mdh.sePublications
Change search
Refine search result
123 51 - 100 of 107
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 51.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering. University of Luxembourg.
    Guelfi, Nicolas
    University of Luxembourg.
    A Product Line Perspective for Quality Reuse of Development Frameworks for Distributed Transactional Applications2008In: Proceedings - International Computer Software and Applications Conference, 2008, 2008, p. 739-744Conference paper (Refereed)
    Abstract [en]

    Flexibility, autonomy, distribution and openness of the modern computing systems are properties which expand the spectrum of interactions possible among system components. Moreover these properties tend to impose more rigorous quality requirements on software development. To ensure the quality of distributed applications two notions have already been introduced: concurrency control and fault-tolerance. These notions are present and refined in so-called advanced transactional frameworks. All these frameworks have different interpretations of these two notions because they try to solve different issues. Engineering from scratch such aframework is a complex task which will achieve a low level result, if not supported by a quality oriented approach. This paper solves this issue by introducing a product line perspective founded on the semantic analysis of the variabilities and commonalities of the ACID (Atomicity, Isolation, Durability and Consistency) properties. Varying and composing ACID properties in a disciplined way is in our opinion a key issue to increasequality and quality reuse in the development of advanced transactional frameworks. For this our approach allows the elicitation of the requirements of the advanced transactional frameworks product line using the "DRET" template.

  • 52.
    Gallina, Barbara
    et al.
    University of Luxembourg,.
    Guelfi, Nicolas
    University of Luxembourg.
    SPLACID: an SPL-oriented, ACTA-based, Language for Reusing (varying) ACID Properties2008Conference paper (Refereed)
    Abstract [en]

    ACID (Atomicity, Consistency, Isolation and Durability) properties characterize the initial Transactional Model (TM). Being too restrictive and functionally limited to face the requirements of more recent application domains, the semantics of these properties has been relaxed (weakened) leading to an important set of TMs. Understanding, comparing and synthesizing TMs on the basis of core features and, more specifically, understanding and comparing relaxed ACID properties to be able to reuse them, during the synthesis of TMs, is still an unreached goal. The ACTA framework represented a relevant step towards the achievement of that goal. ACTA, however, as we contribute in highlighting, presents several points of weakness. To contribute in easing the identification and specification of reusable and composable commonalities and variabilities among TMs, we introduce a Software Product Line oriented, ACTA-based, language, called SPLACID. SPLACID is dedicated to the formal specification of TMs in terms of the selection and specialisation of a set of TM standard features. SPLACID promotes reuse and enhance rigor and precision by providing a well structured concrete syntax.

  • 53.
    Gallina, Barbara
    et al.
    University of Luxembourg.
    Guelfi, Nicolas
    University of Luxembourg.
    Kelsen, P
    University of Luxembourg.
    Towards an Alloy Formal Model for Flexible Advanced Transactional Model Development2009In: Proceedings - 33rd Annual IEEE Software Engineering Workshop, SEW-33 2009, Skövde, Sweden, 2009, p. 94-103Conference paper (Refereed)
    Abstract [en]

    SPLACID is a semi-formal language conceived for the specification and synthesis of (advanced) transactional models from basic features, such as transaction types and (relaxed) ACID variants. SPLACID is an improvement of the ACTA framework offering a well-structured and formal syntax. Neither ACTA nor SPLACID, however, benefit from a formal tool-supported semantics. This paper presents the first step for having a fullformal semantics of SPLACID by translation to Alloy. In particular, we present the translation of the SPLACID concepts into Alloy concepts focusing on those concepts pertaining to the structure of a TransactionalModel and those characterizing the isolation variant. The Alloy specification obtained by this translation preserve the SPLACID main key-properties, namely, modularity, flexibility and reusability. To support this claim we show how flexible, modular and reusable structures and isolation variants can be obtained in Alloy. Finally, we analyze the flat and nested transactional model structures and the serializability-based isolation variant using the Alloy Analyzer. 

  • 54.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Gómez-Martínez, Elena
    Universidad Politécnica de Madrid, Spain.
    Benac Earle, Clara
    Universidad Politécnica de Madrid, Spain.
    Evaluación de Requisitos de Seguridad con MBASafe conforme a la norma EN 501282017In: XVII Jornadas de Programación y Lenguajes, part of SISTEDES 2017 PROLE-2017, 2017Conference paper (Refereed)
    Abstract [en]

    According to EN 50129, manufacturers of rail vehicles shall justify via a safety case that their vehicles are adequately safe for their intended applications. MBASafe is a recently proposed and potentially innovative design and verification process. In the presence of compelling arguments concerning its adequacy as process evidence, MBASafe could support the safety claims within the required safety cases. In this paper, we contribute to partially justify the adequacy of MBASafe to act as process evidence. To do that, we first manually check if MBASafe includes EN 50128-compliant process elements, then we model MBASafe in compliance with Software Process Engineering Metamodel 2.0, then, we derive process-based arguments from the MBASafe process model by using MDSafeCer, the recently introduced Model Driven Safety Certification method. By doing so, we provide a twofold contribution: we further validate MDSafeCer in the rail domain and we strengthen MBASafe. 

  • 55.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Gómez-Martínez, Elena
    University of East London, London, United Kingdom.
    Benac Earle, Clara
    Universidad Politécnica de Madrid, Madrid, Spain.
    Promoting MBA in the Rail Sector by Deriving Process-related Evidence via MDSafeCer2017In: Computer Standards & Interfaces, ISSN 0920-5489, E-ISSN 1872-7018, Vol. -54, no 3, p. 119-128Article in journal (Refereed)
    Abstract [en]

    An EN 50129-compliant safety case should include process-related evidence in terms of quality as well as safety management. Potentially innovative engi- neering methods developed in academic settings could act as process-related evidence. However, to ease their acceptance within the rail industrial set- tings, the adequacy of these methods need to be justified. In this paper, we extend our previous work and we provide a broader justification including performance aspects aimed at showing that the entire MBA (Model-Based design methodology for Assessing performance and safety requirements of critical systems) is partly compliant with EN 50128.To do that, we tackle safety and performance process-related compliance as follows: we first man- ually check if MBA includes EN 50128-compliant process elements, then we model MBA in compliance with Software Process Engineering Meta-model 2.0, then, we derive process-based arguments from the MBA process model by using the MDSafeCer (Model Driven Safety Certification) method. By doing so, we provide a twofold contribution: we further validate MDSafeCer in the rail domain and we strengthen MBA.

  • 56.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Haider, Zulqarnain
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Carlsson, Anna
    OHB Sweden, Sweden.
    Towards Generating ECSS-compliant Fault Tree Analysis Results via ConcertoFLA2018In: IOP Conference Series: Materials Science and Engineering, vol. 351, issue 1, 2018, Vol. 351, article id UNSP 012001Conference paper (Refereed)
    Abstract [en]

    Attitude Control Systems (ACSs) maintain the orientation of the satellite in threedimensional space. ACSs need to be engineered in compliance with ECSS standards and need to ensure a certain degree of dependability. Thus, dependability analysis is conducted at various levels and by using ECSS-compliant techniques. Fault Tree Analysis (FTA) is one of these techniques. FTA is being automated within various Model Driven Engineering (MDE)- based methodologies. The tool-supported CHESS-methodology is one of them. This methodology incorporates ConcertoFLA, a dependability analysis technique enabling failure behavior analysis and thus FTA-results generation. ConcertoFLA, however, similarly to other techniques, still belongs to the academic research niche. To promote this technique within the space industry, we apply it on an ACS and discuss about its multi-faceted potentialities in the context of ECSS-compliant engineering.

