EN 
DE MicroConsult offers services related to the topics that are discussed at ESE Kongress: Training, seminars, and coaching. to.
Benefit from the experience of our embedded software engineering specialists and get in touch with us. We'd be happy to advise you.
MicroConsult training & coaching topics
ESE Congress 2017 Contributions, Part 2 – Topics:
- Multicore
- Open Source
- Requirements
- Safety and Security
- Software engineering management
- Testing and quality
- Contributions to ESE 2017, Part 1
- Homepage ESE Contributions
Lecture series: Multicore
PLAT4MC: Multicore Performance Optimization with Open Source
Open source technologies (APP4MC) in productive usage
Syed Aoun Raza, Robert Bosch GmbH (ESE Congress 2017)
With the advent of multi-core ECUs in the automotive domain, the tooling environment to support multi-core software development has gained significance, especially tools which can provide an early indication about the architectural behavior before the existence of the code. Another important aspect in large scale automotive productive systems is the possibility of module and component-level multi-core software design and development and eventually their integration into the multi-core system. Domain specific multi-core development tool platforms which enable analysis (eg, data-consistency) and optimizations (memory management, task-to-core mapping, timing simulations and distribution) are not easily available. There are several commercial solutions on the market to support multi-core software scenarios, however they cannot be applied with off the shelf configuration options. The reason behind this limitation is specific customer scenarios in the Bosch solution domain. Another significant hurdle is the existence of huge single-core code bases, which have been successfully certified and tested according to automotive standards. Though, in Bosch we require tailored solutions for our multi-core software systems and tools anyone can benefit from our AMALTHEA (https://www.eclipse.org/app4mc/) based multicore tooling strategy.
Parallel programming without spinlocks
How to avoid deadlocks
Jens Harnisch, Li Lin, Albrecht Mayer, Gerhard Wirrer, Infineon Technologies AG (ESE Congress 2017)
To fully utilize the performance of modern multi-core processors, a certain degree of synchronization, for example through barriers, and resource protection, for example through spinlocks, are necessary depending on the application. This can lead to deadlocks, which are naturally undesirable, especially for safety-critical systems. An alternative programming pattern is lock-free algorithms. These must be specifically adapted for the data structures shared by multiple cores. An unbounded queue is presented, evaluated, and compared to other approaches.
OpenAMP – finally!
An open-source framework for asymmetric multiprocessing
Frank Storm, Avnet Silica (ESE Congress 2017)
Many different processor cores are standard in today's SoCs. However, how to operate these cores asynchronously, i.e., with different operating systems, and how to enable them to communicate with each other, is unfortunately not standard practice. This leads many users to implement their own solutions, which are time-consuming and require significant maintenance. This article describes OpenAMP, an open standard that aims to solve this problem.
Lecture series: Open Source
Customized Android
A dive into the depths of Android customization architecture
Martin Becker, Fraunhofer Institute for Experimental Software Engineering (IESE) (ESE Congress 2017)
The Android operating system has been used in a wide variety of embedded systems for years. It can be highly and extensively adapted to specific use cases. This is achieved through a sophisticated interplay of different mechanisms at various system levels. This configuration and customization architecture provides excellent inspiration for efficiently implementing and managing necessary customizations within one's own system landscape. Unfortunately, gaining a comprehensive overview is not always easy. This article therefore examines which types of customization are supported in Android and how they are implemented in the Android architecture.
Making the Most of What's Available
Using Jenkins and SonarQube in a scalable and certifiable verification process
Michael Baron, Emenda (ESE Congress 2017)
Three key areas of the software verification process (release management, technical debt and management reporting) often go underutilized and unvalued. With increasing numbers of free and open source tools able to improve productivity, reduce costs and provide an insight into a projects' development cycle, this article looks at what is required of a modern verification process and how to make the most of what is available.
Linux real-time – Is the kernel waking up my program too late?
