mdh.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Using Sensitivity Analysis to Facilitate The Maintenance of Safety Cases
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems. (Software Engineering)ORCID iD: 0000-0002-9347-1949
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.ORCID iD: 0000-0003-2415-8219
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.ORCID iD: 0000-0001-5269-3900
2015 (English)In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) / [ed] Juan Antonio de la Puente, Tullio Vardanega, 2015, Vol. 9111, p. 162-176Conference paper, Published paper (Refereed)
Abstract [en]

A safety case contains safety arguments together with supporting evidence that together should demonstrate that a system is acceptably safe. System changes pose a challenge to the soundness and cogency of the safety case argument. Maintaining safety arguments is a painstaking process because it requires performing a change impact analysis through interdependent elements. Changes are often performed years after the deployment of a system making it harder for safety case developers to know which parts of the argument are affected. Contracts have been proposed as a means for helping to manage changes. There has been significant work that discusses how to represent and to use them but there has been little on how to derive them. In this paper, we propose a sensitivity analysis approach to derive contracts from Fault Tree Analyses and use them to trace changes in the safety argument, thus facilitating easier maintenance of the safety argument. 

Place, publisher, year, edition, pages
2015. Vol. 9111, p. 162-176
Series
Lecture Notes in Computer Science, ISSN 0302-9743
National Category
Electrical Engineering, Electronic Engineering, Information Engineering Computer Systems
Identifiers
URN: urn:nbn:se:mdh:diva-29130DOI: 10.1007/978-3-319-19584-1_11Scopus ID: 2-s2.0-84947983647ISBN: 978-3-319-19583-4 (print)OAI: oai:DiVA.org:mdh-29130DiVA, id: diva2:856717
Conference
20th Ada-Europe International Conference on Reliable Software Technologies, Madrid Spain, June 22-26, 2015.
Available from: 2015-09-25 Created: 2015-09-25 Last updated: 2018-11-02Bibliographically approved
In thesis
1. Enhancing the Maintainability of Safety Cases Using Safety Contracts
Open this publication in new window or tab >>Enhancing the Maintainability of Safety Cases Using Safety Contracts
2015 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

Safety critical systems are those systems whose failure could result in loss of life, significant property damage, or damage to the environment. These systems require high quality and dependability levels in them, where system safety is a major property that should be adequately assured to avoid any severe outcomes. Many safety critical systems in different domains (e.g., avionics, railway, automotive, etc.) are subject to a certification. The certification process is based on an evaluation of whether the associated hazards to a system are mitigated to an acceptable level. Safety cases are often required to demonstrate how a regulatory body can reasonably conclude that a system is acceptably safe from the evidence available. The development of safety cases has become common practice in many safety critical system domains. However, safety cases are costly since they need significant amount of time and efforts to produce. This cost can be dramatically increased (even for already certified systems) due to system changes as they require maintaining the safety case before it can be submitted for certification. Anticipating potential changes is useful since it reveals traceable consequences that will eventually reduce the maintenance efforts. However, considering a complete list of anticipated changes is difficult. What can be easier though is to determine the flexibility of system components to changes.

Sensitivity analysis has been proposed as a useful tool to measure the flexibility of the different system properties to changes. Furthermore, the concept of contracts have been proposed as a means for facilitating the change management process due to their ability to record the dependencies among system's components. In this thesis, we use sensitivity analysis to support changes prediction and prioritisation. We also use safety contracts to record the information of changes that will ultimately advise the engineers what to consider and check when changes actually happen.

Place, publisher, year, edition, pages
Västerås: Mälardalen University, 2015
Series
Mälardalen University Press Licentiate Theses, ISSN 1651-9256 ; 220
National Category
Software Engineering
Research subject
Computer Science
Identifiers
urn:nbn:se:mdh:diva-29133 (URN)978-91-7485-238-7 (ISBN)
Presentation
2015-11-13, Mälardalens högskola, Delta, Västerås, 13:15 (English)
Opponent
Supervisors
Available from: 2015-10-07 Created: 2015-09-25 Last updated: 2018-01-11Bibliographically approved
2. Contracts-Based Maintenance of Safety Cases
Open this publication in new window or tab >>Contracts-Based Maintenance of Safety Cases
2018 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

Safety critical systems are those systems whose failure could result in loss of life, significant property damage, or damage to the environment. System safety is a major property that shall be adequately assured to avoid any severe outcomes in safety critical systems. Safety assurance should provide justified confidence that all potential risks due to system failures are either eliminated or acceptably mitigated. System developers in many domains (e.g., automotive, avionics, railways) should provide convincing arguments regarding the safe performance of their systems to a national or international regulatory authority and obtain approvals before putting the system into service.  Building 'Safety cases' is a proven technique to argue about and communicate systems' safety and it has become a common practice in many safety critical system domains. System developers use safety cases to articulate claims about how systems meet their safety requirements and objectives, collect and document items of evidence, and construct a safety argument to show how the available items of evidence support the claims.

Safety critical systems are evolutionary and constantly subject to preventive, perfective, corrective or adaptive changes during both the development and operational phases. Changes to any part of those systems can undermine the confidence in safety since changes can refute articulated claims about safety or challenge the supporting evidence on which this confidence relies. Hence, safety cases need to be built as living documents that should always be maintained to justify the safety status of the associated system and evolve as these systems evolve. However, building safety cases are costly since they require a significant amount of time and efforts to define the safety objectives, generate the required evidence and conclude the underlying logic behind the safety case arguments. Safety cases document highly dependent elements such as safety goals, assumptions and evidence. Seemingly minor changes may have a major impact. Changes to a system or its environment can necessitate a costly and painstaking impact analysis for systems and their safety cases. In addition, changes may require system developers to generate completely new items of evidence by repeating the verification activities. Therefore, changes can exacerbate the cost of producing and maintaining safety cases.  

Safety contracts have been proposed as a means for helping to manage changes. There have been works that discuss the usefulness of contracts for reusability and maintainability. However, there has been little attention on how to derive them and how exactly they can be utilised for system or safety case maintenance.

The main goal of this thesis is to support the change impact analysis as a key factor to enhance the maintainability of safety cases. We focus on utilising safety contracts to achieve this goal. To address this, we study how safety contracts can support essential factors for any useful change management process, such as (1) identifying the impacted  elements  and  those  that  are  not  impacted, (2) minimising the number of impacted  safety  case  elements, and (3) reducing the  work  needed  to  make  the  impacted  safety  case  elements valid again. The preliminary finding of our study reveals that using safety contracts can be promising to develop techniques and processes to facilitate safety case maintenance. The absence of safety case maintenance guidelines from safety standards and the lack of systematic and methodical maintenance techniques have motivated the work of this thesis. Our work is presented through a set of developed and assessed techniques, where these techniques utilise safety contracts to achieve the overall goal by various contributions. We begin by a framework for evaluation of the impact of change on safety critical systems and safety cases. Through this, we identify and highlight the most sensitive system components to a particular change. We propose new ways to associate system design elements with safety case arguments to enable traceability. How to identify and reduce the propagation of change impact is addressed subsequently.  Our research also uses safety contracts to enable through-life safety assurance by monitoring and detecting any potential mismatch between the design safety assumptions and the actual behaviour of the system during its operational phase. More specifically, we use safety contracts to capture thresholds of selected safety requirements and compare them with the runtime related data (i.e., operational data) to continuously assess and evolve the safety arguments.

In summary, our proposed techniques pave the way for cost-effective maintenance of safety cases upon preventive, perfective, corrective or adaptive changes in safety critical systems thus helping better decision support for change impact analysis.

Place, publisher, year, edition, pages
Västerås: Mälardalen University, 2018
Series
Mälardalen University Press Dissertations, ISSN 1651-4238 ; 280
National Category
Computer Systems
Research subject
Computer Science
Identifiers
urn:nbn:se:mdh:diva-41281 (URN)978-91-7485-417-6 (ISBN)
Public defence
2018-12-03, Kappa, Mälardalens högskola, Västerås, 09:30 (English)
Opponent
Supervisors
Projects
SafeCOP - Safe Cooperating Cyber-Physical Systems using Wireless Communication
Funder
EU, Horizon 2020, 692529 Vinnova
Available from: 2018-11-02 Created: 2018-11-02 Last updated: 2019-04-16Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records BETA

Jaradat, OmarBate, IainPunnekkat, Sasikumar

Search in DiVA

By author/editor
Jaradat, OmarBate, IainPunnekkat, Sasikumar
By organisation
Embedded Systems
Electrical Engineering, Electronic Engineering, Information EngineeringComputer Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 25 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf