[SystemSafety] COTS display certification

[Pekka Pihlajasaari]

Peter

The technology developed by Deuta verifies the output from the control computer for spatially static elements. It is sophisticated enough to be able to provide an alarm indication on the target display.

>From a reading of their marketing material it appears to do this by comparing the expected display output against the raw variable received from a sensor independently of the controller. It specifically does not appear to solve Haim's problem of verifying geometric proximity of information within a spatially defined display, nor does it verify what is shown on the actual display.

This is impressive technology to be able to non-intrusively instrument a pixel-based rendition of a sensor value, but it does not substitute the operator burden to verify the display is actually working.

Regards
Pekka Pihlajasaari
--
pekka at data.co.za	Data Abstraction (Pty) Ltd	+27 11 484 9664

-----Original Message-----
From: systemsafety [mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de] On Behalf Of Peter Bishop
Sent: 26 July 2016 11:44
To: systemsafety at lists.techfak.uni-bielefeld.de
Subject: Re: [SystemSafety] COTS display certification

Haim

I am not sure how relevant this is, but there is some rail industry technology that verifies the display output (for specific zones) against the source data associated with that zone. See:

http://www.deuta.com/en/trust-technologies.aspx

Peter Bishop

On 26/07/2016 09:16, SPRIGGS, John J wrote:
> Hi Haim,
> I am surprised that it is necessary for the operator to be 100% sure 
> that the symbol is exactly on the correct spot on the display.  In 
> most applications there is an 'annulus of concern' around the 'true'
> position; if the displayed plot is in the hole in the middle, the 
> error is not enough to matter and, if it is outside the ring, the 
> error is so large that the operator will notice.  It is only on the 
> annulus itself that the position error is large enough to matter, but 
> small enough to be credible to an operator.
> Also, in some applications, e.g. where the operator has to maintain 
> separation between things, it is relative accuracy that matters, not 
> absolute.
> As for field data, have you consulted industrial process control 
> companies, e.g. a power station?  What displays do they use?  Do they 
> collect data from the operation using a robust process, so that 
> failure rates can be confidently predicted for the displays (in that environment)?
>  
> John
> *_http://www.linkedin.com/in/johnspriggs_*
> -----Original Message-----
> From: systemsafety
> [mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de] On Behalf 
> Of Haim Kuper
> Sent: 25 July 2016 17:05
> To: systemsafety at lists.techfak.uni-bielefeld.de
> Subject: [SystemSafety] COTS display certification
>  
> Dear System Safety List Members,
>  
> We need to develop and certify a Ground Control Station (GCS) that 
> controls an avionic platform.
> The GCS contains an In-house-developed Control Computer (CC) and a 
> COTS Display.
> Hazard's analyses of the GCS showed that we need to develop and 
> certify to DAL-B.
> Regarding the display:
> 1 - It's usually a problem to verify World-coordinates to 
> Display-coordinates conversion results-on-screen so that the operator 
> will be 100% sure that the symbol is exactly on the correct spot (on 
> the world map/screen).
> 2 - I've asked some famous companies (Acer, Samsung, HP, LG) for any 
> supporting data, such as service history (as shown in DO-178C section
> 12.3.4 "Product Service History" )  of failure data, any measured or 
> designed-to reliability figures: IMHO, I'll not get any assistance 
> from them.
> 3 - We are checking some safety design mechanisms such as
>     a. monitoring using another display
>     b. develop some hardware/software/humanware based Built In Tests, and
>     c. still looking for a creative idea to tackle this subject
>  
> Per your experience, please advise how to certify the COTS display 
> within the GCS development.
>  
> Thanks and Regards,
> Haim kuper