Tips and tricks for setting up and running the RT kernel
Dr. Carsten Emde, Open Source Automation Development Lab (OSADL) eG (ESE Congress 2017)
Giving the Linux kernel possible real-time (RT) properties is not difficult:
• Download kernel,
• Download the RT patch,
• Install RT patch,
• Translate kernel,
• Restart your computer and
• Select RT kernel.
Checking to what extent the response behavior of the newly built kernel has actually improved is also quite simple: The program cyclictest Start the process, wait a few hours, and then assess the result.
Tux Armored
Hardware Assisted Trust and Security in Linux
Dipl.-Ing. Michael Röder, Avnet Silica Poing, Dipl.-Inf. Martin Hecht, Avnet Silica Berlin (ESE Congress 2017)
The acronym IoT (Internet of Things) is probably one of the most overstressed buzzwords that have been created in the past years. Many applications and use cases described as IoT innovations have been around for years, so it is safe to say that the innovation in IoT is mostly not in technology, but in the mere number of products implementing technologies such as cloud access or smartphone connectivity. One of the positive outcomes of such immense public interest for connected devices is that lots of people also start thinking about potential side effects, some of the most important ones being security and especially data protection. In the past, for devices such as IP cameras or garage door openers, security was an afterthought. Now that these products enter the market in large quantities and are sold even in discount supermarkets, both public and government are alerted about potential misuse and the dangers imposed by cracking attempts to these devices. Federal agencies have started to look into criteria to be met for devices transmitting personal data over open communication channels and how to ensure the integrity of such devices.
Linux Secure Boot in practice
Verified code integrity from reset to the Linux system
Dipl.-Ing. (FH) Holger Dengler, linutronix GmbH (ESE Congress 2017)
Today's embedded systems are increasingly exposed to attacks from various sources. Therefore, it is becoming ever more important that the code executed on these systems comes from trusted sources. Code integrity checks during the boot process are of central importance here, as almost all subsequent checks depend on which bootloader or Linux kernel is running on the system.
Industrial I/O under Linux
Integration of sensors and actuators with Industrial I/O in Linux
Andreas Klinger, IT-Klinger (ESE Congress 2017)
Since 2011, the Linux kernel has included the Industrial Input/Output Subsystem, or IIO for short. The rather active community around the linux-iio mailing list has since released almost 248 IIO drivers (stable v4.13, without variations or staging) into the mainline. Examples include AD and DA converters, accelerometers, and sensors for light, humidity, air pressure, temperature, and more. What are the special features of IIO drivers, and how can I use them in my project? This article addresses precisely that. To make the explanation more practical and less theoretical, a specific project has been chosen as an example, presented in a somewhat simplified form.
Lossless requirements – the most important information about ReqIF
More effective system development with the open standard
Dr. Michael Jastram, Formal Mind (ESE Congress 2017)
Product development today is under enormous pressure: increasing complexity, a growing number of suppliers, regulations, and the decades-long availability of development artifacts. The ReqIF standard addresses these challenges in two ways: firstly, standardization ensures that requirements remain readable even after decades; secondly, the standard enables integration for the seamless, traceable exchange of requirements.
Sharing a complete Linux distribution: Not as easy as you might think
A likely common case of license and copyright infringement.
Dr. Carsten Emde, Open Source Automation Development Lab (OSADL) eG (ESE Congress 2017)
A typical situation for embedded systems manufacturers: A customer wants to easily adapt the Linux kernel and root filesystem of their purchased embedded system to their needs, as well as develop the necessary additional libraries and programs. For this purpose, they order a fully installed Linux development system with a cross-toolchain from the manufacturer. For simplicity, the manufacturer installs a standard Linux distribution on a PC, adds their own additional software, and delivers everything together to the customer. They either don't consider whether this constitutes a license-compliant distribution of the included software, or they tacitly assume that the Linux distribution manufacturer is responsible for fulfilling the licensing obligations. What steps must be taken to ensure everything is above board and that no software author or copyright holder of the Linux distribution's content can accuse the manufacturer of violating their license terms?
Lecture series: Requirements
Requirements – A checklist for maturity
Requirements Engineering and Management – What can I do?
Thomas Batt, MicroConsult GmbH (ESE Congress 2017)
Capturing and managing requirements is a key to successful projects. Whether in a traditional or agile process environment, professional requirements engineering and management for embedded and real-time systems shortens your project timelines and saves on development and maintenance costs. Take on this challenge!
Specification by Example
How to keep the customer on board
Markus Unterauer, Software Quality Lab (ESE Congress 2017)
Specification by Example means specifying requirements through concrete examples. A fixed sentence structure is used, which allows for easy integration of test automation. In this way, a worthless write-only document becomes a valuable, living specification.
Traceability – often demanded, rarely efficient
Questions, opportunities and best practices for cross-domain traceability
Bernd Röser, agosense GmbH (ESE Congress 2017)
Software and systems development is virtually inconceivable today without a methodical approach – not least for reasons of product safety and quality, and the associated traceability of activities and results. Dependencies between the respective development artifacts and activities should be clearly depicted to enable rapid analysis when changes are made to these artifacts.
Lecture series: Safety and Security
Create formally correct C code faster by using SPARK.
Finally, an easy way to write secure software.
Ingo Houben, Rob Tice, AdaCore (ESE Congress 2017)
This work demonstrates how formally correct code can be generated in the C programming language through an approach that supports the necessary information for formal verification within the SPARK programming language itself. From our perspective, this is a novel approach to software development, offering numerous advantages by reducing development effort and thus saving costs. This is particularly relevant to the costs incurred when searching for errors in late development phases. The main focus of this work is to describe a possible workflow that minimizes costs through static analysis and formal methods for finding potential runtime errors in early development phases. We will limit ourselves to writing program code and will not consider topics such as safety studies and requirements engineering. We will also not provide a detailed description of how the formal methods function, as this would involve too many topics and details that are already available in published work.
Fuzzing of embedded software
Fundamentals and practical experience
Axel Wintsche, Philotech (ESE Congress 2017)
Software security is a criterion that has gained immense importance, but it is difficult to adequately define and test as a requirement. However, a test strategy like fuzzing offers a way to automatically test software robustness and thus increase security. Here we describe what fuzzing is, the hurdles involved in testing embedded software, and possible solutions.
Embedded clean code in the A-SIL series development environment
Practical experience in high-quality software development
Thomas Winz, softwareinmotion GmbH (ESE Congress 2017)
Jurassic Park [R1]: "They were worried about losing animals, and the program is designed to immediately sound the alarm if there are fewer than expected. But that's not the problem. The far bigger problem is that you have more than expected." Who hasn't experienced ill-considered, system-critical requirements?
Agility in safety projects – is that possible?
A proven agile development process for safety projects
Frank Poignée, infoteam Software AG (ESE Congress 2017)
Agile software development aims to make the development process more flexible and streamlined than traditional approaches like the V-model. Can agile methods also be used effectively in the development of safety-related systems while simultaneously meeting all the requirements of IEC 61508 for the development process?
Safety architecture for platforms with complex hardware
SIL-4 despite insecure hardware
Mehmet Özer, SYSGO AG (ESE Congress 2017)
Railway safety standards (CENELEC – EN50128, EN50129, EN50126, etc.) have introduced uniform requirements for the development of safety-related electronic systems, encompassing both software and hardware, and have replaced local standards of individual countries. While standardization leads to a unified understanding of safety and quality, which is definitely positive for safety, it also forces companies to implement a more costly development and certification process for safety systems.