  • 57.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Haider, Zulqarnain
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Carlsson, Anna
    OHB Sweden.
    Mazzini, Silvia
    Intecs SpA, Italy.
    Puri, Stefano
    Intecs SpA, Italy.
    Multi-concern Dependability-centered Assurance for Space Systems via ConcertoFLA2018In: 23rd International Conference on Reliable Software Technologies - Ada-Europe 2018 Ada-Europe-2018, 2018, Vol. 10873Conference paper (Other academic)
  • 58.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Iyer, Shankar
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Towards Quantitative Evaluation of Reuse Within Safety-Oriented Process Lines2018Conference paper (Refereed)
    Abstract [en]

    Recently, Safety-oriented Process Line Engineering (SoPLE) has been proposed as a sound solution to systematize reuse in the context of safety-oriented processes described within safety-related standards. Currently, however, no metrics have been used to measure the actual gain in terms of reuse that the application of this engineering method entails. To overcome this lack of quantitative evidence, we adopt the GQM+ Strategies model, an extension of the Goal/Question/Metric (GQM) paradigm, for measurements. After having defined our specific measurement goals, we build on top of existing metrics, defined for measuring product-related reuse, and we translate them in our semantic space to evaluate our goals. We then apply our GQM+ Strategies model on a ECSS-compliant SoPL to illustrate and assess its usefulness.

  • 59.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Javed, Muhammad Atif
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Martin, Helmut
    Virtual Vehicle Research Center, Graz, Austria.
    Bramberger, Robert
    Virtual Vehicle Research Center, Graz, Austria.
    Co-engineering of security and safety life-cycles for engineering security-informed safety-critical automotive systems in compliance with SAE J3061 and ISO 262622019In: 24th International Conference on Reliable Software Technologies Ada-Europe-2019, 2019Conference paper (Refereed)
  • 60.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Kashiyarandi, Shaghayegh
    Martin, Helmut
    VIRTUAL VEHICLE Research Center, Austria.
    Bramberger, Robert
    VIRTUAL VEHICLE Research Center, Austria.
    Modeling a Safety- and Automotive-oriented Process Line to Enable Reuse and Flexible Process Derivation2014In: 38th Annual IEEE International Computer Software and Applications Conference (COMPSAC), 2014, p. 504-509Conference paper (Refereed)
    Abstract [en]

    ISO 26262 is a recently introduced automotive functional safety standard. This standard imposes new requirements that must be fulfilled for conformance purposes. Thus, companies used to develop safety-related E/E systems in compliance with either only Automotive SPICE (ASPICE) or a combination of ASPICE and IEC 61508 have to quickly perform a gap analysis in order to introduce adequate changes in their way of working. Implementing such changes in a visionary way with expectations of a long-term payback is an urgent open issue. To contribute to addressing such issue, in this paper, we intro- duce a safety-oriented process line-based methodological frame- work to model commonalities and variabilities (changes) between the standards to enable reuse and flexible process derivation. To show the usefulness of our approach, we apply it to model a proc- ess-phase line for the development of safety-critical control units. Finally, we provide our lessons learned and concluding remarks.

  • 61.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Kashiyarandi, Shaghayegh
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Zugsbratl, Karlheinz
    Geven, Arjan
    Enabling Cross-Domain Reuse of Tool Qualification Certification Artefacts2014In: COMPUTER SAFETY, RELIABILITY, AND SECURITY, 2014, p. 255-266Conference paper (Refereed)
    Abstract [en]

    The development and verification of safety-critical systems increasingly relies on the use of tools which automate/replace/supplement complex verification and/or development tasks. The safety of such systems risks to be compromised, if the tools fail. To mitigate this risk, safety standards (e.g. DO-178C/DO330, IEC 61508) define prescriptive tool qualification processes. Compliance with these processes can be required for (re-)certification purposes. To enable reuse and thus reduce time and cost related to certification, cross-domain tool manufacturers need to understand what varies and what remains in common when transiting from one domain to another. To ease reuse, in this paper we focus on verification tools and model a cross-domain tool qualification process line. Finally, we discuss how reusable cross-domain process-based arguments can be obtained.

