Skip to main content

Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems

Periodic Reporting for period 1 - AMASS (Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems)

Reporting period: 2016-04-01 to 2017-03-31

Embedded systems have significantly increased in technical complexity towards open, interconnected cyber-physical systems (CPS), exacerbating the problem of ensuring safety and security. AMASS will create and consolidate a safety and security assurance and certification open tool platform, ecosystem and self-sustainable community spanning the largest CPS vertical markets. The ultimate aim is to lower certification costs in face of rapidly changing product features and market needs.
European society will benefit from the use of CPS with a higher confidence on their dependability. OEMs and Component suppliers will increase CPS design efficiency, ease innovation, and reduce certification risks. Tool vendors will extend their products with new features and integrate them with the AMASS tools. Research partners will be able to reach a leading position in research on CPS assurance and certification.
The project goals are to demonstrate a potential gain for design efficiency of complex CPS by reducing their assurance and certification effort; to demonstrate a potential reuse of assurance results, leading to cost reductions for product (re)certification activities; to demonstrate a potential raise of technology innovation led by reduction of assurance and certification risks of new CPS products; and to demonstrate a potential sustainable impact in CPS industry by increasing the harmonization and interoperability of tool technologies.
TECHNICAL ACTIVITIES
1. Systematically investigate and specify the R&D problem and industrial needs on CPS assurance and certification. WP1 focused on particular needs of the project partners concretized on the industrial Case Studies. The case studies have been systematically specified by stating the industrial context, regulatory frameworks, and the specific and business needs related to the AMASS objectives. WP2 looked at general requirements for the different AMASS industrial domains. WP3, WP4, WP5 and WP6 focused on a detailed analysis of the state of the art and state of the practice for the respective four technical and scientific objectives.
2. Design and implement the basic building blocks of the first AMASS platform prototype (Prototype Core). The AMASS consortium designed the AMASS Reference Tool Architecture (ARTA), the Common Assurance and Certification Metamodel (CACM), and the approaches for compliance management, evidence management, assurance case specification, and system component specification. The AMASS Prototype Core has been realised as the result of merging pre-existing toolsets: OpenCert to enable argumentation edition, evidence management, and management of compliance with standards, CHESS to enable system architecture specification, and EPF (Eclipse Process Framework) to enable process specification and compliance management with standards.
3. Evaluate the implemented tools by using some representative industrial case studies. The industrial evaluation of Prototype Core has been performed. Partners have focused on modelling standards depending on its domain, establishing an assurance project, and managing the assurance assets.
4. Specify the conceptual approach for the second prototype (Prototype P1). WP3, WP4, WP5 and WP6 worked on a conceptual and design view for the second prototype.

NON-TECHNICAL ACTIVITIES
AMASS partners reported the open source platform project creation in Eclipse/Polarsys associated to AMASS. We created the basis for the EAB (External Advisory Board) coordination and presented the AMASS industrial outreach program.
Dissemination and training have been active areas in AMASS since its beginning. AMASS partners have been engaged in several activities and events to increase the visibility of the project and make third parties aware of the project. Several means have been deployed for both internal and external communication in AMASS, including the AMASS website, social media accounts, SVN repository, mailing lists, and wiki.
A training action on baseline technologies and related projects has been held. The AMASS implementation team also provided training on the Prototype Core of the AMASS platform developed by the partners, before starting the case studies realisation.
We collected revised individual exploitation plans, and started discussions on the standardisation activities, in particular related to the integration of Cyber-Security standards.
The progress beyond the state of the art can be summarised as follows:
STO1: System Architecture-driven Assurance. We integrated tools for system architecture specification (Papyrus and CHESS) with tools for compliance management and argumentation specification (OpenCert). This integration allows users to quickly associate their system design assets modelled in SysML with the assurance and certification activities modelled in GSN.
STO2: Multi-concern Assurance. The proposed CACM metamodel is widely transparent for multiple concerns. Nevertheless, a discussion on needed additions is ongoing to specify a unified assurance case in which various quality attributes such as safety and security and their interactions and interplay are clearly specified.
STO3: Seamless Interoperability. The first prototype “Core” contains basic functionalities for collaborative work, including centralized data base and model-level consistency checking. This was integrated in the same technologies (CDO) for Papyrus and for OpenCert. We also developed connections between Papyrus and OpenCert and OpenCert and EPF.
STO4: Cross-domain and intra domain assurance reuse. As part of the first prototype “Core”, we have merged OPENCOSS and Safecer approaches, by adopting a process-specific method and tools supported on EPF and a compliance management method and tools supported on OpenCert.

Progress regarding our strategic expected impacts:
1. Improving design efficiency of complex CPSs. Improve exchange between multidisciplinary teams for complex design decisions (in Papyrus and CHESS), when assurance and certification (OpenCert). More efficient exchange of design assets by using standards for system architecture (SysML), assurance cases (GSN and SACM) and process languages (SPEM).
2. Reducing Recurring Certification/Qualification Costs of Products certified/qualified before. Reduce costs and time for recertification of new versions of existing systems by using the proposed contract-based approach for design and assurance. By using EPF for process modelling, integrated with OpenCert, users are able to reuse process specifications across domains, company departments, practices and projects.
3. Increase Openness and Interoperability of assurance and certification/qualification tool technologies. AMASS promotes an open and collaborative approach to the development of core technologies by embracing the open-source philosophy for the AMASS platform. All our developments are being hosted by Eclipse/Polarsys community, as part of the OpenCert, CHESS and EPF Eclipse projects.