SlideShare une entreprise Scribd logo

Trustworthy Systems From Space to Sea

Eric Verhulst
Eric Verhulst

- Altreonic provides tools and embedded hardware for developing trustworthy and reliable applications. - Their flagship product is OpenComRTOS, a formally developed real-time operating system that is uniquely small, scalable, and supports heterogeneous targets. - Altreonic also offers GoedelWorks, an integrated development portal that facilitates a formalized engineering process for safety-critical projects from requirements to deployment.

Technologie
1  sur  48
Télécharger pour lire hors ligne
Trustworthy Forever From Deep Space To Deep Sea
Eonic Systems (1989-2001) Virtuoso RTOS for parallel DSP, leader in high-end niche Sold to Wind River Systems in 2001 for 15 mio $ Open License Society (2004 - …) OpenComRTOS (IWT project) Innovative no-nonsense and formalised approach Systems/ software engineering with supporting tools Breakthrough results thanks to Formal Methods 5 to 10x smaller => efficiency, performance Sponsored by Melexis, Embedded Software Group ITEA EVOLVE project R&D costs valued at 2 mio € In sept 2008, Altreonic as a spin-off of OLS To productise and go commercial Flanders Drive ASIL project (safety engineering methodology) 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 2
 Altreonic NV  Owned E.Verhulst, A.Dejonghe, Lancelot Research NV  Team (management in Belgium, development in Ukraïne since 2005)  Eric Verhulst - Founder CEO/CTO  Annie Dejonghe - Founder CFO/COO  Dr. Bernhard Sputh – sr. Engineering manager  Hardware subcontractor in India, Pune  Strategic partner in China, Shanghai  Liaison office in JP.  R&D projects:  EVOLVE: evolutionary/incremental certification/verification  OPENCOSS: certification framework automotive/railway/aerospace  D100LIVES: developing a 100yrs processing device (ARM, ATMEL, NXP, IMEC, …)  Product lines:  OpenComRTOS Designer  Safe Virtual Machine (for C)  StarFish SIL3/4 capable controllers (engineering stage)  GoedelWorks systems engineering platform in beta 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 3
To provide the embedded market with development environments and with embedded hardware for generating applications where high-reliability and trustworthiness are “built-in” into the design as part of the development process. Trustworthy = Safety => dependability / physical quality Security => freedom from malicious faults/ data theft Usability => intuitive and pleasant to use /emotional Privacy => your data is your own Trustworthy = higher added value Application domains: Ultra low power embedded devices Distributed sensing and control Many/multicore devices Parallel supercomputing Fault tolerant/ safety critical systems 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 5
Growing need for trustworthy technology: Electronics + SW replacing mechanical parts Being “embedded” everywhere: part of our life Initially mainly driven by safety: Lives at stake High economic cost “drive by wire” (e.g. Flanders Drive ASIL project) Increasingly shifting to notion of TRUST Essential question: how to develop trustworthy products in a cost-efficient way? 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 6
Support the whole engineering process in a unified way from early requirements capturing till the final application giving a “push button high reliability” experience at a reduced life cycle cost Apply formalisation to tackle complexity Apply Formal Methods to prove correctness => GoedelWorks integrated development portal Maximising the commercial potential by applying its own methodology and tools for the developing of trustworthy controllers in volume. => OpenComRTOS: trusted runtime layer => StarFish: Altreonic’s customizable controllers 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 7
Formalisation to deeply understand the problem domain to find better, leaner and cleaner solutions to find better architectures to improve reuse to get it right the first time Our methods: Unified semantics Speak the same language from early requirements capturing till final product / system is put to use Interacting Entities A common, yet very scalable and modular architectural model 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 9
Base cost Cost of change Base cost Cost of change 300 300 Traditional Formalised Bottom-up Process Engineering Process 250 250 First time right Testing will only 200 200 demonstrate absence of = Less residual errors certain errors. = Higher reliability 150 150 Formal verification can = Less costs prove absence of any 100 100 errors. 50 50 0 0 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 10
GoedelWorks © Test harness Formalised requirements & OpenVE © specifications capturing Formalized modelling Project repository Simulation Code generation Modeling User Applications OpenComRTOS © Formally developed Meta-models Runtime support for concurrency and communication OpenTracer © Unifying Visual Tracing Repository System Debugger © System Level Debugger SafeVirtualMachine Unified Semantics © StarFish Controller Virtual Machine for C © Control & processing platform Unified architectural paradigm: Interacting Entities SIL enabled with support for fault tolerance 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 11
Phase1 Phase2 Phase3 Phase4 Cost : + ++ ++ ++ +++ +++++ +++++++ ++++++ ++++++++++ of issues System System System System Requirements Specifications System Development Integration Validation Maintenance Capturing Capturing Architecting FMEA Safety FTEA Specs Packaging Specs Hardware Specs System and Software Software System System System System Software System Safety Architectural Implementation Validation Maintenance Requirements Architecture Specs Integration Specifications Design Verification Analysis and Test System System System Domain Specific Domain Specific Domain Specific System System System Requirements Specifications Architecture Specifications Architectural Beta Released Released Updates (Normal Case) Design release Design Code Source Code Test Cases & Distribution Test Cases Test Test results System Fault Cases procedures Test Results Validation Fault Cases Results User manual ASIL process flow identified 2800 process requirements! 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 12
Is an integrated set of tools, facilitating the development of high-reliability and safety critical products and systems. Integration is key in achieving reliability and trustworthiness OpenComRTOS Designer suite of tools: OpenComRTOS: unique network-centric formally developed Real Time Operating System, 5 KB(!), unique heterogeneous support – write code once, run anywhere – scalable. Open VE, a visual programming and development environment for developing and simulating real-time embedded applications OpenCookbook is a web-hosted environment supporting the systems engineering process flow (proof of concept) Tools: OpenTracer, OpenSystemInspector, Safe Virtual Machine Being integrated in GoedelWorks SaaS portal OpenComRTOS was one of the three nominees for the: StarFish Scalable, customizable, fault-tolerance capable controllers supported by OpenComRTOS suite 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 13
MARKET Segment Enabler Challenges Ultra low power - hearing aids OCR small code Hardware driven market, - building control OCR low overhead role of SW not well - sensors understood Distributed - smart machines OCR network Inertia from legacy control - robotic machines heterogeneous solutions - sensing networks support Fault - process control OCR formal dev Inertia from legacy tolerant - infrastructure OCR triplication solutions systems - e-vehicles GoedelWorks StarFish - medical Multicore/manycore - handheld devices OCR easy to support Hardware driven devices - set-up boxes Parallel computing - scientific computing Intel SCC Niche - image processing • Embedded Systems and Control (src EU): • Market Size : ~ €188 000 mio with av. growth of 8% until 2020 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 14
Covering full value-chain from requirement to hardware to maximise added value and certifiability MODEL(S)21 METHODOLOGY11 REQUIREMENT21 SPECIFICATIONS21 Architectural Architectural Simulation Simulation CheckPoints11 Normal case Formal Formal Functional Standards Statements Test case Implementation Implementation Non-Functional Guidelines Failure case Questions Hints Entity11 Design Views21 Methodology Answers Method11 Org Specific Domain Specific Misc SubSystem Procedure Interaction Tool Function WorkPackage11 Role Interface GoedelWorks DEVLPMNT TASK11 Process Views21 Issues11 Install Result41 Validation TASK21 Result61 PreConditions31 Write-Up PreConditions51 USE CASES ChangeRequest21 Spec Approved WP completed RELEASE1 PreConditions41 Verification TASK11 PreConditions61 Result51 Test TASK11 Valid Approv Test Approv Work Approved Spec Approved Result71 Dev Task Approv Verif Task Approv OpenCookbook Systems Grammar 10.11.2009 OpenVE OpenComRTOS suite StarFish Safe Virtual Machine OpenTracer 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 15
Formalised systems engineering portal for project support Awareness of safety engineering standards IEC 61508, IEC 62061, ISO DIS 26262, ISO 13849, ISO DIS 25119 and ISO 15998 Organisation specific Supports all process activities with full traceability Based on previous OpenCookBook experience SaaS: no license, but time based Additional licenses: Encryption of data Local hosting (via Open Technology License) 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 16
