DOCSLIB.ORG

On System Safety and Reliability Methods in Early Design Phases

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
On System Safety and Reliability Methods in Early Design Phases LINKÖPING STUDIES IN SCIENCE AND TECHNOLOGY THESIS NO. 1600 ON SYSTEM SAFETY AND RELIABILITY METHODS IN EARLY DESIGN PHASES Cost Focused Optimization Applied on Aircraft Systems Cristina Johansson Copyright © Cristina Johansson, 2013 [email protected] http://www.iei.liu.se/machine/cristina-johansson/home?l=en On System Safety and Reliability in Early Design Phases Linköping Studies in Science and Technology, Thesis No. 1600 ISBN 978-91-7519-584-1 ISSN 0280-7971 LIU-TEK-LIC-2013:34 Printed by: LiU-Tryck, Linköping, 2013 Linköping University Division of Machine Design Department of Management and Engineering SE-581 83 Linköping, Sweden Only those who will risk going too far can possibly find out how far one can go. – T.S. Eliot 1888 Abstract YSTEM Safety and Reliability are fundamental to system design and involve a S quantitative assessment prior to system development. An accurate prediction of reliability and system safety in a new product before it is manufactured and marketed is necessary as it allows us to forecast accurately the support costs, warranty costs, spare parts requirements, etc. On the other hand, it can be argued that an accurate prediction implies knowledge about failures that is rarely there in early design phases. Furthermore, while predictions of system performance can be made with credible precision, within reasonable tolerances, reliability and system safety are seldom predicted with high accuracy and confidence. How well a product meets its performance requirements depends on various characteristics such as quality, reliability, availability, safety, and efficiency. But to produce a reliable product we may have to incur increased cost of design and manufacturing. Balancing such requirements, that are often contradictory, is also a necessary step in product development. This step can be performed using different optimization techniques. This thesis is an attempt to develop a methodology for analysis and optimization of system safety and reliability in early design phases. A theoretical framework and context are presented in the first part of the thesis, including system safety and reliability methods and optimization techniques. Each of these topics is presented in its own chapter. The second and third parts are dedicated to contributions and papers. Three papers are included in the third part; the first evaluates the applicability of reliability methods in early design phases, the second is a proposed guideline for how to choose the right reliability method, and the third suggests a method to balance the safety requirements, reliability goals, and costs. i Acknowledgements HE work presented in this licentiate thesis was carried out in the form of an industrial PhD T project at the Division of Machine Design at the Department of Management and Engineering (IEI) at Linköping University. The research was funded by VINNOVA’s National Aviation Research Programme (NFFP) and Saab Aeronautics. First of all, I’d like to thank my supervisor Prof. Johan Ölvander for his efforts in reviewing, discussing, and directing the research and for excellent guidance through the academic world. I also want to thank my industrial-supervisor Tech. Lic. Per Persson for always be open to discussions and providing rational advice from an industrial point of view as well as for the effort in reviewing. I thank the senior researcher involved in this project, Dr. Micael Derelöv for the guidance and advice from an academic and industrial point of view. I want to thank my colleagues at Saab Aeronautics, Division of System Safety and Reliability and Tech. Fellow Lars Holmlund for their support and sharing with me from their field experience within System Safety and the aviation industry. Special thanks go to my line manager Johan Tengroth for understanding and protecting my academic studies from drowning in industrial assignments. I also want to thank Dr. Birgitta Lantto for her help and support to start this project. I wouldn’t be here without her advice. Thanks also go to Dr. Hampus Gavel for inspiring me to start this project and letting me know that everything is possible. I want to give special mention to a mentor and former colleague I had the privilege of working with, Mr. Manfred Stein, who inspired my choice of career. To my family thanks for believing in me. Cristina Johansson May 2013 iii Appended Papers HE following papers are appended and will be referred to by their Roman numerals. The T papers are printed in their originally published state, except for changes in formatting and correction of minor errata. [I] Johansson, C; Persson, P; Ölvander, J. (2012), ‘On The Usage Of Reliability Methods In Early Design Phases, proceedings of PSAM11&ESREL2012, 25-29 June, Helsinki, Finland. [II] Johansson, C; Persson, P; Ölvander, J (2013), Choosing The Reliability Approach - A Guideline For Selecting The Appropriate Reliability Method In The Design Process, proceeding of Advances in Risk and Reliability Technology Symposium 2013, 21- 23 May, Nottingham, UK [III] Johansson, C; Persson, P; Derelöv, M; Ölvander, J (2013), Cost optimization with focus on reliability and system safety, proceeding of ESREL2013, 29 Sep- 02 Oct., Amsterdam, Holland v The following report is not included in the thesis but constitute an important part of the background. [IV] Johansson, C., (2010), A Review of the Reliability and System Safety Methods and Principles in Early Design Phases, Registration no. TDI-2010-0082 at Saab Aeronautics, Linköping, Sweden vi Contents 1 INTRODUCTION 1 1.1 Background ................................................................................................................... 