Architecture Trade-off Analysis and Codesign for Safety-Related Real-Time Embedded Systems

Large-scale safety-related embedded systems pose unique problems. Unlike most embedded systems, safety-related systems must be developed to meet exacting standards so that they can be verified as fit for use for the intended application. This has implications upon the whole development process used for the system. Conventionally, the process used is conservative and largely sequential, rather than the concurrent hardware and software development prescribed by a codesign process. Sequential development causes many problems, especially late in the lifecycle when it is too late or expensive to change the partitioning between hardware and software components. This paper examines some of the issues when codesign principles are incorporated within a conventional safety-related development process. A key element is the ability to perform architectural trade-off analysis throughout the lifecycle in a manner that results in evidence generated that the resultant design meets both functional and non-functional (i.e. safety) requirements.