GoedelWorks’ architecture is competitive advantage: Metamodels allow fast customisation System is “compiled” from specifications Allows semi-automatic certification User is guided through complexity of systems engineering process, and project becomes a lot easier to manage and to certify Project portal = up-to-date database Plug-ins an API for third party tools and technology Imports Flanders’ Drive ASIL methodology e.a. 2 years of dissecting standards => 3800 requirements, 100 Work Products 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 17
26-May-11 Altreonic NV – From Deep Space to Deep Sea - 19
26-May-11 Altreonic NV – From Deep Space to Deep Sea - 21
Formalised but straightforward approach Full integration of tools from requirements to final applications is unique OpenComRTOS is a unique programming system, a unique network-centric RTOS, quasi-universal Formally developed and verified Scalable yet very small: typically 2 to 5 kiB/node Real-time communication support Heterogeneous target support OpenComRTOS nominated embedded award Capable of fault-tolerance (at affordable cost) 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 22
Formalised systems engineering portal for project support Formalised but straightforward approach Full integration of tools from requirements to final applications is unique OpenComRTOS is a unique programming system, a unique network-centric RTOS, quasi-universal Formally developed and verified Scalable yet very small: typically 2 to 5 kiB/node Real-time communication support Heterogeneous target support OpenComRTOS nominated embedded award Capable of fault-tolerance (at affordable cost) 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 23
Result of formal modeling (TLA+) Events, semaphores, FIFOs, Ports, resources, mailbox, memory pools, etc. are all variants of a generic HUB A HUB has 4 functional parts: Synchronisation point between Tasks Stores task’s waiting state if needed Predicate function: defines synchronisation conditions and lifts waiting state of tasks Synchronisation function: functional behavior after synchronisation: can be anything, including passing data All HUBs operate system-wide, but transparently: Virtual Single Processor programming model Possibility to create application specific hubs & services! => a new concurrent programming model 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 24
The generic hub as metamodel Data needs to be buffered Buffer List CeilingPriority Prioity Inheritance For resources Owner Task For semaphores Count Predicate Action Synchronisation Synchronising Predicate Synchronisation W W L L Waiting Lists T T Threshold T Generic Hub (N-N) Similar to Guarded Actions or a pragmatic superset of CSP 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 25
26-May-11 Altreonic NV – From Deep Space to Deep Sea - 26
• Up to 10x smaller than traditional design (thanks to formal development) • Less power, less memory, easier to verify, scalable ... CPU Type Codesize ARM-Cortex-M3 2.5 – 4.0kB XMOS-XS1 5.0 – 7.5kB PowerPC e600 7.1 – 9.8kB TI-C66x (DSP) 5.1 – 7.7kB Code size figures (in Bytes) obtained for our different ports, -Os Dormant ports: MLX16 (2K), Xilinx MB (5K), Leon3(5K), CoolFlux DSP(2K) 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 27
Ultra low power: CoolFlux DSP core (24bit, Harvard) Code size full kernel: 2000w PM + 750w data Interrupt latency: IRQ to ISR: < 112 cycles IRQ to task: < 877 cycles Multicore capable Single chip multicore Intel SCC 48core “super computer on chip + NoC switch” (in development) Heterogeneous networked targets: Win32+Linux+ARM+MicroBlaze+XMOS+LEON3+ … demo programmed as single target 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 28
Ultra low power: SoC, 2K instructions on CoolFlux DSP of NXP E.g. hearing aids Sensor and actuator networks Small code size Power saving modes, wake up by interrupt System wide routing Distributed control Network support is built in Easy to integrate redundancy Easy to distribute control and I/O No more binding glue, no more middleware layers Parallel “supercomputing” Parallel heterogeneous DSP networks PPC and TI C66XX DSP multicore, multi-chip, multi-board, … 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 29
Goal: CPU independent programming Low memory needs (embedded!) Mobile, dynamic code => “embedded apps” Allows to reuse legacy binary code on any processor Results: Selected ARM Thumb1 instruction set of VM target Compactness Widely used CPU < 3 Kbytes of code for VM Executes binary compiled code Capable of native execution on ARM targets VM enhanced with safety support (option): Memory violations Stack violations Numerical exceptions 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 30
Network infrastructure 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 31
GoedelWorks Structured team work over the internet MODEL(S)21 METHODOLOGY11 REQUIREMENT21 SPECIFICATIONS21 Architectural Architectural Simulation Simulation CheckPoints11 Normal case Formal Formal Functional Standards Statements Test case Implementation Implementation Non-Functional Guidelines Failure case Questions Hints Entity11 Design Views21 Answers Method11 Org Specific Domain Specific Misc SubSystem Procedure Interaction Tool Function WorkPackage11 Role Interface Process Views21 DEVLPMNT TASK11 Issues11 Install Result41 Validation TASK21 Result61 PreConditions31 Write-Up PreConditions51 USE CASES ChangeRequest21 Spec Approved WP completed RELEASE1 PreConditions41 Verification TASK11 PreConditions61 Result51 Test TASK11 Valid Approv Test Approv Work Approved Spec Approved Result71 Dev Task Approv Verif Task Approv OpenCookbook Systems Grammar 10.11.2009 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 32
Phase Detector Low Pass Filter Voltage Control Oscillator sin(α) speed + K1 1/s 1/s angle - cos(α) K2 sin(α) cos(α) (third party tools) Simulating the algorithm in a PC doesn’t cost much, but allows to find the issues early on 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 33
After simulation and model checking, select the application architecture and OpenVE start development 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 34
• Networked control modules do the real work. • Added value from high reliability and high performance algorithms • Fault tolerance is a configuration option Altreonic Inside 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 35
OpenVE: How are processors connected ? 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 36
OpenVE How is the application structured ? 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 37
The more code is generated, the less programmingerror s are made OpenVE 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 38
Verification and testing is needed to confirm the work was well done OpenTracer 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 39
From idea to prototype in a seamlessly integrated and controlled process 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 40
26-May-11 Altreonic NV – From Deep Space to Deep Sea - 41
OpenComRTOS supports heterogeneous networked and many-core processor systems: Remapping tasks or RTOS entities requires no source code changes Timings will differ but logic application remains Meta-models hide complexity for user 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 42
Key characteristics : Scalable performance High Reliability (SIL3) Fault Tolerance (SIL4) Target market : Robotics, Automotive, Transport, Aerospace, Machine Control. Altreonic powered (Status: engineering systems Q4) OpenComRTOS designer suite 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 43
Key characteristics Allows full access Fully closed enclosure (IP64 or higher) Power consumption rated at 7.5 W when using all quadrants @ > 3200 Mips Application specific mezzanines Production version will be compact and stacked or use one quadrant as unit 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 44
Key characteristics : High Reliability (SIL3) → Fault Tolerance (SIL4) All-in: Traction Braking Anti-slip Stability control Active suspension Exploits transparent distributed operation of OpenComRTOS Own controllers and e-motor in development Software and Hardware redundancy enables fault-tolerant controllers in 1-, 2-, 3-, 4-, n-wheel platforms => StarFish was designed with such topology in mind 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 45
• Central control moves towards distributed control • Robot has 42 “feet” = 42 controllers + central • Original design: 7000 euro hardware • Our proposal: < 1000 euro + connection to PC and operator console 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 46
Innovative no-risk open licensing scheme as well as binary and source code licenses. No runtime royalties. Binary (only free targets like Win32) Single seat/single site Source code + Kernel source code and build system Open Technology license Formal models, design doc, all source code, test suites, porting guide, … of RTOS + code gens + GUI tools Right to generate extra binary licenses Small royalty For all Software and all Hardware products Maintenance/support: 20%/yr/license 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 47
We need hardware that executes (software) specifications Full system engineering flow support Enables high-reliability/safety OpenComRTOS project has proven that a universal concurrent programming paradigm works: Very small code size, yet very scalable Heterogeneous for CPU and communication media Greatly due to formal(ised) development www.altreonic.com Eric.Verhulst @ altreonic.com 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 48