1 1.2 Product Development ................................................................................................... 2 1.3 Objectives ...................................................................................................................... 3 1.4 Research Questions and Method .................................................................................. 4 1.5 Thesis Outline ............................................................................................................... 5 2 RELIABILITY ENGINEERING 7 2.1 Reliability Analysis ....................................................................................................... 8 2.2 Methods and Techniques ............................................................................................... 9 2.2.1 The “Part Count” Approach ............................................................................... 10 2.2.2 Stress-Strength analysis ....................................................................................... 11 2.2.3 Parts derating and selection ................................................................................ 11 2.2.4 Functional Analysis ............................................................................................. 12 2.2.5 Failure Modes and Effects Analysis (FMEA) ..................................................... 13 2.2.6 Reliability Block Diagram (RBD) ....................................................................... 13 2.2.7 Event Tree Analysis (ETA) ................................................................................. 15 2.2.8 Fault Tree Analysis (FTA) .................................................................................. 15 2.2.9 Markov Chains Models (MA) ............................................................................. 18 2.2.10 Petri Nets (PN) ............................................................................................... 20 3 SYSTEM SAFETY 23 3.1 Methods and Techniques ............................................................................................. 24 3.1.1 Failure Modes, Effects and Criticality Analysis (FMECA) ................................ 25 3.1.2 Double Failure Matrix (DFM) ............................................................................ 25 3.1.3 Event Tree Analysis (ETA) ................................................................................. 26 3.1.4 Common Cause Analysis (CCA) ......................................................................... 27 3.1.4.1 Zonal (Hazard) Analysis (ZA or ZHA) ........................................................... 27 3.1.4.2 Common Mode Fault (CMF) .......................................................................... 28 3.1.4.3 Common Cause Failures (CCF) ...................................................................... 28 3.1.5 Hazard Analysis ................................................................................................... 29 3.1.5.1 Functional Hazard Assessment (FHA) ............................................................ 29 3.1.5.2 Preliminary Hazard Analysis (PHA)............................................................... 30 3.1.5.3 Fault Hazard Analysis (FHA) ......................................................................... 30 3.2 Standards and Regulations ......................................................................................... 31 4 OPTIMIZATION 33 4.1 Genetic Algorithm ....................................................................................................... 34 vii 5 APPLICATION OF SYSTEM SAFETY AND RELIABILITY METHODS IN EARLY DESIGN PHASES 39 5.1 Usage of Reliability Methods in Early Design Phases ................................................ 39 5.2 Research versus Industry ...........................................................................................
Load more

Recommended publications
  • Vol. 81 Thursday, No. 174 September 8, 2016 Pages 61973–62352
    Vol. 81 Thursday, No. 174 September 8, 2016 Pages 61973–62352 OFFICE OF THE FEDERAL REGISTER VerDate Sep 11 2014 22:15 Sep 07, 2016 Jkt 238001 PO 00000 Frm 00001 Fmt 4710 Sfmt 4710 E:\FR\FM\08SEWS.LOC 08SEWS sradovich on DSK3GMQ082PROD with FRONT MATTER WS II Federal Register / Vol. 81, No. 174 / Thursday, September 8, 2016 The FEDERAL REGISTER (ISSN 0097–6326) is published daily, SUBSCRIPTIONS AND COPIES Monday through Friday, except official holidays, by the Office PUBLIC of the Federal Register, National Archives and Records Administration, Washington, DC 20408, under the Federal Register Subscriptions: Act (44 U.S.C. Ch. 15) and the regulations of the Administrative Paper or fiche 202–512–1800 Committee of the Federal Register (1 CFR Ch. I). The Assistance with public subscriptions 202–512–1806 Superintendent of Documents, U.S. Government Publishing Office, Washington, DC 20402 is the exclusive distributor of the official General online information 202–512–1530; 1–888–293–6498 edition. Periodicals postage is paid at Washington, DC. Single copies/back copies: The FEDERAL REGISTER provides a uniform system for making Paper or fiche 202–512–1800 available to the public regulations and legal notices issued by Assistance with public single copies 1–866–512–1800 Federal agencies. These include Presidential proclamations and (Toll-Free) Executive Orders, Federal agency documents having general FEDERAL AGENCIES applicability and legal effect, documents required to be published Subscriptions: by act of Congress, and other Federal agency documents of public interest. Assistance with Federal agency subscriptions: Documents are on file for public inspection in the Office of the Email [email protected] Federal Register the day before they are published, unless the Phone 202–741–6000 issuing agency requests earlier filing.
