regulate a ship’s distributed electrical and mechanical machinery, navigation, balance and steering systems are increasingly being replaced by software-based modules that converge at a central location This trend continues with the introduction of Maritime Autonomous Surface Ships (MASSs) where control is built entirely by software-based systems, replacing the responsibilities of the human operator so that the potential for misconfiguration can have dire consequences. It becomes necessary to verify the integration of these safety-critical systems and their interaction with each other within a heterogeneous system complex. The individual modules derive from different developers and suppliers, it needs to be verified that the integration of the individual parts into a complete system of sub-systems results in a valid configuration [1]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
