Managing Assurance Cases in Model Based Software Systems
2017 IEEE/ACM 39th International Conference on Software Engineering Companion (ICSE-C)
Software has emerged as a significant part of many domains, including financial service platforms, social networks, medical devices and vehicle control. In critical domains, standards organizations have responded to this by creating regulations to address issues such as safety, security and privacy. In this context, compliance of software with standards has emerged as a key issue. For companies, compliance is a complex and costly goal to achieve and is often accomplished by producing socalled
... surance cases, which demonstrate that the system indeed satisfies the property imposed by a standard (e.g., safety, security, privacy) by linking evidence to support claims made about the system. However, as systems undergo evolution for a variety of reasons, including fixing bugs, adding functionality or improving system quality, maintaining assurance cases multiplies the effort. Increasingly, models and model-driven engineering are being used as a means to facilitate communication and collaboration between the stakeholders in the compliance value chain and, further, to introduce automation into regulatory compliance tasks. A complexity problem also exists with the proliferation of software models in model-based software development, and the field of Model Management has emerged to address this challenge. Model Management focuses on a high-level view in which entire models and their relationships (i.e., mappings between models) can be manipulated using specialized operators to achieve useful outcomes. In this thesis, we exploit this connection between model driven engineering and regulatory compliance, and explore how to use Model Management techniques to address software compliance management issues, focusing on assurance case change impact assessment, evolution and reuse. We support the presented approach with tooling and a case study. Although the main contributions of this thesis are not domain specific, for validation, we ground our approaches in the automotive domain and the ISO 26262 standard for functional safety of road vehicles. iv Every PhD needs a supervisor, and I have been fortunate to have two. First is Dr. Tom Maibaum, who was supportive of the idea that I start a PhD part-time while working as a Research Engineer on the NECSIS project with him. Over the years, Tom and I shared many car rides and travelled on many occasions together.