    [Show full text]
  • Analysis of Factors
    SYSTEM SAFETY ASSESSMENT COURSE June 2017 COMMON CAUSE FAILURES, PARTICULAR RISKS AND ZONAL SAFETY ANALYSIS R.G.W. Cherry & Associates Limited 2017. All rights reserved - 1 - SYSTEM SAFETY ASSESSMENT COURSE June 2017 1 Common Cause Failures Common Cause Failures are often the limiting factor on the integrity of complex systems, and yet they are often overlooked in the safety assessment process. In this module consideration is given to the various forms of Common Cause Failures that have the potential for compromising the reliability of aircraft systems and the possible methods for identifying them during the design process. 1.1 THEORY V PRACTICE It is normally expected that if the probability of failure of one channel in a given period is X and there are N channels, any of which may achieve the intended function, then the probability of all channels failing is: XN …………………. Equation 1 The impact of Common Cause Failures on an aircraft electrical power generation system was assessed from a study carried out by Hawker Siddeley Aviation in the 1970s. The study was carried out on an in-service aircraft that had three otherwise independent electrical power generation channels. For this aircraft, the average failure rate for each of the channels was found to be approximately: 9.5 x 10-4 per flight Now if the aircraft had only two electrical power generation channels then the probability of both failing due to independent causes might be expected to be :- (9.5 x 10-4)2 per flight = 9 x 10-7 per flight (approx.) And for the three-channel system: (9.5 x 10-4)3 per flight = 8.6 x 10-10 per flight (approx.) However, when the in-service record for the subject aircraft was investigated it was found that multi-channel failures occurred at a much greater frequency than predicted by this simple theoretical approach.
    [Show full text]
  • A Quantitative Reliability, Maintainability and Supportability Approach for NASA's Second Generation Reusable Launch Vehicle
    A Quantitative Reliability, Maintainability and Supportability Approach for NASA's Second Generation Reusable Launch Vehicle Fayssai M. Safie, Ph. D. Marshall Space Flight Center Huntsville, Alabama Tel: 256-544-5278 E-mail: Fayssal.Safie @ msfc.nasa.gov Charles Daniel, Ph.D. Marshall Space Flight Center Huntsville, Alabama Tel: 256-544-5278 E-mail: Charles.Daniel @msfc.nasa.gov Prince Kalia Raytheon ITSS Marshall Space Flight Center Huntsville, Alabama Tel: 256-544-6871 E-mail: Prince.Kalia @ msfc.nasa.gov ABSTRACT The United States National Aeronautics and Space Administration (NASA) is in the midst of a 10-year Second Generation Reusable Launch Vehicle (RLV) program to improve its space transportation capabilities for both cargo and crewed missions. The objectives of the program are to: significantly increase safety and reliability, reduce the cost of accessing low-earth orbit, attempt to leverage commercial launch capabilities, and provide a growth path for manned space exploration. The safety, reliability and life cycle cost of the next generation vehicles are major concerns, and NASA aims to achieve orders of magnitude improvement in these areas. To get these significant improvements, requires a rigorous process that addresses Reliability, Maintainability and Supportability (RMS) and safety through all the phases of the life cycle of the program. This paper discusses the RMS process being implemented for the Second Generation RLV program. 1.0 INTRODUCTION The 2nd Generation RLV program has in place quantitative Level-I RMS, and cost requirements [Ref 1] as shown in Table 1, a paradigm shift from the Space Shuttle program. This paradigm shift is generating a change in how space flight system design is approached.