Recommandé

Sp MoD M&S Infrastructure based on SimWare
Sp MoD M&S Infrastructure based on SimWareSp MoD M&S Infrastructure based on SimWare
Sp MoD M&S Infrastructure based on SimWareSimware
 
AF3 Interner Tag Offene Tueren
AF3 Interner Tag Offene TuerenAF3 Interner Tag Offene Tueren
AF3 Interner Tag Offene Tuerenaf_devel
 
InduSoft and Genesis RTS - Evolution of Real-Time Operations in the Energy Se...
InduSoft and Genesis RTS - Evolution of Real-Time Operations in the Energy Se...InduSoft and Genesis RTS - Evolution of Real-Time Operations in the Energy Se...
InduSoft and Genesis RTS - Evolution of Real-Time Operations in the Energy Se...AVEVA
 
Kahuna Corporate Profile
Kahuna Corporate ProfileKahuna Corporate Profile
Kahuna Corporate Profilekahunasystems
 
OpenCloudware: the Cloud application lifecycle management platform
OpenCloudware: the Cloud application lifecycle management platformOpenCloudware: the Cloud application lifecycle management platform
OpenCloudware: the Cloud application lifecycle management platformopencloudware
 
Pervasive content management
Pervasive content managementPervasive content management
Pervasive content managementAlfresco Software
 
Open comrtos formally_developed _rtos_for_heterogeneous_systems
Open comrtos formally_developed _rtos_for_heterogeneous_systemsOpen comrtos formally_developed _rtos_for_heterogeneous_systems
Open comrtos formally_developed _rtos_for_heterogeneous_systemsEric Verhulst
 
stackconf 2023 | Bringing Order to Chaos: Make Your Systems More Resilient wi...
stackconf 2023 | Bringing Order to Chaos: Make Your Systems More Resilient wi...stackconf 2023 | Bringing Order to Chaos: Make Your Systems More Resilient wi...
stackconf 2023 | Bringing Order to Chaos: Make Your Systems More Resilient wi...NETWAYS
 

Recommandé

Sp MoD M&S Infrastructure based on SimWare
Sp MoD M&S Infrastructure based on SimWareSp MoD M&S Infrastructure based on SimWare
Sp MoD M&S Infrastructure based on SimWareSimware
 
AF3 Interner Tag Offene Tueren
AF3 Interner Tag Offene TuerenAF3 Interner Tag Offene Tueren
AF3 Interner Tag Offene Tuerenaf_devel
 
InduSoft and Genesis RTS - Evolution of Real-Time Operations in the Energy Se...
InduSoft and Genesis RTS - Evolution of Real-Time Operations in the Energy Se...InduSoft and Genesis RTS - Evolution of Real-Time Operations in the Energy Se...
InduSoft and Genesis RTS - Evolution of Real-Time Operations in the Energy Se...AVEVA
 
Kahuna Corporate Profile
Kahuna Corporate ProfileKahuna Corporate Profile
Kahuna Corporate Profilekahunasystems
 
OpenCloudware: the Cloud application lifecycle management platform
OpenCloudware: the Cloud application lifecycle management platformOpenCloudware: the Cloud application lifecycle management platform
OpenCloudware: the Cloud application lifecycle management platformopencloudware
 
Pervasive content management
Pervasive content managementPervasive content management
Pervasive content managementAlfresco Software
 
Open comrtos formally_developed _rtos_for_heterogeneous_systems
Open comrtos formally_developed _rtos_for_heterogeneous_systemsOpen comrtos formally_developed _rtos_for_heterogeneous_systems
Open comrtos formally_developed _rtos_for_heterogeneous_systemsEric Verhulst
 
stackconf 2023 | Bringing Order to Chaos: Make Your Systems More Resilient wi...
stackconf 2023 | Bringing Order to Chaos: Make Your Systems More Resilient wi...stackconf 2023 | Bringing Order to Chaos: Make Your Systems More Resilient wi...
stackconf 2023 | Bringing Order to Chaos: Make Your Systems More Resilient wi...NETWAYS
 
XebiaLabs Overview Slides
XebiaLabs Overview SlidesXebiaLabs Overview Slides
XebiaLabs Overview SlidesXebiaLabs
 
Cloud foundry elastic architecture and deploy based on openstack
Cloud foundry elastic architecture and deploy based on openstackCloud foundry elastic architecture and deploy based on openstack
Cloud foundry elastic architecture and deploy based on openstackOpenCity Community
 
Exploring New Features that Allow for Simulation and Offline Development Oppo...
Exploring New Features that Allow for Simulation and Offline Development Oppo...Exploring New Features that Allow for Simulation and Offline Development Oppo...
Exploring New Features that Allow for Simulation and Offline Development Oppo...Rockwell Automation
 
OneCommand Vision 2.1 webcast: Cutting edge LUN SLAs, AIX on PowerPC and flex...
OneCommand Vision 2.1 webcast: Cutting edge LUN SLAs, AIX on PowerPC and flex...OneCommand Vision 2.1 webcast: Cutting edge LUN SLAs, AIX on PowerPC and flex...
OneCommand Vision 2.1 webcast: Cutting edge LUN SLAs, AIX on PowerPC and flex...Emulex Corporation
 
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...Proact Netherlands B.V.
 
UShareSoft Cloud Expo New York 2011
UShareSoft Cloud Expo New York 2011UShareSoft Cloud Expo New York 2011
UShareSoft Cloud Expo New York 2011UShareSoft
 
UShareSoft CloudExpo New York 2011
UShareSoft CloudExpo New York 2011UShareSoft CloudExpo New York 2011
UShareSoft CloudExpo New York 2011UShareSoft
 
Introduction to InTouch Machine Edition (ITME)
Introduction to InTouch Machine Edition (ITME)Introduction to InTouch Machine Edition (ITME)
Introduction to InTouch Machine Edition (ITME)Wonderware InTouch Machine Edition
 
ISSRE 2008 Trip Report
ISSRE 2008 Trip ReportISSRE 2008 Trip Report
ISSRE 2008 Trip ReportBob Binder
 
Cloud Computing and VCE
Cloud Computing and VCECloud Computing and VCE
Cloud Computing and VCECenk Ersoy
 
Delta V Control System Overview
Delta V Control System OverviewDelta V Control System Overview
Delta V Control System OverviewSumeet Goel
 
Leverage Virtual Design to Build a Better System
Leverage Virtual Design to Build a Better SystemLeverage Virtual Design to Build a Better System
Leverage Virtual Design to Build a Better SystemRockwell Automation
 
Best practices in dcs migration webcast
Best practices in dcs migration webcastBest practices in dcs migration webcast
Best practices in dcs migration webcastInvensys Operations Management
 
טכנולוגיות לשוק הקמעונאי
טכנולוגיות לשוק הקמעונאיטכנולוגיות לשוק הקמעונאי
טכנולוגיות לשוק הקמעונאיIsrael Export Institute_מכון היצוא
 
Transforming Mission Critical Applications
Transforming Mission Critical ApplicationsTransforming Mission Critical Applications
Transforming Mission Critical ApplicationsCenk Ersoy
 
BlueData Isilon Validation Brief
BlueData Isilon Validation BriefBlueData Isilon Validation Brief
BlueData Isilon Validation BriefBoni Bruno
 
Leon IT Setup Case Study
Leon IT Setup Case StudyLeon IT Setup Case Study
Leon IT Setup Case Studyrahulmeher
 
Oracle - Soluções do device ao Datacenter
Oracle - Soluções do device ao DatacenterOracle - Soluções do device ao Datacenter
Oracle - Soluções do device ao DatacenterGeneXus
 
Le Software Defined Solutions, ou comment automatiser les ressources IT ?
Le Software Defined Solutions, ou comment automatiser les ressources IT ?Le Software Defined Solutions, ou comment automatiser les ressources IT ?
Le Software Defined Solutions, ou comment automatiser les ressources IT ?RSD
 
Case Study: Datalink—Manage IT monitoring the MSP way
Case Study: Datalink—Manage IT monitoring the MSP wayCase Study: Datalink—Manage IT monitoring the MSP way
Case Study: Datalink—Manage IT monitoring the MSP wayCA Technologies
 
Session 1 introduction concurrent programming
Session 1 introduction concurrent programmingSession 1 introduction concurrent programming
Session 1 introduction concurrent programmingEric Verhulst
 
Unified Systems Engineering feasibility
Unified Systems Engineering feasibilityUnified Systems Engineering feasibility
Unified Systems Engineering feasibilityEric Verhulst
 

Contenu connexe

Similaire à Trustworthy Systems From Space to Sea

XebiaLabs Overview Slides
XebiaLabs Overview SlidesXebiaLabs Overview Slides
XebiaLabs Overview SlidesXebiaLabs
 
Cloud foundry elastic architecture and deploy based on openstack
Cloud foundry elastic architecture and deploy based on openstackCloud foundry elastic architecture and deploy based on openstack
Cloud foundry elastic architecture and deploy based on openstackOpenCity Community
 
Exploring New Features that Allow for Simulation and Offline Development Oppo...
Exploring New Features that Allow for Simulation and Offline Development Oppo...Exploring New Features that Allow for Simulation and Offline Development Oppo...
Exploring New Features that Allow for Simulation and Offline Development Oppo...Rockwell Automation
 
OneCommand Vision 2.1 webcast: Cutting edge LUN SLAs, AIX on PowerPC and flex...
OneCommand Vision 2.1 webcast: Cutting edge LUN SLAs, AIX on PowerPC and flex...OneCommand Vision 2.1 webcast: Cutting edge LUN SLAs, AIX on PowerPC and flex...
OneCommand Vision 2.1 webcast: Cutting edge LUN SLAs, AIX on PowerPC and flex...Emulex Corporation
 
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...Proact Netherlands B.V.
 
UShareSoft Cloud Expo New York 2011
UShareSoft Cloud Expo New York 2011UShareSoft Cloud Expo New York 2011
UShareSoft Cloud Expo New York 2011UShareSoft
 
UShareSoft CloudExpo New York 2011
UShareSoft CloudExpo New York 2011UShareSoft CloudExpo New York 2011
UShareSoft CloudExpo New York 2011UShareSoft
 
ISSRE 2008 Trip Report
ISSRE 2008 Trip ReportISSRE 2008 Trip Report
ISSRE 2008 Trip ReportBob Binder
 
Cloud Computing and VCE
Cloud Computing and VCECloud Computing and VCE
Cloud Computing and VCECenk Ersoy
 
Delta V Control System Overview
Delta V Control System OverviewDelta V Control System Overview
Delta V Control System OverviewSumeet Goel
 
Leverage Virtual Design to Build a Better System
Leverage Virtual Design to Build a Better SystemLeverage Virtual Design to Build a Better System
Leverage Virtual Design to Build a Better SystemRockwell Automation
 
Transforming Mission Critical Applications
Transforming Mission Critical ApplicationsTransforming Mission Critical Applications
Transforming Mission Critical ApplicationsCenk Ersoy
 
BlueData Isilon Validation Brief
BlueData Isilon Validation BriefBlueData Isilon Validation Brief
BlueData Isilon Validation BriefBoni Bruno
 
Leon IT Setup Case Study
Leon IT Setup Case StudyLeon IT Setup Case Study
Leon IT Setup Case Studyrahulmeher
 
Oracle - Soluções do device ao Datacenter
Oracle - Soluções do device ao DatacenterOracle - Soluções do device ao Datacenter
Oracle - Soluções do device ao DatacenterGeneXus
 
Le Software Defined Solutions, ou comment automatiser les ressources IT ?
Le Software Defined Solutions, ou comment automatiser les ressources IT ?Le Software Defined Solutions, ou comment automatiser les ressources IT ?
Le Software Defined Solutions, ou comment automatiser les ressources IT ?RSD
 
Case Study: Datalink—Manage IT monitoring the MSP way
Case Study: Datalink—Manage IT monitoring the MSP wayCase Study: Datalink—Manage IT monitoring the MSP way
Case Study: Datalink—Manage IT monitoring the MSP wayCA Technologies
 

Similaire à Trustworthy Systems From Space to Sea (20)

XebiaLabs Overview Slides
XebiaLabs Overview SlidesXebiaLabs Overview Slides
XebiaLabs Overview Slides
 
Cloud foundry elastic architecture and deploy based on openstack
Cloud foundry elastic architecture and deploy based on openstackCloud foundry elastic architecture and deploy based on openstack
Cloud foundry elastic architecture and deploy based on openstack
 
Exploring New Features that Allow for Simulation and Offline Development Oppo...
Exploring New Features that Allow for Simulation and Offline Development Oppo...Exploring New Features that Allow for Simulation and Offline Development Oppo...
Exploring New Features that Allow for Simulation and Offline Development Oppo...
 
OneCommand Vision 2.1 webcast: Cutting edge LUN SLAs, AIX on PowerPC and flex...
OneCommand Vision 2.1 webcast: Cutting edge LUN SLAs, AIX on PowerPC and flex...OneCommand Vision 2.1 webcast: Cutting edge LUN SLAs, AIX on PowerPC and flex...
OneCommand Vision 2.1 webcast: Cutting edge LUN SLAs, AIX on PowerPC and flex...
 
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
PROACT SYNC 2013 - Breakout - VSPEX en vBlock Converged Infrastructure bouwbl...
 
UShareSoft Cloud Expo New York 2011
UShareSoft Cloud Expo New York 2011UShareSoft Cloud Expo New York 2011
UShareSoft Cloud Expo New York 2011
 
UShareSoft CloudExpo New York 2011
UShareSoft CloudExpo New York 2011UShareSoft CloudExpo New York 2011
UShareSoft CloudExpo New York 2011
 
Introduction to InTouch Machine Edition (ITME)
Introduction to InTouch Machine Edition (ITME)Introduction to InTouch Machine Edition (ITME)
Introduction to InTouch Machine Edition (ITME)
 
ISSRE 2008 Trip Report
ISSRE 2008 Trip ReportISSRE 2008 Trip Report
ISSRE 2008 Trip Report
 
Cloud Computing and VCE
Cloud Computing and VCECloud Computing and VCE
Cloud Computing and VCE
 
Delta V Control System Overview
Delta V Control System OverviewDelta V Control System Overview
Delta V Control System Overview
 
Leverage Virtual Design to Build a Better System
Leverage Virtual Design to Build a Better SystemLeverage Virtual Design to Build a Better System
Leverage Virtual Design to Build a Better System
 
Best practices in dcs migration webcast
Best practices in dcs migration webcastBest practices in dcs migration webcast
Best practices in dcs migration webcast
 
טכנולוגיות לשוק הקמעונאי
טכנולוגיות לשוק הקמעונאיטכנולוגיות לשוק הקמעונאי
טכנולוגיות לשוק הקמעונאי
 
Transforming Mission Critical Applications
Transforming Mission Critical ApplicationsTransforming Mission Critical Applications
Transforming Mission Critical Applications
 
BlueData Isilon Validation Brief
BlueData Isilon Validation BriefBlueData Isilon Validation Brief
BlueData Isilon Validation Brief
 
Leon IT Setup Case Study
Leon IT Setup Case StudyLeon IT Setup Case Study
Leon IT Setup Case Study
 
Oracle - Soluções do device ao Datacenter
Oracle - Soluções do device ao DatacenterOracle - Soluções do device ao Datacenter
Oracle - Soluções do device ao Datacenter
 
Le Software Defined Solutions, ou comment automatiser les ressources IT ?
Le Software Defined Solutions, ou comment automatiser les ressources IT ?Le Software Defined Solutions, ou comment automatiser les ressources IT ?
Le Software Defined Solutions, ou comment automatiser les ressources IT ?
 