Semi-automatic safety analysis and optimization
How security benefits from model-based development
Dr. Peter Munk, Dr. Arne Nordmann, Dr. Eike Thaden, Rakshith Amarnath, Markus Schweizer, Dr. Simon Burton, Robert Bosch GmbH (ESE Congress 2017)
With ever-shorter development cycles, the complexity of electrical/electronic (E/E) systems in automobiles is constantly increasing. Functional safety standards, such as ISO 26262, prescribe labor-intensive steps like fault tree analysis (FTA) and failure mode and effects analysis (FMEA). These steps are often performed manually and without systematic reuse of artifacts. We present a semi-automated safety analysis and optimization methodology. Based on established approaches such as Component Fault Trees [1], a functional or technical system model is extended with fault propagation information. From this, the FTA and FMEA for the overall system are automatically derived. Furthermore, the model can be optimized using reusable architectural patterns based on these analyses [2]. As part of a model-based development approach, the presented methodology thus increases the degree of automation and reduces development time.
Post-quantum cryptography on embedded systems
State of the art and outlook
Thomas Pöppelmann, Infineon Technologies AG (ESE Congress 2017)
Due to their computing power, quantum computers have the potential to break or weaken various currently used encryption algorithms. This particularly affects asymmetric cryptographic methods such as RSA and Elliptic Curve Cryptography (ECC), which are used by numerous internet standards like Transport Layer Security (TLS), S/MIME, PGP, and GPG. Post-quantum cryptography (PQC) offers a solution, employing methods that can be executed on classical computers but are capable of withstanding the power of quantum computers. Currently, a large number of such PQC methods exist, which differ significantly from RSA and ECC in their implementation characteristics.
Security certification in the IoT context
Efficient evaluation through component-based software design
Sergey Tverdyshev, SYSGO AG (ESE Congress 2017)
In the Internet of Things (IoT), traditional IT security is increasingly being extended to embedded components. A characteristic feature of the security requirements of many IoT systems is the increased focus on integrity and availability. This is also reflected in certification standards: The classic Common Criteria for Information Technology Security (ISO 14508) are being supplemented by domain-specific security standards, such as IEC 62443 for Industrial Control Systems, EDSA (Embedded Device Security Analysis), or J3061 in the automotive sector, which are characterized by a strong focus on "security for safety.".
Absolute security in embedded systems
A holistic approach to designing absolutely secure systems
André Schmitz, Green Hills Software (ESE Congress 2017)
Security is becoming increasingly important in today's world of networked systems. Everyone immediately understands the importance of protecting personal data, company data, and assets in general. Even with networked embedded systems, significant emphasis is now placed on securing and encrypting data transmissions and data storage. While the buildings housing the servers are highly secure, security gaps in embedded systems are all too often overlooked, making the entire system vulnerable. Therefore, a much broader approach is needed to secure embedded devices, encompassing all aspects of development, production, and maintenance. This article presents interesting examples of attacks and vulnerabilities in various systems, particularly those where a seemingly minor detail was compromised. Subsequently, a holistic approach is introduced that enables the production of absolutely secure systems. A wide range of areas are examined, including software development and system architecture, key and certificate management, and the manufacturing process. Only when all areas are considered in the vulnerability analysis can the system truly become absolutely secure.
Security tests in autopilot mode
Challenges and opportunities of automated penetration tests
Michael Eisenbarth, Markus Nebel, comlet Distributed Systems GmbH, Prof. Dr. Manuel Duque-Anton, Kaiserslautern University of Applied Sciences (ESE Congress 2017)
The increasing interconnectedness of systems and the growing number of communication-enabled products exacerbate the risk of cyberattacks. On the other hand, distributed systems increasingly require technical capabilities and interfaces for performing software updates and remote maintenance. Since manufacturers typically perform remote maintenance of their devices and machines via the internet, and possibly through third parties—for example, to carry out firmware updates or adjust settings for performance improvement—a technically implemented and established trust relationship between the companies or partners is essential. Penetration tests are typically used to demonstrate system security and secure communication.
WannaCry or WannaAct?
Effectively identify and assess attack risks during development.
Daniel Angermeier, Alexander Nieding, Jörn Eichler, Fraunhofer Institute for Applied and Integrated Security (AISEC) (ESE Congress 2017)
The increasing interconnectedness of embedded systems, often entering this situation unhardened, is well-known as the "Internet of Shitty Things." It's equally clear that designing a solution requires a proper understanding of the problem. However, anyone attempting to gain this understanding through attack risk analysis during the development of embedded systems quickly finds themselves in a seemingly endless search for potential attack vectors, both in breadth and depth, and in fruitless discussions about attack probabilities and impacts. In the following, we discuss key challenges and provide guidance for the effective identification and assessment of relevant attack risks.
Secure, high-performance, or fast-developing: What would you like?
Using static analysis for better design decisions
Christian Guss, MathWorks (ESE Congress 2017)
In the age of networking and machine autonomy (cyber-physical systems), considerable effort is required to ensure that the risk of cybersecurity attacks does not lead to dangerous situations, as hackers can gain access to security-relevant functions. System and component design and implementation often necessitate compromises and decisions, since the requirements regarding functionality, performance, and safety and security are sometimes contradictory, especially when it comes to meeting standards. We present examples and methods for how model-based design, verification, and static code analysis can be used to identify security vulnerabilities, secure applications, develop standards-compliant solutions, and still implement them quickly and efficiently.
End-to-end communication paradigms
Impact of end-to-end communication on safety and security
Karsten Schmidt, AUDI AG (ESE Congress 2017)
Many modern embedded systems are often distributed systems, which place additional demands on them regarding safety, security, and real-time performance. The current shift to Ethernet-based communication systems, in particular, necessitates a critical examination of the communication paradigms used to enable efficient communication. This publication discusses design criteria from an end-to-end perspective. It demonstrates why an end-to-end analysis of communication relationships, considering cross-cutting aspects, is crucial for sound system architecture. Using examples from the automotive sector, end-to-end properties are discussed, and the extent to which these properties significantly influence system and software architecture is examined. The necessary software abstraction is also addressed.
Criminal Energy: Fuel for Software Engineering
How to succeed in the "hacker versus industry" competition
Jürgen Belz, PROMETO GmbH (ESE Congress 2017)
What conditions must be met to meaningfully integrate security into development? Hackers always work in teams and are solution-oriented. They need expertise, equipment, and access to the system for their work. Security developers can only make access as difficult as possible. However, this requires developers to learn in detail and continuously how hackers gain access – and this means hacking themselves. This starts a race against time, because threats must be neutralized within a few days. The normal development cycle of 1-3 years no longer applies.
Architectural variants of safety-critical real-time systems
Systematically identify safe and cost-effective solutions
Dr. Ulrich Becker, Method Park, Dr. Isabella Stilkerich, Schaeffler Technologies, Dr. Ralf Münzenberger, INCHRON (ESE Congress 2017)
An increasing number of embedded systems are safety-critical, often characterized by a combination of high availability and strict real-time requirements. Safety and assistance functions in the automotive sector are a typical example of this system category. If real-time requirements are considered only late in the process, costly changes to the system, software, and hardware architecture often result. This article presents a consistent approach from safety analysis through functional architecture to technical architecture. Safety-relevant causal chains are identified, end-to-end real-time requirements are assigned, and time budgets are derived. Various technical architecture variants can be derived from the functional architecture. These architectural variants can be simulated with regard to their real-time characteristics and systematically evaluated, enabling the selection of the optimal variant in terms of both safety and cost.
Lecture series Software Engineering Management
Effort estimation: Craftsmanship or magic?
Meaningful estimates even with limited information
Andreas Stucki, Solcept AG (ESE Congress 2017)
Estimating effort is always easy when you've done something before. But what if everything is new? What if information about the project is scarce? This article presents various estimation methods, both well-known and lesser-known, along with soft factors to consider. It then demonstrates how to combine these methods for two scenarios: first, for new but reasonably well-defined projects, and then for projects that are still more like ideas.
Metrics-driven process development in the context of future connected mobility
A framework for risk assessment of vehicle functions
Christopher Kugler, Stefan Kowalewski, Chair of Computer Science 11 – Embedded Software, RWTH Aachen University; German Baca Espinoza, Ralf Maquet, Jiju Vadakkepattath, Dirk Macke, Johannes Richenhagen, FEV Europe GmbH (ESE Congress 2017)
Mobility is undergoing disruptive change: New areas such as vehicle connectivity and highly intelligent driver assistance systems place high demands on the quality of software products amidst increasing complexity. Consequently, existing development processes must be continuously improved to meet project time and budget constraints. This work defines qualitative, metric-based milestones designed to ensure a smooth transition between development phases. A framework for risk assessment of vehicle functions is proposed, which can be used to control the scope of testing in line with risk-based testing principles. Risk factors are identified that permit application in the context of connected mobility. Previously defined metrics from early development phases are incorporated into the assessment, ensuring a minimum level of objectivity. The framework is evaluated using a case study, and its operational benefits are demonstrated.
Software visualization today and tomorrow
How to gain insight into software
Prof. Dr. Rainer Koschke, University of Bremen, Axivion GmbH (ESE Congress 2017)
While a mechanical engineer can physically examine their work and see, feel, smell, and hear it, software eludes the sensory perception of its developers because it is intangible. Nevertheless, we must understand its often complex internal structure and the interaction of its components. Reading the source code becomes impossible beyond a certain point. We need a more abstract presentation of the information. Software visualization is the science of graphically representing information about software. It is far more than simply generating pixels. Interaction through filtering, searching, and querying the displayed data is an integral part. It is also closely linked to the analysis of software for data extraction. In so-called visual analytics, it helps to complement automated data analysis with the human ability to visually grasp patterns and trends at a glance.
Always keep software usability in mind
An introduction to the User-Centered Design Process
Jonas Zimmermann, Mixed Mode GmbH (ESE Congress 2017)
The UCDP (User-Centered Design Process) uses a systematic approach to acquire the necessary knowledge, condense it to the essentials, and create a product with the best possible customer benefit. The user and close collaboration with them are central to the User-Centered Design Process (UCDP). The four phases are defined by the UCDP, but the team is free to choose its own methods.
If the supply chain needs to be x-rayed
Quality assurance in the software supply chain
Dr. Ralf Huuck, Synopsys (ESE Congress 2017)
In most development projects, software isn't written from scratch but builds upon existing components. These components can come from previous projects, open-source repositories, or vendors. External sources, in particular, present challenges: How can you ensure that these third-party components meet your own quality, licensing, and security requirements? This article highlights some of the risks associated with embedding third-party components and presents the results of a global study on security vulnerabilities in open-source components. Based on this, it explains how automated software composition solutions can be used to identify and automatically prevent these vulnerabilities during the development process.
Scrum for embedded software
Good – but for different reasons than your manager believes.
Dr. Joachim Schlosser, Martin Hillbrand, Elektrobit Automotive GmbH (ESE Congress 2017)
Agile – what exactly is it? Agile development sounds effortless. And indeed, agile development helps achieve better results faster. However, it's also true that the process is more rigorous than what you're probably experiencing today. Scrum is stricter with regard to management and requires a functioning integration and testing process, especially in embedded systems.
Ready for MBSE?
A maturity model for model-based systems engineering
Dr. Maximilian Junker, Qualicen GmbH, Prof. Dr. Andreas Vogelsang, Dr. Wolfgang Böhm, Technical University of Berlin (ESE Congress 2017)
Many companies want to manage the increasing complexity of their products and the rising demands for reusability and cost-efficiency by using model-based approaches. However, implementing these approaches presents a significant challenge for the organization, one that cannot and should not be accomplished all at once. In this article, we present a maturity model specifically tailored to the phased implementation of model-based systems engineering (MBSE). The model takes into account the specific circumstances of the company.
