Using dynamic adaptive systems in safety-critical domains

Abstract

The development of safety-critical Cyber-Physical Systems (CPS) is expanding due to the Internet of Things' promise to make high-integrity applications and services part of everyday life. This expansion is seen in the dependencies some connected vehicles have on cloud services that provide guidance and accident avoidance / detection features. Such systems are safety-critical since failure could result in serious injury or death. Due to the severe consequences of failure, fault-tolerance, reliability and dependability should be primary driving qualities in the design and development of these systems. However, the cost of the analysis, evaluation and certification activities needed to ensure that the possibility of failure has been sufficiently mitigated is significantly higher than the cost of developing traditional software. Our group is exploring the addition of dynamic adaptive capabilities to safety-critical systems. We postulate that dynamic adaptivity could provide several enhancements to safety-critical systems. It would allow systems to reason about the environment within which they are sited and about their internal operation enabling decision making that is context-specific and appropriately prioritized. However, the addition of adaptivity with the associated overhead of reasoning is not without drawbacks particularly when hard real-time safety-critical systems are involved. In this brief position paper, we explore some of the questions and concerns that are raised when dynamic adaptive behavior is introduced into safety-critical systems as well as ways that the Architecture Analysis & Design Language (AADL) can be used to model / analyze such systems.