Final Report Summary - CECRIS (Certifications of Critical Systems)
The Cecris Project
The CECRIS project took a step forward in the growing field of development, verification and validation and certification of critical systems. It focused on the more difficult/important points of (safety, efficiency, business) of critical system development, verification and validation and certification process. The scientific objectives of the project were to study both the scientific and industrial state of the art methodologies for system development and the impact of their usage on the verification and validation and certification of critical systems. Moreover the project aimed at developing strategies and techniques supported by automatic or semi-automatic tools and methods for these type of activities, whose cost-quality achievements are well-predictable in order to tie costs of application of techniques to the RAMS attributes level achieved by the product being tested. The project drawn up guidelines to support engineers during the planning of the verification & validation phases.
The Project Consortium was composed by three academic partners and three companies:
1. Consorzio Interuniversitario Nazionale per l'Informatica
2. Resiltech S.r.l.
3. Universidade de Coimbra
4. Budapesti Muszaki es Gazdasagtudomanyi Egyetem
5. Prolan Iranyitastechnikai Zartkoruen Mukodo Reszvenytarsasag
6. CRITICAL Software SA
The CECRIS project has given to the partners the opportunity of sharing their industrial-academic expertise and experiences and to develop fruitful collaborations and research products. By the ToK activities, industrial partners have had the opportunity to better know, evaluate and apply new research methods, while the academic partners could get from industry valuable feedback, better understanding the industrial problems and needs.
Several synergies that have been established during the secondments, are now in place beyond the project termination for exploiting further potential strategic research activities. Moreover, the collaborations for the maintenance and improvement of the project tools developed during CECRIS will last for years, since these tools support the overall V&V process and reduce the costs certification of safety-critical systems.
By working on a classification system specific to this area, we see potential in the application of ODC techniques over existing data of defect reports of critical systems, automatically extracting classes of missing requirements, providing valuable input for future projects. During the collaboration it has been defined the roadmap for the future development of a monitoring framework for SOA and services, which relies on anomaly detection performed at the Application Server (AS) and the Operating System (OS) layers to identify events whose manifestation or effect is not adequately described a-priori. Moreover, although model-based approaches, such as Stochastic Petri nets, are a powerful modelling instrument for describing the behaviour of critical systems and have been widely used in the last 20 years. The long term objective is to bring such approaches and knowledge to integrate with the V&V methodologies and activities in industrial companies, in this context CINI and industries are still working together for application of model-based approaches to industrial cases. The project also emphasized the need for improved integration between dependability assessment and robustness evaluation processes, in particular there are already activities between Prolan and CINI in this directions specifically with respect to robustness testing process and management. In general, the need for improved tools to better and efficiently managing the certification lifecycle of safety-critical systems, still results an open point where new and future research collaboration might be carried out.
Through the project it has been possible to identify all the aspects characterising the lifecycle of safety-critical systems. In particular, all the aspects that have been covered and the ones that can be further covered through future collaborations among CECRIS partners. Therefore, the project highlighted the lacks in safety-related standard with respect to security aspects. Therefore, it was recognized the need to further investigate the integration of security verification and validation activities in the more general V&V process. In this context Resiltech, CSW and CINI plan to continue working together in order further investigate the security issues, in particular: security threats, effects and criticality analysis.
Since the project also identified gaps in V&V process with respect to functional aspects in safety critical systems, all the partners are planning still collaborating together to propose tools and methodologies to fill existing and identified gaps in the V&V process. Future collaborations will be also in developing and enhancing SW FMEA approaches addressed by the project, in particular CINI, BME and Resiltech are planning to work together in developing SW-FMEA technics through automatic execution of the SW model using fault injection, specifically to be applied in the automotive domain in the context of the reference standard ISO 262612. Resiltech, CSW and BME are currently involved and are planning to keep alive their collaboration with respect to the methodologies for efficient V&V and cost-effective certification.
Transfer of knowledge and Dissemination Activities.
During the four years of the project, the partners have been involved in many interactions among them, that have paved the way to long-lasting relationships that have led to interesting joint R&D activities. These relations were among the strategic objectives of CECRIS, and have been valuable for the definition of development, verification, validation, and certification processes and tools for critical systems, serving as a pan-European model for the adaptation of new methods, especially for high-tech SMEs having limited human and financial resources.
71 cross-sector secondments has been organized, involving 51 researchers for a total of 197.4 MM effort. Moreover three researchers, two of them from outside the continent have been hired by the company for additional 6 year full time effort in the 4 year of the project.
During the Cecris project, the involved partners participated in 140 trainings/seminars/internal workshops, with the aim to promote the project and its advancement, and also to set the transfer of knowledge not only to the organizations involved in the Consortium but also to the ones interested in the project topics.
The project fostered research backgrounds of partners. Scientific papers have been realized during the project life by the researchers involved in the secondments. It is worth noting that in the partners published papers in high quality journals, high quality conferences and in workshops with topics very close to CECRIS ones. Most of the works are jointly produced. Project results have been spread through 67 publications.
