Chapters 5, 6, and 7 illustrate the main results of the research, namely the design patterns and the related pattern language. The chapters are organized as follows.
At the beginning of each chapter, a short introduction to the main categories and topics of the discussed patterns is provided. In addition, a short overview of the origin of the patterns is provided to ground the patterns discussed in the chapter on the timeline of the research. The patterns discussed in Chapter 5 present older work whereas the patterns discussed in Chapter 7 represent more recently documented patterns.
4.2. Presentation in the Result Chapters 31
The reason for the approach lies in the evolution of the pattern mining process that has been applied during the research. The patterns in each chapter have been mined using a slightly different mining process. The process has evolved from the initial approach described in Section 5.2 to the one described in Section 7.2. Therefore, the applied pattern mining approach is described in each result chapter.
The actual result section follows the pattern mining description. The main categories of patterns discussed in the chapter are introduced. This introduction provides the reader with an idea of the topics that the patterns consider. The category descriptions are followed by patlets of the patterns belonging to the chapter. A patlet is a short description of a pattern representing the core problem statement followed by the core solution statement.
To assist the developers of safety systems, some of the patlets are completed with references to related standards. The purpose of this is to indicate when a pattern supports, conflicts or otherwise relates to a standard or its section to give the applier an idea of the effect of a pattern in context of a standard. A related standard reference was added to the patlets of such patterns that included a suitable reference to a standard in the pattern description. The complete pattern descriptions can be found in the referenced articles or report.
The patlets are given in table format. The name of the pattern is followed by the publication where the pattern has been previously published. The rightmost column of the table provides the status of the pattern. A pattern with three or more known uses is marked with P to indicate a pattern and a pattern with less than three known uses is marked with PC to indicate a pattern candidate. In Chapter 7, more detailed status indicators are used.
Following the pattern descriptions, the patterns are sorted into the categories discussed above. The categorization considers both the topic and purpose of the patterns. Following the categorization, an illustration of the pattern language part is given to show the relations between the presented patterns. Finally, a discussion section summarizes the patterns, topics, and applied pattern mining process.
5 Control Systems, Safety Systems,
and Their Co-existence
5.1
Introduction
Architecture considers the fundamental structural and behavioural aspects of a functional safety system. The topic of architecture is centric in a sense that it relates to and affects nearly all the other aspects of the system. According to (Kruchten, 2004, p. 9-10):
architecture encompasses significant decisions about the following: • The organization of a software system
• The selection of structural elements and their interfaces by which the system is composed
• Their behaviour, as specified in the collaboration among those elements • The composition of these structural and behavioral elements into pro-
gressively larger subsystems
• The architectural style that guides this organization: these elements and their interfaces, their collaborations, and their composition
Architecture can also be considered as
the fundamental organization of a system, embodied in its components, their relationships to each other and the environment, and the principles governing its design and evolution. (IEEE 1471:2000, 2000, cited by Carnegie Mellon University, 2015)
In the context of this thesis, many of the presented patterns can be considered to relate to architecture in one way or another. Some patterns contribute to the structure, some the operation, and some all the potential aspects of architecture in terms of functional safety systems. One aspect where architectural decisions are made considering functional safety development is the design of co-operation between safety and control systems. Although safety and control systems have a similar form of operation, they have a distinct purpose. A safety system tries to retain the safe operation of a system. A control system also contributes to this, but its primary concern is to control the system to produce its output with an optimal outcome. The optimal outcome may be, for instance, the achieved production rate. In a such case, higher speeds, forces, and concentrations are typically
34 Chapter 5. Control Systems, Safety Systems, and Their Co-existence required. However, from the safety point of view, lower speeds, forces, and concentrations would be preferable as often these lead to more inherently safe design and operation. Consequently, the objectives of the safety and control systems may be conflicting. The co-operation and co-existence of safety and controls systems were one of the main categories that emerged during the research for safety system patterns. Safety and control systems both operate and affect the system under control. In addition, they both typically utilize a rather similar operation principle. The system under control is measured or observed to acquire information on the system state. The acquired information is used to execute logic considering how the system should be controlled to achieve the purpose of the controlling element (that is, the purpose of a control or safety system). Finally, the system under control is affected by a set of actuators operated by control and safety systems.