Multi-Concerns Interactions System Engineering (MERgE)
The MERgE project is driven by two business critical problems that
software system developers are struggling with: (1) effectively coping with
complex combinations of safety, availability, and security constraints (e.g.,
to support diverse standards and norms), and (2) efficiently tailoring a
software system in different variants (e.g., to target different customers).
Many system engineering companies are looking for tool support to minimize the
software design-time and cost for each variant of a product, while guaranteeing
the expected quality level related to safety, availability as well as security.
Developers of highly critical software systems (e.g., control systems for
automotive, avionics, telecommunications, or healthcare) must handle strict
safety, availability, and security concerns in order to comply with
domain-specific standards. Depending on the application domain, different
concerns may be applied to the same or very similar base models. This results
in multiple variants that target, for example, customers with different safety
concerns, a product line with different levels of quality (e.g., SIL - Safety
Integrity Level), or different application domains with different safety
standards (e.g., ISO26262 - functional safety in automotive electric/electronic
systems, and IEC61508 - functional safety of electrical/electronic/programmable
electronic safety-related systems).
Although many engineering methods, tools, and architectural solutions exist to deal with individual safety, availability, or security concerns, the challenge remains how to combine them (as so-called multi-concerns) and manage inconsistencies or dependencies between them.
From a design and analysis perspective, MERgE addresses the following research questions:
- Cost-efficient tailoring of a product blueprint in multiple variants
o How to formalize and model safety, availability, and security concerns as expressed in various standards (e.g. ISO26262 and IEC61508)?
o How to add or integrate a concern in a structured way, i.e., without having to repeat the whole design cycle?
o How to consistently apply trade-offs between safety, availability, and security concerns throughout the design process?
- Multi-concern assessment of the quality level for each variant
o How to automate the validation of safety, availability and security concerns?
o How to prevent or handle interference between concerns?
o How to express dependencies and inconsistencies between safety, availability and security concerns?
DistriNet will contribute by investigating the inefficiency and ineffectiveness of current software engineering practices and tools. The inefficiency refers to the cost and time required to develop a software system; the ineffectiveness relates to the lack of domain-specific support to handle redundant or contradictory safety, availability, and security engineering concerns. MERgE will develop tool support to minimize the software design-time and cost for each variant of a product, while guaranteeing the expected quality level related to safety, availability as well as security. The MERgE tool chain will help software engineers (in automotive and avionics) to considerably improve the efficiency and effectiveness of the design process by
o specifying domain-specific safety, availability and security concerns,
o identifying dependencies, conflicts, and synergies between concerns,
o providing domain-specific blueprints from which multiple variants can be derived.
DistriNet will closely collaborate with Melexis , Space Applications Services , E2S ,
and a European consortium, consisting of, among others, three divisions of the Thales Group (R&D, Global Services, and Communications & Security) , Obeo , INRIA , University of Oulu , and Codenomicon.
The MERgE project is supported by ITEA2 and funded by IWT.