  • 62.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Lundqvist, Kristina
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    THRUST: A method for speeding up the creation of process-related deliverables2014Conference paper (Refereed)
    Abstract [en]

    Certification of safety-critical avionics systems is an expensive and time-consuming activity due to the necessity of providing numerous deliverables. Some of these deliverables are process-related. To reduce time and cost related to the provision of process-related deliverables, in this paper, we propose to combine three approaches: the safety-oriented process line engineering approach, the process-based argumentation line approach, and the model driven certification-oriented approach. More specifically, we focus on safety-related processes for the development of avionics systems and we define how these three approaches are combined and which techniques, tools and guidelines should be used to implement the resulting approach, called THRUST. Advantages and disadvantages of possible existing techniques and tools are discussed and proposals as well as conceptual solutions for new techniques are sketched. Based on the sketched conceptual solutions, we then apply THRUST to speed up the creation of process-related deliverables in compliance with DO-178B/C.

  • 63.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Martinez, Jabier
    Tecnalia, Spain.
    Reuse in (re) certification of systems2018Conference paper (Other academic)
    Abstract [en]

    The reduction of time and cost for the creation of a safety case is an urgent challenge that industries must face in the context of safety-critical product lines. A safety case is a contextualized structured argument constituted of process and product-based sub-arguments to show that a system is acceptably safe and thus \assure society at large that deployment of a given system does not pose an unacceptable risk of harm". Safety assurance and assessment processes required by standards and jurisdictions use to span several years and consume a large number of resources. To reduce time and cost, reuse capabilities are being investigated. At the core of this e ort, there is the objective to provide a generic metamodel capturing concepts of safety compliance processes. This is opening many doors towards a common model-based certi cation framework that can simultaneously target diverse domains such as the automotive, railway, avionics, air tra c management, industrial automation, or space domains. Then, di erent recurrent scenarios of (re)certi cation are being studied with their own characteristics and challenges. For example, in the system upgrade scenario we aim to identify the parts of the safety assurance project that can be reused for the upgraded system. In the cross-standard reuse scenario, the same system certi ed against a standard needs to be certi ed with another standard or, in the case of jurisdictions, checking compliance with a country jurisdiction that di ers from the current one. In the cross-concern reuse scenario, a system certi ed against a given standard (e.g., security related) requires to be certi ed with a standard targeting a di erent concern (e.g., safety). The AMASS project (Architecture-driven, Multi-concern and Seamless Assurance and Certi cation of Cyber-Physical Systems) continues previous e orts to de ne the Common Assurance and Certi cation Metamodel (CACM) and a tool-based platform is being developed. Among its functionalities, advanced techniques are provided enabling reuse by combining process lines, product lines and safety case lines.

  • 64.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Natella, R.
    Università degli Studi di Napoli Federico II, Italy.
    Special section on: Reliability and Safety Certification of Software-Intensive Systems2017In: Reliability Engineering & System Safety, ISSN 0951-8320, E-ISSN 1879-0836, Vol. 158Article in journal (Refereed)
  • 65.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Natella, RobertoUniversità degli Studi di Napoli Federico II, Italy.
    Reliability Engineering & System Safety, Vol. 158, 2017: Special section on: Reliability and Safety Certification of Software-Intensive Systems2017Collection (editor) (Other academic)
  • 66.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Nyberg, Mattias
    Scania, Sweden.
    An EN5012x-compliant OSLC-based Safety Case Generator2016Other (Other academic)
  • 67.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Nyberg, Mattias
    Scania AB, Sweden.
    Pioneering the Creation of ISO 26262-compliant OSLC-based Safety Cases2017In: The 7th IEEE International Workshop on Software Certification WoSoCer 2017, 2017, p. 325-330Conference paper (Refereed)
    Abstract [en]

    ISO 26262 requires for each item the creation of a safety case. Such creation is extremely time-consuming. Currently, no satisfying approach is at disposal to speed up such creation. OSLC (Open Services for Lifecycle Collaboration) is a standard for tool interoperability, which, if enabled, permits effective documentation management, needed for efficient safety case creation. OSLC defines a set of extensible core specifications (domains), each of which focuses on a single phase of the life-cycle. In our previous work, we provided ISO 26262-compliant domain extensions. In this paper, we use such extensions to pioneer the creation of OSLC-based safety cases. In particular, we show how information exposed via such extensions can be queried to “produce” compositional pieces of safety case-fragments, arguing about requirements traceability and satisfiability. We illustrate the production of such fragments for an Electronic Control Unitmodule in use at Scania. We then discuss our findings.

  • 68.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Nyberg, Mattias
    Scania AB, Södertälje, Sweden.
    Reconciling the ISO 26262-compliant and the Agile Documentation Management in the Swedish Context2015In: Third Workshop on Critical Automotive applications: Robustness & Safety CARS-2015, Paris, France: open-access eternal archive HAL , 2015Conference paper (Refereed)
    Abstract [en]

    Documentation management represents a relevant and mandatory activity according to ISO 26262 [1]. The same activity tends to be considered as a waste according to the agile manifesto [2]. Thus, agile and ISO 26262-compliant documentation management styles seem to form an odd couple. When this couple is located in the Swedish cultural context, reconciliation and negotiation within it represent a true challenge. In this paper, based on the state of practice in industrial settings, we report about our findings and propose our envisioned solution to face this challenge and get a balance. Finally, conclusion and perspectives for future work are also drawn.

  • 69.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Padira, Kathyayani
    Scania AB, Södertälje, Sweden.
    Nyberg, Mattias
    Scania AB, Södertälje, Sweden.
    Towards an ISO 26262-compliant OSLC-based Tool Chain Enabling Continuous Self-assessment2016In: 10th International Conference on the Quality of Information and Communications Technology- Track: Quality Aspects in Safety Critical Systems QUATIC-2016, 2016, p. 199-204, article id 7814547Conference paper (Refereed)
    Abstract [en]

    Manufacturers of road vehicles have to comply with the functional standard ISO 26262. This standard requires the creation of a safety case, which compiles all the work products of the life-cycle in a traceable manner. The creation of a safety case is extremely time-consuming. Its creation is needed for the purpose of self-assessment in order to manage the liability risk. To speed up such creation, semi-automatic generation represents an inter- esting solution. OSLC (Open Services for Lifecycle Collaboration) is a recently introduced standard aimed at enabling life cycles tools interoperability via production/consumption of resources. OSLC defines a set of domains, each of which focuses on a single and generic phase of the life-cycle. To create an ISO 26262- compliant tool chain, such domains need to be extended and or replaced. In this paper, we present the first step towards the extension of such domains. First we establish the guidelines to define an ISO 26262-compliant OSLC-based knowledge domain, aimed at enabling the production and consumption of resources related to verification work products. Then, we propose our domain and we instantiate it to represent the verification-related resources of a real system. Finally, we discuss how this domain has been validated and how it can be used for continuous self- assessment.

  • 70.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Pitchai, K. R.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Lundqvist, Kristina
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    S-TunExSPEM: Towards an extension of SPEM 2.0 to model and exchange tunable safety-oriented processes2014In: Software Engineering Research, Management and Applications, Springer, 2014, p. 215-230Chapter in book (Refereed)
    Abstract [en]

    Prescriptive process-based safety standards (e.g. EN 50128, DO-178B, etc.) incorporate best practices to be adopted to develop safety-critical systems or software. In some domains, compliance with the standards is required to get the certificate from the certification authorities. Thus, a well-defined interpretation of the processes to be adopted is essential for certification purposes. Currently, no satisfying means allows process engineers and safety managers to model and exchange safety-oriented processes. To overcome this limitation, this paper proposes S-TunExSPEM, an extension of Software & Systems Process Engineering Meta-Model 2.0 (SPEM 2.0) to allow users to specify safety-oriented processes for the development of safety-critical systems in the context of safety standards according to the required safety level. Moreover, to enable exchange for simulation, monitoring, execution purposes, S-TunExSPEM concepts are mapped onto XML Process Definition Language 2.2 (XPDL 2.2) concepts. Finally, a case-study from the avionics domain illustrates the usage and effectiveness of the proposed extension.