    [Show full text]
  • 3 System Design 71 NYS Project Management Guidebook
    Section III:3 System Design 71 NYS Project Management Guidebook 3 SYSTEM DESIGN Purpose The purpose of System Design is to create a technical solution that satisfies the functional requirements for the system. At this point in the project lifecycle there should be a Functional Specification, written primarily in business terminology, con- taining a complete description of the operational needs of the various organizational entities that will use the new system. The challenge is to translate all of this information into Technical Specifications that accurately describe the design of the system, and that can be used as input to System Construction. The Functional Specification produced during System Require- ments Analysis is transformed into a physical architecture. System components are distributed across the physical archi- tecture, usable interfaces are designed and prototyped, and Technical Specifications are created for the Application Developers, enabling them to build and test the system. Many organizations look at System Design primarily as the preparation of the system component specifications; however, constructing the various system components is only one of a set of major steps in successfully building a system. The prepara- tion of the environment needed to build the system, the testing of the system, and the migration and preparation of the data that will ultimately be used by the system are equally impor- tant. In addition to designing the technical solution, System Design is the time to initiate focused planning efforts for both the testing and data preparation activities. List of Processes This phase consists of the following processes: N Prepare for System Design, where the existing project repositories are expanded to accommodate the design work products, the technical environment and tools needed to support System Design are established, and training needs of the team members involved in System Design are addressed.
    [Show full text]
  • A Zonal Safety Analysis Methodology for Preliminary Aircraft Systems and Structural Design
    A Zonal Safety Analysis Methodology for Preliminary Aircraft Systems and Structural Design Chen, Z. and Fielding, J. P. School of Aerospace, Transport and Manufacturing, Cranfield University ABSTRACT Zonal Safety Analysis (ZSA) is a major part of the civil aircraft safety assessment process described in Aerospace Recommended Practice 4761 (ARP4761). It considers safety effects that systems/items installed in the same zone (i.e. a defined area within the aircraft body) may have on each other. Although the ZSA may be conducted at any design stage, it would be most cost-effective to do it during preliminary design, due to the greater opportunity for influence on system and structural designs and architecture. The existing ZSA methodology of ARP4761 was analysed but it was found to be more suitable for detail design rather than preliminary design. The authors therefore developed a methodology that would be more suitable for preliminary design and named it the Preliminary Zonal Safety Analysis (PZSA). This new methodology was verified by means of the use of a case-study, based on the NASA N3-X project. Several lessons were learnt from the case study, leading to refinement of the proposed method. These lessons included focusing on the positional layout of major components for the zonal safety inspection, and using the Functional Hazard Analysis (FHA)/Fault Tree Analysis (FTA) to identify system external failure modes. The resulting PZSA needs further refinement, but should prove to be a useful design tool for the preliminary design process. _____________________________________ INTRODUCTION This paper outlines the development of a methodology, hereafter referred to as the Preliminary Zonal Safety Historically, system safety analysis was primarily based Analysis (PZSA).
    [Show full text]
  • Work System Theory: Overview of Core Concepts, Extensions, and Challenges for the Future Steven Alter University of San Francisco, [email protected]
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by University of San Francisco The University of San Francisco USF Scholarship: a digital repository @ Gleeson Library | Geschke Center Business Analytics and Information Systems School of Management February 2013 Work System Theory: Overview of Core Concepts, Extensions, and Challenges for the Future Steven Alter University of San Francisco, [email protected] Follow this and additional works at: http://repository.usfca.edu/at Part of the Business Administration, Management, and Operations Commons, Management Information Systems Commons, and the Technology and Innovation Commons Recommended Citation Alter, Steven, "Work System Theory: Overview of Core Concepts, Extensions, and Challenges for the Future" (2013). Business Analytics and Information Systems. Paper 35. http://repository.usfca.edu/at/35 This Article is brought to you for free and open access by the School of Management at USF Scholarship: a digital repository @ Gleeson Library | Geschke Center. It has been accepted for inclusion in Business Analytics and Information Systems by an authorized administrator of USF Scholarship: a digital repository @ Gleeson Library | Geschke Center. For more information, please contact [email protected]. Research Article Work System Theory: Overview of Core Concepts, Extensions, and Challenges for the Future Steven Alter University of San Francisco [email protected] Abstract This paper presents a current, accessible, and overarching view of work system theory. WST is the core of an integrated body of theory that emerged from a long-term research project to develop a systems analysis and design method for business professionals called the work system method (WSM).
    [Show full text]
  • Risk Assesment: Fault Tree Analysis
    RISK ASSESMENT: FAULT TREE ANALYSIS Afzal Ahmed+, Saghir Mehdi Rizvi*Zeshan Anwer Rana* Faheem Abbas* +COMSAT Institute of Information and Technology, Sahiwal, Pakistan *Navy Engineering College National University of Sciences and Technology, Islamabad drafzal@ciitsahiwal>edu.pk, 03452325972 ABSTRACT The failure of engineering equipment causes loss of capital as well as human loss, injuries, and stoppage of production line. The hazards can be classified as safe, minor, major, critical and catastrophic Risk analysis or hazard analysis pin points the potential failures of engineering systems and or components when being used.. Failure mode and effects analysis is used to identify hazard and to make system safer. A system is broken down up to level of components and using reliability data the safety or probability of failure of assemblies and the system can be calculated. The failure mode and effects analysis is used with fault tree analysis to point the areas of a complex system where failure mode effect analysis is required. Fault tree analysis (FTA) is a technique which pinpoints any failure or severe accidents. It tells how things fail rather than emphasize on the design performance. It is a logic diagram connecting inputs an outputs using Boolean algebra. This paper shows how FTA can be applied to car carburetor failure and car brake failure. Key words : Risk Management, Reliability, Fault tree, Failure mode INTRODUCTION The world is full risk. We are at risk of accident minor. A failure of an aircraft may cause death when crossing a road or driving. We are at risk to passengers, while a machine may cause living in an apartment not properly designed.
    [Show full text]
  • Raytheon ECE,ME
    SYSTEMS ENGINEER I/II Raytheon ECE,ME Fulltime,BS,MS Requisition ID 90414BR Date updated 04/05/2017 Posted on 4/5/17 Systems Engineer – Full Time The System Architecture Design and Integration Directorate (SADID) in Raytheon Integrated Defense Systems (IDS) is seeking candidates for full time Systems Engineering positions at Massachusetts sites (Andover, Marlborough, Tewksbury and Woburn) and Portsmouth, RI in 2017, with exact work location determined during the interview process.This is an opportunity for college graduates from technical disciplines to begin a career in the design and development of sophisticated tactical defense systems at Raytheon. The ideal candidate has recently completed or is in the final year of an undergraduate or graduate engineering, math or science degree, and is interested in a career in the design of large scale electromechanical systems with defense applications. Job Description: Specific job responsibilities will be designed to match the candidate’s technical interest and academic background, but will likely include search/track/discrimination algorithm development, performance assessment trade studies, and analysis of sensor signal and data processing subsystems. All assignments will focus on developing the candidate’s competency and contribution to program requirements definition, model based systems engineering, sub-system integration and test, and algorithm design.Systems Engineers use MATLAB regularly to conduct data analyses, and are expected to document and present technical results using standard Microsoft Office tools. The engineer should be comfortable working independently and in a team environment. Organization The Systems Architecture Design and Integration Directorate (SADID) is the central focus for Mission Systems Integration activities within IDS.
    [Show full text]
  • CSE477 – Hardware/Software Systems Design
    CSE477 – Hardware/Software Systems Design ❚ Welcome to CSE 477 ❙ Instructor: Carl Ebeling ❙ Hardware Lab Manager: Chris Morgan ❚ Some basics ❙ what is a system? ❙ what is digital system design? ❚ Objectives of this class ❙ designing real systems ❙ combining hardware and software ❙ e.g. projects: graphics display, user interfaces, integrated systems ❚ Class administration and logistics CSE 477 Spring 2002 Introduction 1 What is a system (in our case, mostly digital)? ❚ A collection of components ❙ work together to perform a function ❙ judiciously chosen to meet some constraints ❘ cost, size, power consumption, safety ❙ communicates with its environment ❘ human interaction ❘ communication with other systems over wired or wireless networks ❚ One person's system is another's component ❙ no universal categories of scope/size ❙ subsystems need to be abstracted ❚ How is it documented? ❙ interface specification ❘ Use a component without knowing about internal design ❙ functionality is often implicit in the interface spec CSE 477 Spring 2002 Introduction 2 What is digital system design? ❚ Encompasses all computing systems ❙ combination of hardware and software components ❙ partitioning design into appropriate components is key ❚ Many technologies and components to choose from ❙ programmable components (e.g., PLDs and FPGAs) ❙ processors ❙ memories ❙ interfaces to analog world (e.g., A/D, D/A, special transducers) ❙ input/output devices (e.g., buttons, pressure sensors, etc.) ❙ communication links to environment (wired and wireless) ❚ The Art:
    [Show full text]
  • E U R Op E a N a V Ia T Ion S a F E T Y a G E Nc Y an N U Al
    ANNUAL SAFETY RECOMMENDATIONS REVIEW 2016 SAFETYANNUAL RECOMMENDATIONS EUROPEAN AVIATION SAFETY AVIATION EUROPEAN AGENCY EUROPEAN AVIATION SAFETY AGENCY SAFETY ANALYSIS AND RESEARCH DEPARTMENT Designed in Luxembourg Strategy & Safety Management Directorate Safety Intelligence & Performance Department Annual Safety Recommendations Review 2016 Disclaimer: Neither the European Aviation Safety Agency, nor any person acting on behalf of the European Aviation Safety Agency is responsible for the use which might be made of the following information. The Annual Safety Recommendations Review is produced by the European Aviation Safety Agency (EASA). This edition provides an overview of the safety recommendations that have been addressed to EASA in 2016. It also presents the replies produced during the year. This annual review aims at providing a feedback on the follow-up given to safety recommendations in the con- text of openness, transparency and accountability that characterises the European Public Administration. Apart from its safety related information character, this review is also expected to provide relevant information related to raised safety concerns, both for EASA itself, as well as its stakeholders, including the European public. © European Aviation Safety Agency, 2016. All rights reserved. Proprietary document. Printed copies are not controlled. Confirm revision status through the EASA-Internet site: www.easa.europa.eu. 2016 Annual Safety Recommendations Review PAGE 3 Foreword by the Executive Director I am pleased to introduce the 10th edition of the Annual Safety Recommendations Review, which provides infor- mation on the activity of the Agency in 2016 in the field of safety investigation and follow-up. In addition, the review highlights a range of safety issues and the Agency’s safety improvement efforts that are of interest to the European Aviation Community and the public.
    [Show full text]
  • The Evolution of System Reliability Optimization David Coit, Enrico Zio
    The evolution of system reliability optimization David Coit, Enrico Zio To cite this version: David Coit, Enrico Zio. The evolution of system reliability optimization. Reliability Engineering and System Safety, Elsevier, 2019, 192, pp.106259. 10.1016/j.ress.2018.09.008. hal-02428529 HAL Id: hal-02428529 https://hal.archives-ouvertes.fr/hal-02428529 Submitted on 8 Apr 2020 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Accepted Manuscript The Evolution of System Reliability Optimization David W. Coit , Enrico Zio PII: S0951-8320(18)30602-1 DOI: https://doi.org/10.1016/j.ress.2018.09.008 Reference: RESS 6259 To appear in: Reliability Engineering and System Safety Received date: 14 May 2018 Revised date: 26 July 2018 Accepted date: 7 September 2018 Please cite this article as: David W. Coit , Enrico Zio , The Evolution of System Reliability Optimization, Reliability Engineering and System Safety (2018), doi: https://doi.org/10.1016/j.ress.2018.09.008 This is a PDF file of an unedited manuscript that has been accepted for publication. As a service to our customers we are providing this early version of the manuscript.
    [Show full text]
  • The Embedded Systems Design Challenge*
    The Embedded Systems Design Challenge? Thomas A. Henzinger1 and Joseph Sifakis2 1 EPFL, Lausanne 2 VERIMAG, Grenoble Abstract. We summarize some current trends in embedded systems design and point out some of their characteristics, such as the chasm be- tween analytical and computational models, and the gap between safety- critical and best-effort engineering practices. We call for a coherent sci- entific foundation for embedded systems design, and we discuss a few key demands on such a foundation: the need for encompassing several mani- festations of heterogeneity, and the need for constructivity in design. We believe that the development of a satisfactory Embedded Systems Design Science provides a timely challenge and opportunity for reinvigorating computer science. 1 Motivation Computer Science is going through a maturing period. There is a perception that many of the original, defining problems of Computer Science either have been solved, or require an unforeseeable breakthrough (such as the P versus NP question). It is a reflection of this view that many of the currently advocated challenges for Computer Science research push existing technology to the limits (e.g., the semantic web [4]; the verifying compiler [15]; sensor networks [6]), to new application areas (such as biology [12]), or to a combination of both (e.g., nanotechnologies; quantum computing). Not surprisingly, many of the bright- est students no longer aim to become computer scientists, but choose to enter directly into the life sciences or nanoengineering [8]. Our view is different. Following [18, 22], we believe that there lies a large un- charted territory within the science of computing.
    [Show full text]