Case Study: Datalink—Manage IT monitoring the MSP way
Case Study: Datalink—Manage IT monitoring the MSP wayCase Study: Datalink—Manage IT monitoring the MSP way
Case Study: Datalink—Manage IT monitoring the MSP way
 

Plus de Eric Verhulst

Session 1 introduction concurrent programming
Session 1 introduction concurrent programmingSession 1 introduction concurrent programming
Session 1 introduction concurrent programmingEric Verhulst
 
Unified Systems Engineering feasibility
Unified Systems Engineering feasibilityUnified Systems Engineering feasibility
Unified Systems Engineering feasibilityEric Verhulst
 
OpenComRTOS 1.4_tutorial_3o4_presentation
OpenComRTOS 1.4_tutorial_3o4_presentationOpenComRTOS 1.4_tutorial_3o4_presentation
OpenComRTOS 1.4_tutorial_3o4_presentationEric Verhulst
 
Open ComRTOS 1.4_tutorial_2o4_presentation
Open ComRTOS 1.4_tutorial_2o4_presentationOpen ComRTOS 1.4_tutorial_2o4_presentation
Open ComRTOS 1.4_tutorial_2o4_presentationEric Verhulst
 
OpenComRtos 1.4_tutorial_1o4_presentation
OpenComRtos 1.4_tutorial_1o4_presentationOpenComRtos 1.4_tutorial_1o4_presentation
OpenComRtos 1.4_tutorial_1o4_presentationEric Verhulst
 
MARC ONERA Toulouse2012 Altreonic
MARC ONERA Toulouse2012 AltreonicMARC ONERA Toulouse2012 Altreonic
MARC ONERA Toulouse2012 AltreonicEric Verhulst
 
Zen and the art of safety engineering
Zen and the art of safety engineeringZen and the art of safety engineering
Zen and the art of safety engineeringEric Verhulst
 
Unified Systems Engeneering with GoedelWorks
Unified Systems Engeneering with GoedelWorksUnified Systems Engeneering with GoedelWorks
Unified Systems Engeneering with GoedelWorksEric Verhulst
 

Plus de Eric Verhulst (8)

Session 1 introduction concurrent programming
Session 1 introduction concurrent programmingSession 1 introduction concurrent programming
Session 1 introduction concurrent programming
 
Unified Systems Engineering feasibility
Unified Systems Engineering feasibilityUnified Systems Engineering feasibility
Unified Systems Engineering feasibility
 
OpenComRTOS 1.4_tutorial_3o4_presentation
OpenComRTOS 1.4_tutorial_3o4_presentationOpenComRTOS 1.4_tutorial_3o4_presentation
OpenComRTOS 1.4_tutorial_3o4_presentation
 
Open ComRTOS 1.4_tutorial_2o4_presentation
Open ComRTOS 1.4_tutorial_2o4_presentationOpen ComRTOS 1.4_tutorial_2o4_presentation
Open ComRTOS 1.4_tutorial_2o4_presentation
 
OpenComRtos 1.4_tutorial_1o4_presentation
OpenComRtos 1.4_tutorial_1o4_presentationOpenComRtos 1.4_tutorial_1o4_presentation
OpenComRtos 1.4_tutorial_1o4_presentation
 
MARC ONERA Toulouse2012 Altreonic
MARC ONERA Toulouse2012 AltreonicMARC ONERA Toulouse2012 Altreonic
MARC ONERA Toulouse2012 Altreonic
 
Zen and the art of safety engineering
Zen and the art of safety engineeringZen and the art of safety engineering
Zen and the art of safety engineering
 
Unified Systems Engeneering with GoedelWorks
Unified Systems Engeneering with GoedelWorksUnified Systems Engeneering with GoedelWorks
Unified Systems Engeneering with GoedelWorks
 

Dernier

Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 

Dernier (20)

Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 

Trustworthy Systems From Space to Sea

  • 1. Trustworthy Forever From Deep Space To Deep Sea
  • 2. Eonic Systems (1989-2001) Virtuoso RTOS for parallel DSP, leader in high-end niche Sold to Wind River Systems in 2001 for 15 mio $ Open License Society (2004 - …) OpenComRTOS (IWT project) Innovative no-nonsense and formalised approach Systems/ software engineering with supporting tools Breakthrough results thanks to Formal Methods 5 to 10x smaller => efficiency, performance Sponsored by Melexis, Embedded Software Group ITEA EVOLVE project R&D costs valued at 2 mio € In sept 2008, Altreonic as a spin-off of OLS To productise and go commercial Flanders Drive ASIL project (safety engineering methodology) 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 2
  • 3.  Altreonic NV  Owned E.Verhulst, A.Dejonghe, Lancelot Research NV  Team (management in Belgium, development in Ukraïne since 2005)  Eric Verhulst - Founder CEO/CTO  Annie Dejonghe - Founder CFO/COO  Dr. Bernhard Sputh – sr. Engineering manager  Hardware subcontractor in India, Pune  Strategic partner in China, Shanghai  Liaison office in JP.  R&D projects:  EVOLVE: evolutionary/incremental certification/verification  OPENCOSS: certification framework automotive/railway/aerospace  D100LIVES: developing a 100yrs processing device (ARM, ATMEL, NXP, IMEC, …)  Product lines:  OpenComRTOS Designer  Safe Virtual Machine (for C)  StarFish SIL3/4 capable controllers (engineering stage)  GoedelWorks systems engineering platform in beta 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 3
  • 4.
  • 5. To provide the embedded market with development environments and with embedded hardware for generating applications where high-reliability and trustworthiness are “built-in” into the design as part of the development process. Trustworthy = Safety => dependability / physical quality Security => freedom from malicious faults/ data theft Usability => intuitive and pleasant to use /emotional Privacy => your data is your own Trustworthy = higher added value Application domains: Ultra low power embedded devices Distributed sensing and control Many/multicore devices Parallel supercomputing Fault tolerant/ safety critical systems 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 5
  • 6. Growing need for trustworthy technology: Electronics + SW replacing mechanical parts Being “embedded” everywhere: part of our life Initially mainly driven by safety: Lives at stake High economic cost “drive by wire” (e.g. Flanders Drive ASIL project) Increasingly shifting to notion of TRUST Essential question: how to develop trustworthy products in a cost-efficient way? 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 6
  • 7. Support the whole engineering process in a unified way from early requirements capturing till the final application giving a “push button high reliability” experience at a reduced life cycle cost Apply formalisation to tackle complexity Apply Formal Methods to prove correctness => GoedelWorks integrated development portal Maximising the commercial potential by applying its own methodology and tools for the developing of trustworthy controllers in volume. => OpenComRTOS: trusted runtime layer => StarFish: Altreonic’s customizable controllers 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 7
  • 8.
  • 9. Formalisation to deeply understand the problem domain to find better, leaner and cleaner solutions to find better architectures to improve reuse to get it right the first time Our methods: Unified semantics Speak the same language from early requirements capturing till final product / system is put to use Interacting Entities A common, yet very scalable and modular architectural model 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 9
  • 10. Base cost Cost of change Base cost Cost of change 300 300 Traditional Formalised Bottom-up Process Engineering Process 250 250 First time right Testing will only 200 200 demonstrate absence of = Less residual errors certain errors. = Higher reliability 150 150 Formal verification can = Less costs prove absence of any 100 100 errors. 50 50 0 0 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 10
  • 11. GoedelWorks © Test harness Formalised requirements & OpenVE © specifications capturing Formalized modelling Project repository Simulation Code generation Modeling User Applications OpenComRTOS © Formally developed Meta-models Runtime support for concurrency and communication OpenTracer © Unifying Visual Tracing Repository System Debugger © System Level Debugger SafeVirtualMachine Unified Semantics © StarFish Controller Virtual Machine for C © Control & processing platform Unified architectural paradigm: Interacting Entities SIL enabled with support for fault tolerance 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 11
  • 12. Phase1 Phase2 Phase3 Phase4 Cost : + ++ ++ ++ +++ +++++ +++++++ ++++++ ++++++++++ of issues System System System System Requirements Specifications System Development Integration Validation Maintenance Capturing Capturing Architecting FMEA Safety FTEA Specs Packaging Specs Hardware Specs System and Software Software System System System System Software System Safety Architectural Implementation Validation Maintenance Requirements Architecture Specs Integration Specifications Design Verification Analysis and Test System System System Domain Specific Domain Specific Domain Specific System System System Requirements Specifications Architecture Specifications Architectural Beta Released Released Updates (Normal Case) Design release Design Code Source Code Test Cases & Distribution Test Cases Test Test results System Fault Cases procedures Test Results Validation Fault Cases Results User manual ASIL process flow identified 2800 process requirements! 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 12
  • 13. Is an integrated set of tools, facilitating the development of high-reliability and safety critical products and systems. Integration is key in achieving reliability and trustworthiness OpenComRTOS Designer suite of tools: OpenComRTOS: unique network-centric formally developed Real Time Operating System, 5 KB(!), unique heterogeneous support – write code once, run anywhere – scalable. Open VE, a visual programming and development environment for developing and simulating real-time embedded applications OpenCookbook is a web-hosted environment supporting the systems engineering process flow (proof of concept) Tools: OpenTracer, OpenSystemInspector, Safe Virtual Machine Being integrated in GoedelWorks SaaS portal OpenComRTOS was one of the three nominees for the: StarFish Scalable, customizable, fault-tolerance capable controllers supported by OpenComRTOS suite 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 13
  • 14. MARKET Segment Enabler Challenges Ultra low power - hearing aids OCR small code Hardware driven market, - building control OCR low overhead role of SW not well - sensors understood Distributed - smart machines OCR network Inertia from legacy control - robotic machines heterogeneous solutions - sensing networks support Fault - process control OCR formal dev Inertia from legacy tolerant - infrastructure OCR triplication solutions systems - e-vehicles GoedelWorks StarFish - medical Multicore/manycore - handheld devices OCR easy to support Hardware driven devices - set-up boxes Parallel computing - scientific computing Intel SCC Niche - image processing • Embedded Systems and Control (src EU): • Market Size : ~ €188 000 mio with av. growth of 8% until 2020 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 14
  • 15. Covering full value-chain from requirement to hardware to maximise added value and certifiability MODEL(S)21 METHODOLOGY11 REQUIREMENT21 SPECIFICATIONS21 Architectural Architectural Simulation Simulation CheckPoints11 Normal case Formal Formal Functional Standards Statements Test case Implementation Implementation Non-Functional Guidelines Failure case Questions Hints Entity11 Design Views21 Methodology Answers Method11 Org Specific Domain Specific Misc SubSystem Procedure Interaction Tool Function WorkPackage11 Role Interface GoedelWorks DEVLPMNT TASK11 Process Views21 Issues11 Install Result41 Validation TASK21 Result61 PreConditions31 Write-Up PreConditions51 USE CASES ChangeRequest21 Spec Approved WP completed RELEASE1 PreConditions41 Verification TASK11 PreConditions61 Result51 Test TASK11 Valid Approv Test Approv Work Approved Spec Approved Result71 Dev Task Approv Verif Task Approv OpenCookbook Systems Grammar 10.11.2009 OpenVE OpenComRTOS suite StarFish Safe Virtual Machine OpenTracer 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 15
  • 16. Formalised systems engineering portal for project support Awareness of safety engineering standards IEC 61508, IEC 62061, ISO DIS 26262, ISO 13849, ISO DIS 25119 and ISO 15998 Organisation specific Supports all process activities with full traceability Based on previous OpenCookBook experience SaaS: no license, but time based Additional licenses: Encryption of data Local hosting (via Open Technology License) 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 16
  • 17. GoedelWorks’ architecture is competitive advantage: Metamodels allow fast customisation System is “compiled” from specifications Allows semi-automatic certification User is guided through complexity of systems engineering process, and project becomes a lot easier to manage and to certify Project portal = up-to-date database Plug-ins an API for third party tools and technology Imports Flanders’ Drive ASIL methodology e.a. 2 years of dissecting standards => 3800 requirements, 100 Work Products 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 17
  • 18.
  • 19. 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 19
  • 20.
  • 21. 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 21
  • 22. Formalised but straightforward approach Full integration of tools from requirements to final applications is unique OpenComRTOS is a unique programming system, a unique network-centric RTOS, quasi-universal Formally developed and verified Scalable yet very small: typically 2 to 5 kiB/node Real-time communication support Heterogeneous target support OpenComRTOS nominated embedded award Capable of fault-tolerance (at affordable cost) 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 22
  • 23. Formalised systems engineering portal for project support Formalised but straightforward approach Full integration of tools from requirements to final applications is unique OpenComRTOS is a unique programming system, a unique network-centric RTOS, quasi-universal Formally developed and verified Scalable yet very small: typically 2 to 5 kiB/node Real-time communication support Heterogeneous target support OpenComRTOS nominated embedded award Capable of fault-tolerance (at affordable cost) 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 23
  • 24. Result of formal modeling (TLA+) Events, semaphores, FIFOs, Ports, resources, mailbox, memory pools, etc. are all variants of a generic HUB A HUB has 4 functional parts: Synchronisation point between Tasks Stores task’s waiting state if needed Predicate function: defines synchronisation conditions and lifts waiting state of tasks Synchronisation function: functional behavior after synchronisation: can be anything, including passing data All HUBs operate system-wide, but transparently: Virtual Single Processor programming model Possibility to create application specific hubs & services! => a new concurrent programming model 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 24
  • 25. The generic hub as metamodel Data needs to be buffered Buffer List CeilingPriority Prioity Inheritance For resources Owner Task For semaphores Count Predicate Action Synchronisation Synchronising Predicate Synchronisation W W L L Waiting Lists T T Threshold T Generic Hub (N-N) Similar to Guarded Actions or a pragmatic superset of CSP 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 25
  • 26. 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 26
  • 27. • Up to 10x smaller than traditional design (thanks to formal development) • Less power, less memory, easier to verify, scalable ... CPU Type Codesize ARM-Cortex-M3 2.5 – 4.0kB XMOS-XS1 5.0 – 7.5kB PowerPC e600 7.1 – 9.8kB TI-C66x (DSP) 5.1 – 7.7kB Code size figures (in Bytes) obtained for our different ports, -Os Dormant ports: MLX16 (2K), Xilinx MB (5K), Leon3(5K), CoolFlux DSP(2K) 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 27
  • 28. Ultra low power: CoolFlux DSP core (24bit, Harvard) Code size full kernel: 2000w PM + 750w data Interrupt latency: IRQ to ISR: < 112 cycles IRQ to task: < 877 cycles Multicore capable Single chip multicore Intel SCC 48core “super computer on chip + NoC switch” (in development) Heterogeneous networked targets: Win32+Linux+ARM+MicroBlaze+XMOS+LEON3+ … demo programmed as single target 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 28
  • 29. Ultra low power: SoC, 2K instructions on CoolFlux DSP of NXP E.g. hearing aids Sensor and actuator networks Small code size Power saving modes, wake up by interrupt System wide routing Distributed control Network support is built in Easy to integrate redundancy Easy to distribute control and I/O No more binding glue, no more middleware layers Parallel “supercomputing” Parallel heterogeneous DSP networks PPC and TI C66XX DSP multicore, multi-chip, multi-board, … 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 29
  • 30. Goal: CPU independent programming Low memory needs (embedded!) Mobile, dynamic code => “embedded apps” Allows to reuse legacy binary code on any processor Results: Selected ARM Thumb1 instruction set of VM target Compactness Widely used CPU < 3 Kbytes of code for VM Executes binary compiled code Capable of native execution on ARM targets VM enhanced with safety support (option): Memory violations Stack violations Numerical exceptions 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 30
  • 31. Network infrastructure 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 31
  • 32. GoedelWorks Structured team work over the internet MODEL(S)21 METHODOLOGY11 REQUIREMENT21 SPECIFICATIONS21 Architectural Architectural Simulation Simulation CheckPoints11 Normal case Formal Formal Functional Standards Statements Test case Implementation Implementation Non-Functional Guidelines Failure case Questions Hints Entity11 Design Views21 Answers Method11 Org Specific Domain Specific Misc SubSystem Procedure Interaction Tool Function WorkPackage11 Role Interface Process Views21 DEVLPMNT TASK11 Issues11 Install Result41 Validation TASK21 Result61 PreConditions31 Write-Up PreConditions51 USE CASES ChangeRequest21 Spec Approved WP completed RELEASE1 PreConditions41 Verification TASK11 PreConditions61 Result51 Test TASK11 Valid Approv Test Approv Work Approved Spec Approved Result71 Dev Task Approv Verif Task Approv OpenCookbook Systems Grammar 10.11.2009 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 32
  • 33. Phase Detector Low Pass Filter Voltage Control Oscillator sin(α) speed + K1 1/s 1/s angle - cos(α) K2 sin(α) cos(α) (third party tools) Simulating the algorithm in a PC doesn’t cost much, but allows to find the issues early on 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 33
  • 34. After simulation and model checking, select the application architecture and OpenVE start development 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 34
  • 35. • Networked control modules do the real work. • Added value from high reliability and high performance algorithms • Fault tolerance is a configuration option Altreonic Inside 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 35
  • 36. OpenVE: How are processors connected ? 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 36
  • 37. OpenVE How is the application structured ? 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 37
  • 38. The more code is generated, the less programmingerror s are made OpenVE 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 38
  • 39. Verification and testing is needed to confirm the work was well done OpenTracer 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 39
  • 40. From idea to prototype in a seamlessly integrated and controlled process 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 40
  • 41. 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 41
  • 42. OpenComRTOS supports heterogeneous networked and many-core processor systems: Remapping tasks or RTOS entities requires no source code changes Timings will differ but logic application remains Meta-models hide complexity for user 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 42
  • 43. Key characteristics : Scalable performance High Reliability (SIL3) Fault Tolerance (SIL4) Target market : Robotics, Automotive, Transport, Aerospace, Machine Control. Altreonic powered (Status: engineering systems Q4) OpenComRTOS designer suite 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 43
  • 44. Key characteristics Allows full access Fully closed enclosure (IP64 or higher) Power consumption rated at 7.5 W when using all quadrants @ > 3200 Mips Application specific mezzanines Production version will be compact and stacked or use one quadrant as unit 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 44
  • 45. Key characteristics : High Reliability (SIL3) → Fault Tolerance (SIL4) All-in: Traction Braking Anti-slip Stability control Active suspension Exploits transparent distributed operation of OpenComRTOS Own controllers and e-motor in development Software and Hardware redundancy enables fault-tolerant controllers in 1-, 2-, 3-, 4-, n-wheel platforms => StarFish was designed with such topology in mind 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 45
  • 46. Central control moves towards distributed control • Robot has 42 “feet” = 42 controllers + central • Original design: 7000 euro hardware • Our proposal: < 1000 euro + connection to PC and operator console 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 46
  • 47. Innovative no-risk open licensing scheme as well as binary and source code licenses. No runtime royalties. Binary (only free targets like Win32) Single seat/single site Source code + Kernel source code and build system Open Technology license Formal models, design doc, all source code, test suites, porting guide, … of RTOS + code gens + GUI tools Right to generate extra binary licenses Small royalty For all Software and all Hardware products Maintenance/support: 20%/yr/license 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 47
  • 48. We need hardware that executes (software) specifications Full system engineering flow support Enables high-reliability/safety OpenComRTOS project has proven that a universal concurrent programming paradigm works: Very small code size, yet very scalable Heterogeneous for CPU and communication media Greatly due to formal(ised) development www.altreonic.com Eric.Verhulst @ altreonic.com 26-May-11 Altreonic NV – From Deep Space to Deep Sea - 48