  • 71.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Provenzano, Luciana
    Bombardier Transportation, Västerås, Sweden.
    Deriving Reusable Process-based Arguments from Process Models in the Context of Railway Safety Standards2015In: Ada User Journal, ISSN 1381-6551, Vol. 36, no 4, p. 237-241Article in journal (Refereed)
    Abstract [en]

    In the railway domain, standards such as the EN5012x family prescribe processes to be followed for the management and certification of safety-critical systems. This results in a need to model processes and retrieve process-based arguments to prove that the system achieved the required safety level in order to reduce time and cost spent in the certification process. In this paper, we present the application of the MDSafeCer, i.e. a model-driven safety certification method, for railways. In particular, we model in SPEM 2.0 the safety requirements process according to what described in the safety plan, and we show how it is possible to extract safety evidence to prove the compliance of this process to the EN50128 standard.

  • 72.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering.
    Punnekkat, Sasikumar
    Mälardalen University, School of Innovation, Design and Engineering.
    FI4FA: A formalism for incompletion, inconsistency, interference and impermanence failures' analysis2011In: Proceedings - 37th EUROMICRO Conference on Software Engineering and Advanced Applications, SEAA 2011, 2011, p. 493-500Conference paper (Refereed)
    Abstract [en]

    To architect dependable distributed component-based, transactional systems, failures as well as their mitigation behaviors must be analyzed. Analysis helps in planning if, where and which mitigation means are needed to increase quality, by reducing the failures that threaten the system's dependability. Fault Propagation and Transformation Calculus (FPTC) is a technique for automatically calculating the failure behavior of the entire system from the failure behavior of its components [1]. FPTC, however, considers few failure types and offers no support to analyse the mitigation behaviour. To overcome these limitations and support the mitigation's planning, we introduce a new formalism, called FI4FA. FI4FA focuses on failures avoidable through transaction-based mitigations. FI4FA extends FPTC by enabling the analysis of I4 (incompletion, inconsistency, interference and impermanence) failures as well as the analysis of the mitigations, needed to guarantee completion, consistency, isolation and durability. We also illustrate the usage of FI4FA on a set of examples. © 2011 IEEE.

  • 73.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Sefer, Edin
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Refsdal, A.
    SINTEF ICT, Oslo, Norway.
    Towards safety risk assessment of socio-technical systems via failure logic analysis2014In: Proceedings - IEEE 25th International Symposium on Software Reliability Engineering Workshops, ISSREW 2014, 2014, p. 287-292Conference paper (Refereed)
    Abstract [en]

    A thorough understanding of the safety risks of a system requires an understanding of its human and organizational factors, as well as its technical components. Analysis approaches that focus only on the latter without considering, for example, how human decision makers may respond to a technical failure, are not able to adequately capture the wide variety of safety risk scenarios that need to be considered. In this paper, we propose a model-based analysis approach that allows analysts to interpret humans and organizations in terms of components and their behavior in terms of failure logic. Our approach builds on top of CHESS-FLA, which is a tool-supported failure logic analysis technique that supports analysis of component-based system architectures to understand what can go wrong at the system level and to identify the causes (i.e. Faulty components). However, CHESS-FLA currently deals only with hardware and software components and thus it is not adequate to reason about socio-technical systems. We therefore provide an extension based on a pre-existing classification of socio-failures and combine it with the one used in CHESS-FLA for technical failures, thereby giving birth to a novel approach to analysis of socio-technical systems. We demonstrate our approach on an example from the petroleum domain.

  • 74.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Skavhaug, AmundNorwegian University of Science and TechnologyTrondheimNorway.Bitsch, FriedemannThales Deutschland GmbH, Ditzingen, Germany.
    Computer Safety, Reliability, and Security: SAFECOMP 2018 Workshops, ASSURE, DECSoS, SASSUR, STRIVE, and WAISE, Västerås, Sweden, September 18, 2018, Proceedings2018Conference proceedings (editor) (Other academic)
  • 75.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering.
    SŠljivo, