A method to generate reusable safety case argument-fragments from compositional safety analysis.

To facilitate reuse of safety artefacts we provide a method to generate reusable safety case argument-fragments that include supporting evidence related to safety analysis. ... The generation is performed from safety contracts that capture safety-relevant behaviour of components within assumption/guarantee pairs backed up by the supporting evidence. ... In this section we present FLAR2SAF, a method to generate reusable safety case argument-fragments. We first provide the rationale of the approach in Section 3.1. ...

doi:10.1007/978-3-319-14130-5_18 fatcat:frtwlwvbzzejnha3scf3qepisi

Finally, we discuss how reusable cross-domain process-based arguments can be obtained. ... To ease reuse, in this paper we focus on verification tools and model a cross-domain tool qualification process line. ... To do that, we show how reusable process-based arguments can be obtained from a process line. ...

doi:10.1007/978-3-319-10557-4_28 fatcat:kjbcelw3sjcyrns4quh3dqyusq

A safety case is a contextualized structured argument constituted of process and product-based sub-arguments to show that a system is acceptably safe. ... Then, we propose a model-driven safety certification method to derive those arguments as goal structures given in Goal Structuring Notation from process models given in compliance with Software Process ... We thank Henrik Thane (Safety Integrity AB) for fruitful discussions concerning the role of assessors in safety certification. ...

doi:10.1109/issrew.2014.30 dblp:conf/issre/Gallina14 fatcat:blfpfjdsgnhndl2757cepgcqwq

To perform the generation we provide the resulting argument-fragment architecture and a set of rules to generate the argument-fragments. ... Approaches to generating safety case arguments [9, 3] usually extract the necessary information to build an argument ... Acknowledgements Thanks to Iain Bate for useful discussions and comments. ...

doi:10.1007/978-3-319-10506-2_12 fatcat:dsqcxvt3jrfwhdj4iubxz3daru

This article exemplifies the application of a pattern-based method, called SaCS (Safe Control Systems), on a case taken from the nuclear domain. ... The method is supported by a pattern language and provides guidance on the development of design concepts for safety critical systems. ... Once a hazard identification method is decided, further traversal leads to selection point (7) and Hazard Analysis. ...

doi:10.1007/978-3-642-33678-2_2 fatcat:ix7gz6wdjrb7lekotr5ykfbvju

This work summarizes applied research on such concepts and practices with a focus on the last two decades and on the state-of-the-art of patterns in safety-critical system design and assurance argumentation ... Our findings disclose a lack of research on how patterns improve system safety claims and, vice versa, on the decomposition of system safety into separated local concerns, and on the impact of security ... Furthermore, we treat safety cases, or in general, assurance cases as synonyms to assurance arguments. ...

arXiv:1902.05537v1 fatcat:26flno62afhl7kn3g27lryph5y

arguments from the MBASafe process model by using MDSafeCer, the recently introduced Model Driven Safety Certification method. ... According to EN 50129, manufacturers of rail vehicles shall justify via a safety case that their vehicles are adequately safe for their intended applications. ... MDSafeCer -MDSafeCer (Model-driven Safety Certification) [3] is a method that adopts MDE principles to enable the semi-automatic generation of composable process-based argument-fragments within safety ...

doi:10.1007/978-3-319-38980-6_1 fatcat:2gnw5shhp5hgxp3jpimtljxe2y

In this paper we present a method of safety case integration with hazard tables based on the use of parametrized argument patterns. ... We describe a hazard table metamodel, a safety argument pattern and a mechanism of pattern instantiation using a linking table which represents references to system lifecycle artefacts. ... Our goal is to develop a method to establish and maintain relationship between safety case elements and hazard analysis results through the pattern instantiation process. ...

doi:10.1007/978-3-319-45480-1_8 fatcat:gtfqgwntnfcgrm6qdnxwwkazwi

The contributions of this paper are to describe some of the challenges of using these approaches in SCS, and then argue how through appropriate safety argument patterns the challenges can be addressed. ... Developing Safety-Critical Systems (SCS) is an expensive activity largely due to the cost of testing both components and the systems produced by integrating them. ... Modular extensions to the GSN allow for composition of arguments from sets of fragments (or modules). ...

doi:10.1109/hase.2014.25 dblp:conf/hase/ConmyB14 fatcat:hwn6722tqbdh5fabhm3y2ll2fa

To address these problems, we present a tailored SPLEbased approach that combines model-driven development with advanced model composition techniques for applying and reasoning about specific safety solutions ... In addition, no support is given to the engineer to select and configure the appropriate safety solutions and to explain the safety implications of his decisions. ... The research activities were conducted in the context of ITEA2-MERgE (Multi-Concerns Interactions System Engineering, ITEA2 11011), a European collaborative project with a focus on safety and security ...

doi:10.1145/2648511.2648546 dblp:conf/splc/LanduytbHMJMJBA14 fatcat:6dh3uazr5rbg7agjgik3j4lmle

Assurance data relating to independentlyderived components must be melded together into a compelling case for overall system safety. ... Increased complexity in the design, technology and supply chains for software-intensive safety-critical systems has resulted in a growing demand for a compositional approach to safety assurance. ... One of the barriers to the composition of safety argument modules in an integrated system argument is the lack of a consistent conceptualization and terminology to describe and manage safety assurance, ...

doi:10.1109/assure.2013.6614266 dblp:conf/icse/AttwoodC13 fatcat:uk5c2ecvnjao7m4cbr6iq4i6e4

This paper presents an approach to the reuse of common structures in safety case arguments through their documentation as 'Safety Case Patterns'. ... We argue that through explicit capture and documentation of reusable safety case elements as patterns, the process of safety case construction and reuse can be made more systematic. ... Informal analysis of a number of safety cases suggests that patterns provide an appropriate level of abstraction to make safety case artefacts reusable without significantly reducing the benefit per application ...

doi:10.1007/978-1-4471-0997-6_5 dblp:conf/safecomp/KellyM97 fatcat:yvyzwaiuvvamnkh7icc63b4flq

That is, experts try to build (safety-critical) systems carefully according to well justified methods and articulate these justifications in an assurance case that is ultimately judged by a human. ... We discuss three approaches for arguing about safety and security of software under uncertainty, in the absence of fully sound and complete methods: assurance argument rigor, semantic evidence composition ... Fig. 1 . 1 Core GSN elements from [30] . Fig. 2 . 2 Example safety case in GSN (from [30] ). Fig. 3 . 3 A fragment of the Lane Management (LMS) Safety case. ...

doi:10.1007/978-3-030-16722-6_1 fatcat:4nsmyp5govgerjxnme4site34y

The approach is illustrated in a case study from the aerospace domain. ... This paper presents DEPendable-SPLE, a modelbased approach that extends traditional SPLE methods, to support variability modeling/management in dependability analysis. ... ] , which can be automatically generated from reusable product line dependability analysis information. ...

doi:10.1007/978-3-319-90421-4_1 fatcat:z3ytmluiv5gw3lvzit7bghyxcy

Moreover, we define a multi-context reusable component based on the configuration-aware contracts. Finally, we demonstrate the usefulness of the multi-context components on a motivating case. ... Since reusable components are often developed with a set of configuration parameters that need to be configured in each context, we extend the notion of contract to distinguish between the configuration ... By supporting such contracts with evidence and relating them to the safety requirements allocated to the component, they can be used to semi-automatically generate assurance case argument-fragments [10 ...

doi:10.1007/978-3-319-45480-1_4 fatcat:mizorfcjy5d2hfajkfxhfyy5ri

A Method to Generate Reusable Safety Case Fragments from Compositional Safety Analysis [chapter]

Preserved Fulltext

Enabling Cross-Domain Reuse of Tool Qualification Certification Artefacts [chapter]

Preserved Fulltext

A Model-Driven Safety Certification Method for Process Compliance

Preserved Fulltext

Generation of Safety Case Argument-Fragments from Safety Contracts [chapter]

Preserved Fulltext

A Pattern-Based Method for Safe Control Systems Exemplified within Nuclear Power Production [chapter]

Preserved Fulltext

Assurance of System Safety: A Survey of Design and Argument Patterns [article]

Preserved Fulltext

Deriving Safety Case Fragments for Assessing MBASafe's Compliance with EN 50128 [chapter]

Preserved Fulltext

Towards Safety Case Integration with Hazard Analysis for Medical Devices [chapter]

Preserved Fulltext

Assuring Safety for Component Based Software Engineering

Preserved Fulltext

Towards managing variability in the safety design of an automotive hall effect sensor

Preserved Fulltext

Nuanced term-matching to assist in compositional safety assurance

Preserved Fulltext

Safety Case Construction and Reuse Using Patterns [chapter]

Preserved Fulltext

Software Assurance in an Uncertain World [chapter]

Preserved Fulltext

Variability Management in Safety-Critical Software Product Line Engineering [chapter]

Preserved Fulltext

Configuration-Aware Contracts [chapter]

Preserved Fulltext