António Casimiro

An Architecture Pattern Enabling Safety at Lower Cost and with Higher Performance

Rolf Johansson, Jörg Kaiser, António Casimiro, Renato Librino, Kenneth Östberg, José Rufino and Pedro Costa

Workshop on Embedded Real-Time Software and Systems, Toulouse, France, February 2014


In both avionic and automotive systems, it might become very costly and/or restricting the functional performance, to prove functions safe in all operational conditions and for 100% of the mission time. This is especially true if the quality of sensor data and of communication data may vary very much. One way to solve this trade-off paradox is to leave part of the safety assessment from design-time to run-time. This paper proposes a general architectural pattern for this, and also how to instantiate this pattern in Integrated Modular Avionics (IMA) for the avionic domain, and in AUTOSAR for the automotive domain. The solutions imply some extensions of ARINC 653 and of AUTOSAR respectively, but they are not in conflict with the existing concepts. The proposed solutions are also fully in-line what is prescribed by the standards for functional safety of the two domains.


  author       = {Johansson, Rolf and Kaiser, J\"[o}rg and Casimiro, Ant\'{o}nio and Librino, Renato and \"{O}stberg, Kenneth and Rufino, Jos\'{e} and Costa, Pedro},
  title        = {An Architecture Pattern Enabling Safety at Lower Cost and with Higher Performance},
  booktitle    = {Workshop on Embedded Real-Time Software and Systems (ERTS2},
  year         = {2014},
  month        = [Feb},
  address      = {Toulouse, France},
  url          = {}
  abstractURL  = {},
  documentURL  = {},
  keywords     = {Safety Integrity, IMA, AUTOSAR},


Download paper