Linking Hazard Analysis to Formal Specification and Design in B.

In these domains, regulatory agencies are entitled to conduct reviews on the entire range of artifacts produced from system design to system performance/maintenance. ... With the tool recommendations, regulators can quickly investigate these suspicious locations and avoid the occurrence of future hazardous events. ... ACKNOWLEDGMENTS Andrian Marcus was supported in part by grants from the US National Science Foundation (CCF-0845706 and CCF-1017263). ...

doi:10.1109/tefse.2013.6620149 dblp:conf/icse/ShenLM13 fatcat:flvlk32qefgjjmtqnkb7jzm55y

This paper provides a discussion of our experiences pertaining to (a) the methodology for creating and structuring safety arguments containing heterogeneous reasoning and information (b) the comprehensibility ... Our approach combines formal and non-formal reasoning, yielding a semi-automatically assembled safety case, in which part of the argument for autopilot software safety is automatically generated from formal ... We also thank Mark Sumich and Corey Ippolito for their feedback. ...

doi:10.1109/dsn.2012.6263939 dblp:conf/dsn/DenneyPH12 fatcat:gbc4fcnvzjdyhl3ezsd354cxkm

We discuss achievements and challenges in development of dependable systems within the Event-B framework. ... We outline our approaches to integrating safety analysis into the development process, modelling fault tolerant systems and probabilistic dependability evaluation. ... In our work [18] we pro-posed an approach to linking formal modelling in Event-B with safety cases. ...

arXiv:1210.7032v1 fatcat:qv43yho3tngxzid45jahjc4vaq

Other approaches deal with the formal analysis of safety issues in expert systems for conformity checks. What is still missing is the bridge between visual representation and documentation. ... The virtual reality (VR) approaches do not support storage and processing of identified hazards, furthermore 3D models have to be prepared and converted to VR formats, which does not allow "online" analysis ... While expert systems provide support at formal step-by-step hazard analysis and product certification by tracking and documenting safety issues, spatial information about hazards is at best limited to ...

doi:10.1109/pses.2011.6088248 fatcat:wxss5gdrw5gqbniqnoaang35au

The failure mode and effect analysis (FMEA), the hazard and operability analysis (HAZOP), and the fault tree analysis (FTA) techniques are generally used for safety analysis of systems and their components ... The causal relationships in the proposed method make it possible to trace the safety requirements through the safety analysis results and system artifacts. ... TRACE can be used to link all the nodes in the NuSCR requirement specification with other information like the design specification and safety analysis results. ...

doi:10.1016/j.jss.2009.08.022 fatcat:2hs2qwtuznat3e7yafkiwogrja

We confirm that its application and the system modelling in the EFM formalism are possible since the conceptual design phase. ... Thus, the hazards detection is reduced to the study of the building of energy flows and the detection of potential links between these flows and the operator. ... Fig. 5 . 5 Proposal of design parameter analysis (white) -and parameters used in the risk analysis (black). Table 1 . 1 "Generalized" efforts and currents. ...

doi:10.1016/j.procir.2015.12.052 fatcat:zrnd7yul35di3cuwfwq3zlwsni

Open Access

Special machine designers are by definition confronted by a lack of specific standards relating to a priori risk analysis. ... The work of product designers has to evolve in phase with the improvements made to technology and changes in regulations. ... (types "A" and "B"), and especially standard NF EN ISO 12100 related to general design principles. ...

doi:10.1016/j.procir.2016.05.080 fatcat:ptgb5dld6zbzzhie32dmyecocq

Open Access

These ontologies formalize necessary domain knowledge and serve as reference models to support semi-automated requirements discovery and to ease the certification process. ... The proposed methodology has been implemented in a prototype toolchain and applied to a simple lane departure warning system as an example assistance and automation system. ... In this case, a sample requirement of the system design phase would be the system design verification for compliance and completeness, which involves deductive analysis, highly recommended for ASIL B obligation ...

doi:10.1007/978-3-642-14261-1_21 dblp:conf/forms/GacnikJKF10 fatcat:wx36dxlcobhgfkhp3dvveydsz4

Finally, Intent Specification is used to document traceability of behavioral requirements and subject them to formal analysis using the SpecTRM-RL software package. ... Traditional requirements specification and hazard analysis techniques have not kept pace with the increasing complexity and constraints of modern space systems development. ... ACKNOWLEDGEMENTS The authors would like to thank Brad Burt, Karla ...

doi:10.1109/aero.2008.4526677 fatcat:stxg54ew3bg3pputu3rmfezpdq

A methodology is presented in this paper to allow for integrated safety and security analysis of cyber-physical systems, particularly in a critical infrastructure context. ... These critical requirements are then validated through their application to an Event-B formal model, allowing for their completeness to be verified. ... more top-down view on system security, and which exist in complement to more specific techniques such as formal protocol analysis which are still highly prevalent in the literature (i.e. analysis of Yubikey ...

doi:10.1504/ijccbs.2019.10020048 fatcat:u7pqtw2ugjabhec45ybgj3qtwu

and in extracting and presenting stakeholder specific information relevant for decision making. ... A safety architecture is composed from a collection of bow tie diagrams (BTDs), a practical approach to manage safety risk by linking the identified hazards to the appropriate mitigation measures. ... Design decisions We will draw from the running example in Section II-B to illustrate the main design decisions of SAs. i) We observe from Figs. 2 and 3 that the events, barriers, and controls in one BTD ...

doi:10.1109/models.2017.27 dblp:conf/models/DenneyPW17 fatcat:ysap4howhfduxa5oanvfcfncmm

The focus of latest research effort is on safety-security lifecycle integration and the expansion of modeling formalism for risk assessment to incorporate security failures. ... This paper addresses these research questions by presenting a new safety design method named Cyber Layer Of Protection Analysis (CLOPA) that extends existing LOPA framework to include failures caused by ... More specifically, we consider the Layer Of Protection Analysis (LOPA), a widely adopted risk assessment method that follows a hazard identification study, such as Hazard and Operability (HAZOP). ...

arXiv:2006.00165v3 fatcat:vz22hnbrrzhg5gy6alqijff4wu

Multiple Versions

The methodology is meant to cope with design complexity and reduce time of SA process. ... In this paper, we focus on the safety aspect and introduce a methodology and associated framework for modeldriven safety analysis (SA) of large critical systems. ... Scalability The complexity of algorithm suggested in the scope of the MSA methodology is strongly linked to the number of levels in the system hierarchy and to the scalability of the formal verification ...

doi:10.1109/syscon.2015.7116812 dblp:conf/syscon/YakymetsPL15 fatcat:vx55nxyavvhh7dexnsynwy2cbe

In this process, requirements and design specifications are written in the formal model. The formal method relies on the use of unambiguous formalisms for specifying systems. ... "3-Step" Safety Analysis As shown in Figure 3 , "3-Step" safety analysis consists of HAZOP (hazard and operability analysis), FTA (fault tree analysis) and DV (design validation). ...

doi:10.5516/net.2009.41.1.091 fatcat:voui5ghgfrgppauzt6k5ktkzea

DOAJ

In particular we present queries that consider formal artifacts, designed to help demonstrate that: 1) identified hazards are addressed in the safetyrelated requirements, and 2) the safety-related requirements ... This, in turn, can assist in building safer software systems and in demonstrating their adequate handling of hazards. ... to software requirements, and that all code is linked to established specifications and test procedures [5] . ...

doi:10.1007/978-3-642-28714-5_16 fatcat:gz75bj7ayzh25d73y5fgkaon5i

Using traceability links to identifying potentially erroneous artifacts during regulatory reviews

Preserved Fulltext

Perspectives on software safety case development for unmanned aircraft

Preserved Fulltext

Dependability-Explicit Engineering with Event-B: Overview of Recent Achievements [article]

Preserved Fulltext

Semantic annotation of product safety information

Preserved Fulltext

Means-ends and whole-part traceability analysis of safety requirements

Preserved Fulltext

Design for Safety: Proposition of a Model to Detect Hazards through Energy Flows Analysis

Preserved Fulltext

Proposition of an Approach Applicable During the Design Process of Working Equipment to Identify Potential Hazards for Workers

Preserved Fulltext

The DeSCAS Methodology and Lessons Learned on Applying Formal Reasoning to Safety Domain Knowledge [chapter]

Preserved Fulltext

Application of a Safety-Driven Design Methodology to an Outer Planet Exploration Mission

Preserved Fulltext

A methodology for assuring the safety and security of critical infrastructure based on STPA and Event-B

Preserved Fulltext

Model-Driven Development of Safety Architectures

Preserved Fulltext

Cyber LOPA: An Integrated Approach for the Design of Dependable and Secure Cyber Physical Systems [article]

Preserved Fulltext

Other Versions

Model-driven multi-level safety analysis of critical systems

Preserved Fulltext

"3+3 PROCESS" FOR SAFETY CRITICAL SOFTWARE FOR I&C SYSTEM IN NUCLEAR POWER PLANTS

Preserved Fulltext

Trace Queries for Safety Requirements in High Assurance Systems [chapter]

Preserved Fulltext