Design safe future through advanced technology

"Correctness of software functional requirements" for ensuring safety and reliability of automated systems.

The Independent Verification and Validation (IV&V) solves problems related to functional requirements of softwares before their design and development, focusing on interactions among components of the target system.

It is impossible to ensure the safety of target system if its functional requirements are incorrect, and the system is implemented based on them. Moreover, the development of systems with such wrong specifications also results in incorrect and wasteful test of the system; it is said that the repair cost in the test stage would be 100 times more than that during the design stage. It is therefore essential to verify and validate the functional reqiurements of softwares and ensure the safety/reliability of the system, which could also lead to the reduction of development cost.

We solve the following issues.

• 

  IV&V to examine the safety and reliability of a complex system.

  Aviation

  Healthcare

  Nuclear

  Railway

  Automobile

  Maritime

• 

  Safety analysis of artificial intelligence eliminating black box.

  IT

  Automation

• 

  Cost reduction by eliminating extra and wasteful tests

  IT

  Precision instrument

Independent Verification & Validation IV&V service we provide

Analysis focused on the interaction among system components.

The IV&V analysis is conducted independent of the developers. The analysis focuses on interactions among components of a target system and their behavior rather than detailed characteristic of each component. This is because the effect of interactions among those component play a significant role in the safety of the target system; the system could cause errors even if each component itself functions correctly in that case. The IV&V is considered to be effective in improving the safety and reliability of complex systems used in aviation, automobile, railway, shipping, atomic power, and medical industry, as well as in leading their missions to success.

Spacecraft and IV&V

An ultimate safety and reliability is demanded of spacecraft that conducts its mission under severe environmental conditions that cannot be reached by humans.

JAMSS performed the first IV&V in Japan together with JAXA on the spacecraft to be installed on the Japanese Experiment Module “Kibo” at the International Space Station in 1996.
Since then, we have been conducting IV&V for over 20 years on almost every rocket, satellite, and ground control system developed by JAXA, and most notably the integrate control system for “Kibo” at large used by astronauts from around the world. In this way, we have been contributing to the high mission success rate Japanese space development is proud of.

Integrated formal verification IV&V integrated formal verification

We have been developing technologies for applying IV&V to large-scale automation systems through joint research with universities and research institutions all over the world.
The “integrated formal verification” is one of the products of the activities, in which the range of verification is determined by focusing on hazard-generation factors from the "system as a whole" perspective; it is impossible to apply formal verification, which is a strict verification process, on the overall system in reality as analysis becomes too massive.

Verification process

Step 01

Understanding of issues through interview.

Step 02

IV&V strategy planning through safety analysis

Step 03

Formal model examination through formal verification

Step 04

Consultation

• STEP 01
  Understanding of issues through interview.

  In this step, we reorganize the system specifications from the perspective of “how verification progresses,” which is an important step to maintain our independence from the client. The result of this step will be the input for “integrated formal verification” in STEP 02 and beyond, where the risks to be focused on are identified through hazard-generation factor analysis, and the proof of safety is obtained thoroughly through a formal verification.

• STEP 02
  Safety Analysis

  The analysis in this step focuses on the specifications of the initial stage and investigates when the safety could be threatened from the perspective of STAMP or Resilience Engineering. The analysis result help us narrow down areas requiring verification, for which thorough formal verification will be performed to cover every theoretically possible condition.

  • Software safety analysis tool STAMP

    The Systems-Theoretic Accident Model and Processes (STAMP) method enables us to detect hazard causes by focusing on interaction among functional component of the target system, which cannot be identified with safety analysis traditional methods. The STAMP is based on the idea that the software doesn't fal like hardware; accidents could occur when interactions among functional component fail. The idea was proposed by Nancy Leveson, a professor of Massachusetts Institute of Technology (MIT), and We, JAMSS, have been conducting joint research with her; the insights obtained there are reflected on our technology.

    [Video] The first STAMP workshop in Japan. Safety analysis through resilience engineering using the Functional Resonance Analysis Method (FRAM)

  • Resilience engineering

    The Functional Resonance Analysis Method (FRAM) is a safety analysis method proposed within the framework of resilience engineering. The FRAM is also based on an idea that the interaction among system components play a significanto role in the safety. One of the most characteristic aspects of FRAM is that it provides a methodology to develop a model of target systems and investigate "why thingis go right" rather than "why things go wrong." In short, FRAM is a method to make target systems more resilient through such "success factor analysis."

    The FRAM can be applied to the safety analysis of artificial intelligence. Please see the following link for more information.

    Artificial intelligence (AI)
    safety verification service "Reliable AI"
    Patent Nr.7007529 Invention "Safety verification of black box type artificial intelligence through FRAM/SpecTRM"

• STEP 03
  Formal examination

  Our unique modeling technology makes it possible to extract information efficiently without any loss from the specifications of the initial stage by using formal modeling languages, such as SPIN, BLAST, and PAT Pro; they produce a mathematical model that can accurately reproduce the behavior of a system. We examine every operation pattern on this model to prove that the system functions as expected.

• STEP 04
  Consultation

  We propose methods to correct flaws identified in the specifications. There is generally a trade-off between the safety and performance when we try to solve the identified problems, and such confliction is often regareded as a "source of troubles." Although this is true in some aspects, such conflict can also be a great chance to obtain novel and innovative ideas. The greatest advantage of IV&V by JAMSS is to utilize them rather than avoiding or eliiminating and dialectically offer the novel and innovative ideas.