Successful tradition meets dynamic modernity
Introduction of requirements- and model-driven development
Kai Gloth, Sartorius Lab Instruments (ESE Congress 2017)
There are countless books and guides for every aspect of product and instrument development and the associated processes. If I search for the term on Amazon... Requirements Engineering, I was confronted with well over 2,000 results. Every aspect is covered in the standard works, classics, and new publications. For every tiny detail, there are multi-page analyses, all of which—provided they are read in detail—are intended to prepare the reader for every possible situation. This is precisely what I did. When I was tasked in 2014 with initiating the development of a new device, I questioned virtually every aspect of the development process and, with the help of books, tried to work out how these individual steps and the entire development process could be improved. My plan was, in particular, to establish requirements engineering and, as far as possible, model-driven development in all areas.
Lecture series: Testing and Quality
Don't be afraid of software variations.
Reuse and inheritance of test cases
Michael Wittner, Razorcat Development (ESE Congress 2017)
The challenge of testing software variants lies in the fact that each variant must be fully tested. The following presents a method for reusing and inheriting variant tests. By defining base tests that are inherited by variant tests, redundant work can be avoided. With each application change, the tests only need to be maintained in one place.
Hardware-in-the-Loop and Software-in-the-Loop Tests for Everyone
Test First for Embedded Systems
Thomas Schütz, PROTOS Software GmbH, Toolchains for Embedded Software (ESE Congress 2017)
Most embedded systems are tested too late or inadequately. The fact is: the later errors are discovered, the more expensive the correction – costs increase exponentially as the project progresses. In the extreme case of a recall of already delivered products, this can lead to costs in the millions. Therefore, the goal must be to test much earlier – ideally during implementation.
Quality on demand
Outsourcing in agile software development processes
Dr. Hartmut Lackner, Model Engineering Solutions GmbH (ESE Congress 2017)
Outsourcing testing services delivers faster and better results than using internal resources – or so the expectation goes. In reality, this is possible, but by no means always the case. This presentation will show participants the conditions under which outsourcing testing and other quality assurance services is possible and successful in an agile environment.
Effective Power Interruption Testing
How to Fail Best
Thom Denholm, Datalight Inc. (ESE Congress 2017)
From dropped batteries to system failures, embedded designs require solid power interruption testing. Durability demands for embedded products have increased as the expected lifetime of high reliability products has grown. Faced with these conditions, developers must expand their testing toolkit. To achieve the most comprehensive reliability testing in the least amount of time, stress testing must utilize I/O at the point of power interruption.
29119 methods for testing software
Introduction of the ISO/IEC/IEEE 29119 standard series
Gudrun Neumann, SGS-TÜV Saar GmbH (ESE Congress 2017)
Verification through testing is a crucial phase in the software lifecycle. The ISO/IEC/IEEE 29119 standard series provides internationally recognized recommendations for software testing. The described processes, methods, and techniques can be applied by any developer or verification team to test software. This article provides an overview of the standard series. It then explores how these methods can be used to meet functional safety standards, such as ISO 26262, IEC 61508, and cybersecurity standards. A summary of the key aspects concludes the article.
ISO 29119 and the agile approach: Can they go together?
Problems and solutions in an agile environment
Dr. Richard Kölbl, Mixed Mode (ESE Congress 2017)
By 2015, five parts of the ISO/IEC/IEEE 29119 standard for software testing had been published. Since its inception, it has faced resistance, particularly from proponents of agile development: the standard was deemed too cumbersome, outdated, and detrimental to agile development, and testing was argued to be unnecessary. But is this really true? Are ISO 29119 and agile principles truly incompatible upon closer examination?
