mdh.sePublikasjoner
Endre søk
Begrens søket
1 - 9 of 9
RefereraExporteraLink til resultatlisten
Permanent link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Treff pr side
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sortering
  • Standard (Relevans)
  • Forfatter A-Ø
  • Forfatter Ø-A
  • Tittel A-Ø
  • Tittel Ø-A
  • Type publikasjon A-Ø
  • Type publikasjon Ø-A
  • Eldste først
  • Nyeste først
  • Skapad (Eldste først)
  • Skapad (Nyeste først)
  • Senast uppdaterad (Eldste først)
  • Senast uppdaterad (Nyeste først)
  • Disputationsdatum (tidligste først)
  • Disputationsdatum (siste først)
  • Standard (Relevans)
  • Forfatter A-Ø
  • Forfatter Ø-A
  • Tittel A-Ø
  • Tittel Ø-A
  • Type publikasjon A-Ø
  • Type publikasjon Ø-A
  • Eldste først
  • Nyeste først
  • Skapad (Eldste først)
  • Skapad (Nyeste først)
  • Senast uppdaterad (Eldste først)
  • Senast uppdaterad (Nyeste først)
  • Disputationsdatum (tidligste først)
  • Disputationsdatum (siste først)
Merk
Maxantalet träffar du kan exportera från sökgränssnittet är 250. Vid större uttag använd dig av utsökningar.
  • 1.
    Castellanos Ardila, Julieth Patricia
    Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system.
    Facilitating Automated Compliance Checking of Processes against Safety Standards2018Konferansepaper (Fagfellevurdert)
  • 2.
    Castellanos Ardila, Julieth Patricia
    Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system.
    Facilitating Automated Compliance Checking of Processes against Safety Standards2019Licentiatavhandling, med artikler (Annet vitenskapelig)
    Abstract [en]

    A system is safety-critical if its malfunctioning could have catastrophic consequences for people, property or the environment, e.g., the failure in a car's braking system could be potentially tragic. To produce such type of systems, special procedures, and strategies, that permit their safer deployment into society, should be used. Therefore, manufacturers of safety-critical systems comply with domain-specific safety standards, which embody the public consensus of acceptably safe. Safety standards also contain a repository of expert knowledge and best practices that can, to some extent, facilitate the safety-critical system’s engineering. In some domains, the applicable safety standards establish the accepted procedures that regulate the development processes. For claiming compliance with such standards, companies should adapt their practices and provide convincing justifications regarding the processes used to produce their systems, from the initial steps of the production. In particular, the planning of the development process, in accordance with the prescribed process-related requirements specified in the standard, is an essential piece of evidence for compliance assessment. However, providing such evidence can be time-consuming and prone-to-error since it requires that process engineers check the fulfillment of hundreds of requirements based on their processes specifications. With access to suitable tool-supported methodologies, process engineers would be able to perform their job efficiently and accurately.

    Safety standards prescribe requirements in natural language by using notions that are subtly similar to the concepts used to describe laws. In particular, requirements in the standards introduce conditions that are obligatory for claiming compliance. Requirements also define tailoring rules, which are actions that permit to comply with the standard in an alternative way. Unfortunately, current approaches for software verification are not furnished with these notions, which could make their use in compliance checking difficult. However, existing tool-supported methodologies designed in the legal compliance context, which are also proved in the business domain, could be exploited for defining an adequate automated compliance checking approach that suits the conditions required in the safety-critical context.

    The goal of this Licentiate thesis is to propose a novel approach that combines: 1) process modeling capabilities for representing systems and software process specifications, 2) normative representation capabilities for interpreting the requirements of the safety standards in an adequate machine-readable form, and 3) compliance checking capabilities to provide the analysis required to conclude whether the model of a process corresponds to the model with the compliant states proposed by the standard's requirements. Our approach contributes to facilitating compliance checking by providing automatic reasoning from the requirements prescribed by the standards, and the description of the process they regulate. It also contributes to cross-fertilize two communities that were previously isolated, namely safety-critical and legal compliance contexts. Besides, we propose an approach for mastering the interplay between highly-related standards. This approach includes the reuse capabilities provided by SoPLE (Safety-oriented Process Line Engineering), which is a methodological approach aiming at systematizing the reuse of process-related information in the context of safety-critical systems. With the addition of SoPLE, we aim at planting the seeds for the future provision of systematic reuse of compliance proofs. Hitherto, our proposed methodology has been evaluated with academic examples that show the potential benefits of its use.

  • 3.
    Castellanos Ardila, Julieth Patricia
    et al.
    Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system.
    Gallina, Barbara
    Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system.
    Formal Contract Logic Based Patterns for Facilitating Compliance Checking against ISO 262622018Inngår i: CEUR Workshop Proceedings, Volume 2049, 2018, s. 65-72Konferansepaper (Fagfellevurdert)
    Abstract [en]

    ISO 26262 demands a confirmation review of the safety plan, which includes the compliance checking of planned processes against safety requirements. Formal Contract Logic (FCL), a logic-based language stemming from business compliance, provides means to formalize normative requirements enabling automatic compliance checking. However, formalizing safety requirements in FCL requires skills, which cannot be taken for granted. In this paper, we provide a set of ISO 26262-specific FCL compliance patterns to facilitate rules formalization. First, we identify and define the patterns, based on Dwyer' et al.'s specification patterns style. Then, we instantiate the patterns to illustrate their applicability. Finally, we sketch conclusions and future work.

  • 4.
    Castellanos Ardila, Julieth Patricia
    et al.
    Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system.
    Gallina, Barbara
    Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system.
    Towards Efficiently Checking Compliance Against Automotive Security and Safety Standards2017Inngår i: The 7th IEEE International Workshop on Software Certification WoSoCer 2017, 2017, s. 317-324Konferansepaper (Fagfellevurdert)
    Abstract [en]

    The growing connectivity of the systems that we rely on e.g. transportation vehicles is pushing towards the introduction of new standards aimed at providing a baseline to address cybersecurity besides safety. If the interplay of the two normative spaces is not mastered, compliance management might become more time consuming and costly, preventing engineers from dedicating their energies to system engineering. In this paper, we build on top of previous work aimed at increasing efficiency and confidence in compliance management. More specifically, we contribute to building a terminological framework needed to enable the systematization of commonalities and variabilities within ISO 26262 and SAE J3061. Then, we focus our attention on the requirements for software design and implementation and we use defeasible logic to prove compliance. Based on the compliance checking results, we reveal reuse opportunities. Finally, we draw our conclusions and sketch future research directions.

  • 5.
    Castellanos Ardila, Julieth Patricia
    et al.
    Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system.
    Gallina, Barbara
    Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system. IS (Embedded Systems).
    Towards Increased Efficiency and Confidence in Process Compliance2017Inngår i: 24th European & Asian Systems, Software & Service Process Improvement & Innovation EuroAsiaSPI2 '17, 2017, s. 162-174Konferansepaper (Fagfellevurdert)
    Abstract [en]

    Nowadays, the engineering of (software) systems has to comply with di erent standards, which often exhibit common requirements or at least a signi cant potential for synergy. Compliance management is a delicate, time-consuming, and costly activity, which would bene- t from increased con dence, automation, and systematic reuse. In this paper, we introduce a new approach, called SoPLE&Logic-basedCM. SoPLE&Logic-basedCM combines (safety-oriented) process line engineering with defeasible logic-based approaches for formal compliance checking. As a result of this combination, SoPLE&Logic-basedCM enables automation of compliance checking and systematic reuse of process elements as well as compliance proofs. To illustrate SoPLE&Logic-basedCM, we apply it to the automotive domain and we draw our lessons learnt.

  • 6.
    Castellanos Ardila, Julieth Patricia
    et al.
    Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system.
    Gallina, Barbara
    Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system.
    Governatori, Guido
    Data61, CSIRO, Australia.
    Lessons Learned while formalizing ISO 26262 for Compliance Checking2018Inngår i: Proceedings of the 2nd Workshop on Technologies for Regulatory Compliance (TeReCom), 2018, s. 5-16Konferansepaper (Fagfellevurdert)
    Abstract [en]

    A confirmation review of the safety plan is required during compliance assessment with ISO 26262. Its production could be facilitated by creating a specification of the standard’s requirements in FCL (Formal Contract Logic), which is a language that can be used to automatically checking compliance. However, we have learned, via previous experiences, that interpreting ISO 26262 requirements and specifying them in FCL is complex. Thus, we perform a formalization-oriented pre-processing of ISO 26262 to find effective ways to proceed with this task. In this paper, we present the lessons learned from this pre-processing which includes the identification of the essential normative parts to be formalized, the identification of SCP (Safety Compliance Patterns) and its subsequent documentation as templates, and the definition of a methodological guideline to facilitate the formalization of normative clauses. Finally, we illustrate the defined methodology by formalizing ISO 26262 part 3 and discuss our findings.

  • 7.
    Castellanos Ardila, Julieth Patricia
    et al.
    Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system.
    Gallina, Barbara
    Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system.
    UL Muram, Faiz
    Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system.
    Enabling Compliance Checking against Safety Standards from SPEM 2.0 Process Models2018Inngår i: The Euromicro Conference on Software Engineering and Advanced Applications SEAA 2018, 2018Konferansepaper (Fagfellevurdert)
    Abstract [en]

    Compliance with process-based safety standards may imply the provision of a safety plan and its corresponding compliance justification. The provision of this justification is time-consuming since it requires that the process engineer checks the fulfillment of hundred of requirements by taking into account the evidence provided by the process entities. Available methodologies and their implemented tools can be used to automate this checking and provide a compliance report that can be part of the justification to be scrutinized by the safety auditor. In this paper, we explain our compliance checking vision for supporting the process engineer, in which the interaction between SPEM 2.0 (Software & Systems Process Engineering Metamodel) and Regorous (a tool-supported methodology for compliance checking) is established. Then, we focus on SPEM 2.0 to identify mechanisms to provide the minimal set of elements required to be processed by Regorous and describe how to implement them in EPF Composer. We also illustrate these mechanisms by modeling a simple example from ISO 26262 and show how a compliance report can be used to trace unfulfilled requirements.

  • 8.
    Castellanos Ardila, Julieth Patricia
    et al.
    Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system.
    Gallina, Barbara
    Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system.
    UL Muram, Faiz
    Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system.
    Transforming SPEM 2.0-compatible process models into models checkable for compliance2018Inngår i: Communications in Computer and Information Science, Springer Verlag , 2018, Vol. 918, s. 233-247Konferansepaper (Fagfellevurdert)
    Abstract [en]

    Manual compliance with process-based standards is time-consuming and prone-to-error. No ready-to-use solution is currently available for increasing efficiency and confidence. In our previous work, we have presented our automated compliance checking vision to support the process engineer’s work. This vision includes the creation of a process model, given by using a SPEM 2.0 (Systems & Software Process Engineering Metamodel)-reference implementation, to be checked by Regorous, a compliance checker used in the business context. In this paper, we move a step further for the concretization of our vision by defining the transformation, necessary to automatically generate the models required by Regorous. Then, we apply our transformation to a small portion of the design phase recommended in the rail sector. Finally, we discuss our findings, and present conclusions and future work. 

  • 9.
    Gallina, Barbara
    et al.
    Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system.
    UL Muram, Faiz
    Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system.
    Castellanos Ardila, Julieth Patricia
    Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system.
    Compliance of agilized (Software) development processes with safety standards: A vision2018Inngår i: ACM International Conference Proceeding Series, Association for Computing Machinery , 2018, artikkel-id Article number a14Konferansepaper (Fagfellevurdert)
    Abstract [en]

    Hybrid software development, meant as a combination of traditional and agile methods/practices, has become a reality in safety-critical systems engineering. The spreading of hybrid software development stems from the impossibility to face the manyfold challenges via the definition of a process by the book. In this context, compliance management becomes challenging and the role of existing means for compliance should be clarified/rethought. In this position paper, we discuss the challenges and we propose our compliance management vision, which is being implemented in the context of the EU ECSEL AMASS project.

1 - 9 of 9
RefereraExporteraLink til resultatlisten
Permanent link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf