Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Facilitating Reuse of Safety Case Artefacts Using Safety Contracts
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.ORCID iD: 0000-0002-7382-8437
2015 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

 Safety-critical systems usually need to comply with a domain-specific safety standard, which often require a safety case in form of an explained argument supported by evidence to show that the system is acceptably safe to operate in a given context. Developing such systems to comply with a safety standard is a time-consuming and costly process. Reuse within development of such systems is used to reduce the cost and time needed to both develop the system and the accompanying safety case. Reuse of safety-relevant components that constitute the system is not sufficient without the reuse of the accompanying safety case artefacts that include the safety argument and the supporting evidence. The difficulties with reuse of the such artefacts within safety-critical systems lie mainly in the nature of safety being a system property and the lack of support for systematic reuse of such artefacts.

In this thesis we focus on developing the notion of safety contracts that can be used to facilitate systematic reuse of safety-relevant components and their accompanying artefacts. More specifically, we explore the following issues: in which way such contracts should be specified, how they can be derived, and in which way they can be utilised for reuse of safety artefacts. First, we characterise the contracts as either “strong” or “weak” to facilitate capturing different behaviours reusable components can exhibit in different systems. Then, we present methods for deriving safety contracts from failure analyses. As the basis of the safety-critical systems development lies in the failure analyses and identifying which malfunctions eventually can lead to accidents, we deem that the basis for specifying the safety contracts lies in capturing information identified by such failure analyses within the contracts. Finally, we provide methods for generative reuse of the safety case artefacts by utilising the safety contracts. Moreover, we define a safety contracts development process as guidance for systematic reuse based on the safety contracts. We use a real-world case to demonstrate the proposed process. 

Place, publisher, year, edition, pages
Västerås: Mälardalen University , 2015.
Series
Mälardalen University Press Licentiate Theses, ISSN 1651-9256 ; 203
National Category
Engineering and Technology Other Engineering and Technologies
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:mdh:diva-27906ISBN: 978-91-7485-213-4 (print)OAI: oai:DiVA.org:mdh-27906DiVA: diva2:808643
Presentation
2015-06-11, Gamma, Mälardalens högskola, Västerås, 14:00 (English)
Opponent
Supervisors
Projects
SYNOPSIS - Safety Analysis for Predictable Software Intensive Systems
Available from: 2015-05-05 Created: 2015-04-26 Last updated: 2015-06-02Bibliographically approved
List of papers
1. Strong and Weak Contract Formalism for Third-Party Component Reuse
Open this publication in new window or tab >>Strong and Weak Contract Formalism for Third-Party Component Reuse
2013 (English)In: 2013 IEEE International Symposium on Software Reliability Engineering Workshops, ISSREW 2013, 2013, 359-364 p.Conference paper, Published paper (Refereed)
Abstract [en]

Our aim is to contribute to bridging the gap between the justified need from industry to reuse third-party components and skepticism of the safety community in integrating and reusing components developed without real knowledge of the system context. We have developed a notion of safety contract that will help to capture safety-related information for supporting the reuse of software components in and across safety-critical systems. In this paper we present our extension of the contract formalism for specifying strong and weak assumption/guarantee contracts for out-of-context reusable components. We elaborate on notion of satisfaction, including refinement, dominance and composition check. To show the usage and the expressiveness of our extended formalism, we specify strong and weak safety contracts related to a wheel braking system.

Keyword
safety contracts, strong and weak contracts, safety-critical systems, safety standards, third-party component reuse
National Category
Engineering and Technology
Identifiers
urn:nbn:se:mdh:diva-22884 (URN)10.1109/ISSREW.2013.6688921 (DOI)000330639500076 ()2-s2.0-84893309127 (Scopus ID)978-1-4799-2552-0 (ISBN)
Conference
24th IEEE International Symposium on Software Reliability Engineering Workshops, ISSREW 2013; Pasadena, CA; United States; 4 November 2013 through 7 November 2013
Projects
SYNOPSIS - Safety Analysis for Predictable Software Intensive SystemsSafeCer - Safety Certification of Software-Intensive Systems with Reusable Components
Available from: 2013-11-20 Created: 2013-11-19 Last updated: 2015-11-12Bibliographically approved
2. A Method to Generate Reusable Safety Case Fragments from Compositional Safety Analysis
Open this publication in new window or tab >>A Method to Generate Reusable Safety Case Fragments from Compositional Safety Analysis
Show others...
2014 (English)In: Software Reuse for Dynamic Systems in the Cloud and Beyond,: 14th International Conference on Software Reuse, ICSR 2015, Miami, FL, USA, January 4-6, 2015. Proceedings, Miami, Florida, United States: Springer International Publishing , 2014, 253-268 p.Conference paper, Published paper (Refereed)
Abstract [en]

Safety-critical systems usually need to be accompanied by an explained and well-founded body of evidence to show that the system is acceptably safe. While reuse within such systems covers mainly code, reusing accompanying safety artefacts is limited due to a wide range of context dependencies that need to be satisfied for safety evidence to be valid in a different context. Currently the most commonly used approaches that facilitate reuse lack support for reuse of safety artefacts. To facilitate reuse of safety artefacts we provide a method to generate reusable safety case argument-fragments that include supporting evidence related to safety analysis. The generation is performed from safety contracts that capture safety-relevant behaviour of components within assumption/guarantee pairs backed up by the supporting evidence. We illustrate our approach by applying it to an airplane wheel braking system example.

Place, publisher, year, edition, pages
Miami, Florida, United States: Springer International Publishing, 2014
Series
Lecture Notes in Computer Science, ISSN 0302-9743 ; 8919
National Category
Engineering and Technology
Identifiers
urn:nbn:se:mdh:diva-27903 (URN)10.1007/978-3-319-14130-5 (DOI)978-3-319-14129-9 (ISBN)
Conference
The 14th International Conference on Software Reuse ICSR2015, 4 Jan - 6 jan, 2015, Miami, Florida, United States
Projects
SYNOPSIS - Safety Analysis for Predictable Software Intensive SystemsSafeCer - Safety Certification of Software-Intensive Systems with Reusable Components
Available from: 2015-04-26 Created: 2015-04-26 Last updated: 2015-06-11Bibliographically approved
3. Generation of Safety Case Argument-Fragments from Safety Contracts
Open this publication in new window or tab >>Generation of Safety Case Argument-Fragments from Safety Contracts
2014 (English)In: Computer Safety, Reliability, and Security: Lecture Notes in Computer Science, Volume 8666, 2014, 170-185 p.Conference paper, Published paper (Refereed)
Abstract [en]

Certification of safety-critical systems is a costly and time-consuming activity. To reduce the cost of certification and time-to-market, composable safety certification envisions reuse of safety case argument-fragments together with safety-relevant components developed out-of-context. The argument-fragments could cover safety aspects relevant for different contexts in which the component can be used. Creating argument-fragments for such out-of-context components is also time-consuming and currently no satisfying approach exists to facilitate their automatic generation. In this work we propose (semi-)automatic generation of argument-fragments from assumption/guarantee safety contracts. We use the contracts to capture the safety claims related to the component, including supporting evidence. We provide an overview of the argument-fragment architecture and rules for automatic generation, including their application in an illustrative example. By automating generation of argument-fragments, we enable safety engineers to focus on increasing the confidence in the knowledge about the system, rather than documenting a safety case.

Series
Lecture Notes in Computer Science, ISSN 0302-9743 ; 8666
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
urn:nbn:se:mdh:diva-25188 (URN)10.1007/978-3-319-10506-2_12 (DOI)2-s2.0-84907083559 (Scopus ID)978-3-319-10505-5 (ISBN)
Conference
The 33rd International Conference on Computer Safety, Reliability and Security SafeComp 2014, 10 Sep 2014, Firenze, Italy
Projects
SYNOPSIS - Safety Analysis for Predictable Software Intensive SystemsSafeCer - Safety Certification of Software-Intensive Systems with Reusable Components
Available from: 2014-06-05 Created: 2014-06-05 Last updated: 2015-05-05Bibliographically approved
4. Deriving Safety Contracts to Support Architecture Design of Safety Critical Systems
Open this publication in new window or tab >>Deriving Safety Contracts to Support Architecture Design of Safety Critical Systems
2015 (English)In: Proceedings of IEEE International Symposium on High Assurance Systems Engineering, 2015, Vol. january, 126-133 p.Conference paper, Published paper (Refereed)
Abstract [en]

The use of contracts to enhance the maintainability of safety-critical systems has received a significant amount of research effort in recent years. However some key issues have been identified: the difficulty in dealing with the wide range of properties of systems and deriving contracts to capture those properties; and the challenge of dealing with the inevitable incompleteness of the contracts. In this paper, we explore how the derivation of contracts can be performed based on the results of failure analysis. We use the concept of safety kernels to alleviate the issues. Firstly the safety kernel means that the properties of the system that we may wish to manage can be dealt with at a more abstract level, reducing the challenges of representation and completeness of the “safety” contracts. Secondly the set of safety contracts is reduced so it is possible to reason about their satisfaction in a more rigorous manner.

National Category
Computer and Information Science
Identifiers
urn:nbn:se:mdh:diva-27904 (URN)10.1109/HASE.2015.27 (DOI)000380911000016 ()2-s2.0-84936877188 (Scopus ID)978-1-4799-8111-3 (ISBN)
Conference
6th IEEE International Symposium on High Assurance Systems Engineering, HASE 2015; Daytona Beach; United States; 8 January 2015 through 10 January 2015; Category numberE5428; Code 112813
Projects
SYNOPSIS - Safety Analysis for Predictable Software Intensive SystemsSafeCer - Safety Certification of Software-Intensive Systems with Reusable Components
Available from: 2015-04-26 Created: 2015-04-26 Last updated: 2016-10-31Bibliographically approved
5. Using Safety Contracts to Guide the Integration of Reusable Safety Elements within ISO 26262
Open this publication in new window or tab >>Using Safety Contracts to Guide the Integration of Reusable Safety Elements within ISO 26262
2015 (English)Report (Other academic)
Abstract [en]

Safety-critical systems usually need to be compliant with a domain-specific safety standard, which in turn requires an explained and well-founded body of evidence to show that the system is acceptably safe. To reduce the cost and time needed to achieve the standard compliance, reuse of safety elements is not sufficient without the reuse of the accompanying evidence. The difficulties with reuse of safety elements within safety-critical systems lie mainly in the nature of safety being a system property and the lack of support for systematic reuse of safety elements and their accompanying artefacts. While safety standards provide requirements and recommendations on what should be subject to reuse, guidelines on how to perform reuse are typically lacking. We have developed a concept of strong and weak safety contracts that can be used to facilitate systematic reuse of safety elements and their accompanying artefacts. In this report we define a safety contracts development process and provide guidelines to bridge the gap between reuse and integration of reusable safety elements in the ISO 26262 safety standard. We use a real-world case for demonstration of the process, in which a safety element is developed out-of-context and reused together with its accompanying safety artefacts within two products of a construction equipment product-line.

Place, publisher, year, edition, pages
Sweden: Mälardalen Real-Time Research Centre, Mälardalen University, 2015
Series
MRTC Reports, ISSN 1404-3041
National Category
Engineering and Technology
Identifiers
urn:nbn:se:mdh:diva-27905 (URN)MDH-MRTC-300/2015-1-SE (ISRN)
Projects
SYNOPSIS - Safety Analysis for Predictable Software Intensive Systems
Funder
Swedish Foundation for Strategic Research
Available from: 2015-04-26 Created: 2015-04-26 Last updated: 2015-06-11Bibliographically approved

Open Access in DiVA

fulltext(1293 kB)153 downloads
File information
File name FULLTEXT02.pdfFile size 1293 kBChecksum SHA-512
38ae401d8276f0d0d83a015467524b4e8989eafb4e58770fd41e74f1c1b8fe6f69cea86dc25934776040ecc692ab6b97624d376876d985b8bf306f6a665b6876
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Šljivo, Irfan
By organisation
Embedded Systems
Engineering and TechnologyOther Engineering and Technologies

Search outside of DiVA

GoogleGoogle Scholar
Total: 153 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 696 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf