Department of Computer Science

University | A to Z | Departments

• 
• » Computer Science
• » Research
• » Research Successes
• » The Dependable Computing Systems Centre (DCSC)

• Computer Science
• Undergraduate Study
• Postgraduate Study
• Research
  • About Our Research
  • Research Groups
  • Featured Research Projects
  • Research Seminars
  • Online Theses and Reports Library
• Professional Development and Training
• Tailored Courses for Industry
• Services for Business
• International Students
• About the Department
• Latest News
• Student Blogs
• People Finder
• Contact Details & Maps
• CS Staff Intranet
• CS Student Intranet
• Multimedia

Back to Research Home

Research Successes

Dependable Computing Systems Centre (DCSC)

The Dependable Computing Systems Centre (DCSC) was established in January 1991 as a multiple operating company-funded, academic research consortium, of University of York and University of Newcastle. The original funders were:

• Military Aircraft Division, now Military Air Solutions,
• BAE Dynamics, now MBDA,
• BASE who were subsumbed within Avionics, now E&IS,
• Advanced Technology Centre,
• (Airbus, who withdrew when the company was sold off).

Significant successes for DCSC include:

• DCSC developed prototype timing analysis tools that were tested on early development models of the Eurofighter/Typhoon Fuel Computer and later on the Flight Control System being developed by BAE SYSTEMS E&IS. The tool was further refined and used in development of the AJT Hawk Auto-pilot systems as well as variants of the tool being used to support timing analysis on the AJT Hawk Mission Computer in Air Systems. Research in this area continues, for example with more recent research results being applied via tools developed for Eurofighter/ Typhoon tranche 2.
  
• DCSC provided support to MBDA in development of the Butler technology, which provides an innovative solution to providing communication interfaces and task scheduling. Both hardware and software designs were developed, resulting in several patents, with national recognition by a Queens Award for Technology. The Butler chip is now used in the ASRAAM and Meteor.
  
• DCSC developed a new safety process and produced a safety argument for certification of a safety-critical display system on Typhoon.
• DCSC representatives were involved in a panel developing the Goal Structuring Notation (GSN) as a method of presenting system and software safety cases. GSN has now become the de facto standard notation for structuring safety cases, and is being used in Europe, the USA and the Far East.

Back to Top

Within the funding BAE SYSTEMS businesses, this approach has been deployed on numerous projects within MAS, including all marques of Hawk aircraft since 1996, Tornado, Typhoon, Nimrod and Harrier, as well as multiple projects within MBDA and E&IS.

The MOD-appointed Independent Safety Auditor for air projects, QinetiQ Boscombe Down, consider this approach as best practice for presenting safety cases and uses GSN to support Military Airworthiness Release.

MOD/RAF use GSN to justify the operational aircraft safety cases.

We are also aware of this approach being deployed within non-funding businesses, such as Submarines as well as being presented for consideration by Sea Systems, Land and Armaments, (both UK and US) and Lockheed Martin partners on JSF.

The techniques is used widely in the UK for Nuclear Power Plant safety cases and Rail equipment safety cased, whilst recent adopters use GSN for Site Safety Cases for sites such as Naval Dockyards and MOD weapons development establishments.

GSN is currently being considered by the US Food and Drug Administration for the presentation of drug safety cases and by the Object Management Group for the mechanism for demonstrating assurance of systems developed using the Unified Modelling Language.

As a result of the broad up-take and acceptance of GSN, standardisation activities are currently ongoing, as is additional research to extend the utility of the notation for more complex systems.

As a result of the involvement with York/DCSC, 'ad hoc' training and mentoring has been provided to the company when deploying the technique, in addition to more structure formal courses provided on the topic area.

Back to Top

Also:

• DCSC represented the interest of the company on a panel defining sub-sets of the Ada programming language that would be suitable for high integrity operations. This subset, SPARK, is widely adopted across the defence industry,for safety critical systems.
• DCSC identified a sub-set of State Charts, a requirements expression and design notation used to definesystem and software functionality, that would be suitable for use on high integrity and safety critical systems, called 'Safe Charts'. Safe Charts were used on Tornado ADV and Hawk.
• Human workload analysis techniques developed within DCSC were used to support a decision on Nimrod aircraft to reduce to two flight deck crew operations.
• Though not strictly a DCSC task, (as Submarines don't fund DCSC), but underpinning technologies and approaches developed within DCSC, such as GSN safety cases, were used by University of York to develop a technology substitution safety argument for Astute project.
• Though not strictly a DCSC task, the High Integrity Real Time Systems (HIRTS) Defence and Aerospace Partnership (DARP) programme was established at York because of the DCSC link. Deployed research from that programme included a new approach to metrics and project control which has been successfully used on Typhoon, Hawk, Nimrod and Herti, within MAS, Type 45 within Surface Fleet Solutions and is currently being rolled out to Aerosystems International.

Back to Top

Within the funding BAE SYSTEMS businesses, this approach has been deployed on numerous projects within MAS, including all marques of Hawk aircraft since 1996, Tornado, Typhoon, Nimrod and Harrier, as well as multiple projects within MBDA and E&IS.