Project website: http://www.cecris-project.eu
The CECRIS project took a step forward in the growing field of development, verification and validation and certification of critical systems. It focused on the more difficult/important points of (safety, efficiency, business) of critical system development, verification and validation and certification process. The scientific objectives of the project were to study both the scientific and industrial state of the art methodologies for system development and the impact of their usage on the verification and validation and certification of critical systems. Moreover the project aimed at developing strategies and techniques supported by automatic or semi-automatic tools and methods for these type of activities, whose cost-quality achievements are well-predictable in order to tie costs of application of techniques to the RAMS attributes level achieved by the product being tested. The project drawn up guidelines to support engineers during the planning of the verification & validation phases.
The Project Consortium was composed by three academic partners and three companies:
1. Consorzio Interuniversitario Nazionale per l'Informatica
2. Resiltech S.r.l.
3. Universidade de Coimbra
4. Budapesti Muszaki es Gazdasagtudomanyi Egyetem
5. Prolan Iranyitastechnikai Zartkoruen Mukodo Reszvenytarsasag
6. CRITICAL Software SA
The CECRIS project has given to the partners the opportunity of sharing their industrial-academic expertise and experiences and to develop fruitful collaborations and research products. By the ToK activities, industrial partners have had the opportunity to better know, evaluate and apply new research methods, while the academic partners could get from industry valuable feedback, better understanding the industrial problems and needs.
Several synergies that have been established during the secondments, are now in place beyond the project termination for exploiting further potential strategic research activities. Moreover, the collaborations for the maintenance and improvement of the project tools developed during CECRIS will last for years, since these tools support the overall V&V process and reduce the costs certification of safety-critical systems.
By working on a classification system specific to this area, we see potential in the application of ODC techniques over existing data of defect reports of critical systems, automatically extracting classes of missing requirements, providing valuable input for future projects. During the collaboration it has been defined the roadmap for the future development of a monitoring framework for SOA and services, which relies on anomaly detection performed at the Application Server (AS) and the Operating System (OS) layers to identify events whose manifestation or effect is not adequately described a-priori. Moreover, although model-based approaches, such as Stochastic Petri nets, are a powerful modelling instrument for describing the behaviour of critical systems and have been widely used in the last 20 years. The long term objective is to bring such approaches and knowledge to integrate with the V&V methodologies and activities in industrial companies, in this context CINI and industries are still working together for application of model-based approaches to industrial cases. The project also emphasized the need for improved integration between dependability assessment and robustness evaluation processes, in particular there are already activities between Prolan and CINI in this directions specifically with respect to robustness testing process and management. In general, the need for improved tools to better and efficiently managing the certification lifecycle of safety-critical systems, still results an open point where new and future research collaboration might be carried out.
Through the project it has been possible to identify all the aspects characterising the lifecycle of safety-critical systems. In particular, all the aspects that have been covered and the ones that can be further covered through future collaborations among CECRIS partners. Therefore, the project highlighted the lacks in safety-related standard with respect to security aspects. Therefore, it was recognized the need to further investigate the integration of security verification and validation activities in the more general V&V process. In this context Resiltech, CSW and CINI plan to continue working together in order further investigate the security issues, in particular: security threats, effects and criticality analysis.
Since the project also identified gaps in V&V process with respect to functional aspects in safety critical systems, all the partners are planning still collaborating together to propose tools and methodologies to fill existing and identified gaps in the V&V process. Future collaborations will be also in developing and enhancing SW FMEA approaches addressed by the project, in particular CINI, BME and Resiltech are planning to work together in developing SW-FMEA technics through automatic execution of the SW model using fault injection, specifically to be applied in the automotive domain in the context of the reference standard ISO 262612. Resiltech, CSW and BME are currently involved and are planning to keep alive their collaboration with respect to the methodologies for efficient V&V and cost-effective certification.
Transfer of knowledge and Dissemination Activities.
During the four years of the project, the partners have been involved in many interactions among them, that have paved the way to long-lasting relationships that have led to interesting joint R&D activities. These relations were among the strategic objectives of CECRIS, and have been valuable for the definition of development, verification, validation, and certification processes and tools for critical systems, serving as a pan-European model for the adaptation of new methods, especially for high-tech SMEs having limited human and financial resources.
71 cross-sector secondments has been organized, involving 51 researchers for a total of 197.4 MM effort. Moreover three researchers, two of them from outside the continent have been hired by the company for additional 6 year full time effort in the 4 year of the project.
During the Cecris project, the involved partners participated in 140 trainings/seminars/internal workshops, with the aim to promote the project and its advancement, and also to set the transfer of knowledge not only to the organizations involved in the Consortium but also to the ones interested in the project topics.
The project fostered research backgrounds of partners. Scientific papers have been realized during the project life by the researchers involved in the secondments. It is worth noting that in the partners published papers in high quality journals, high quality conferences and in workshops with topics very close to CECRIS ones. Most of the works are jointly produced. Project results have been spread through 67 publications.
Project website: http://www.cecris-project.eu