Examples of the successful outcomes of our research, development and training partnerships:

A major automobile manufacturer implemented McSCert's improvements to their software development methodologies

Objective A large automotive OEM engaged McSCert to help improve their existing software practices.
Approach As part of this larger project, one of our graduate students developed a method to systematically simplify mode-switching logic in Matlab's Stateflow Truth Table blocks through the use of tabular expressions.
Result The new methodology has been incorporated into the industrial partner's production code. At the request of the industrial partner, the graduate student is now applying her method to additional models.
Benefit Compared to the original design, the new design is more understandable, easier to test and easier to trace back to requirements.

McSCert developed automated verification techniques for use in the refurbishment of the shutdown systems for a nuclear power plant

Objective To develop a method for the formal verification of function blocks used to program Programmable Logic Controllers frequently employed in safety-critical instrumentation and control systems.
Approach McSCert assigned a top PhD student, Linna Pang, to work closely with the power plant and technology consultants, Systemware Innovation Corporation (SWI).
Result Pang developed automated theorem-proving techniques and tools to prove the function block designs developed by the power plant's engineers correctly implement software requirements. McSCert's tools and techniques met regulatory requirements and were applied by SWI as part of the validation and verification process for the new PLC-based shutdown systems.
Benefit The time needed for formal verification was significantly reduced over manual methods previously used. The methods applied by the power plant and SWI engineers were extended to the verification of real-time subsystems. The collaboration provided SWI with the expertise that will make them leaders in an area that is likely to become the standard way of demonstrating dependability of third party software used in safety-critical systems. SWI hired Pang after she graduated.

McSCert works with regulators at a very high level on the challenges of software regulation and certification

Objective Provide technical advice to regulatory and certification bodies striving to develop new guidance to ensure safety-critical software-intensive systems are properly developed and certified.
Approach With extensive experience in software certification, McSCert exploits its cross-industry expertise when advising agencies including the US Food and Drug Administration (FDA), the US Nuclear Regulatory Commission (NRC), the US National Institute of Standards and Technology (NIST) and the Canadian Nuclear Safety Commission.
Result McSCert recommended the use of Assurance Case Templates to drive development and then to be used for certification. Our recommended approaches incorporate rigorous mathematical reasoning for analyzing the system requirements using tabular expressions and formal methods to ensure consistency.
Benefit McSCert’s proposed techniques and methods help industry, regulatory and certification bodies reduce the failures rate of regulated products and processes. Improved and clearer regulatory requirements will result in higher quality products and processes, a reduction in the time to develop higher quality products and processes, as well as a reduction in the time to achieve regulatory approval.

McSCert provided an industrial partner with customized training in the development and certification of safety-critical software-intensive systems

Objective Provide advanced training for an industrial partner's staff working on the refurbishment of the shutdown systems for a nuclear power plant.
Approach Informed by our previous collaborative work with the partner and extensive experience in software-based nuclear shutdown systems, we designed and delivered relevant training modules.
Result Covering the development and verification of safety critical systems, our training modules represented a formal transfer of Project-developed expertise. The developers and engineers that attended our training sessions are now working on the refurbishment of the nuclear power plant's shutdown systems.
Benefit The McSCert training modules have been used to transfer expertise to further developers and engineers in the nuclear industry and other safety-critical domains. For example, we provided half-day on-site seminar at CANDU on formal verification of function blocks as well as integrated testing and fault injection strategies for FPGAs.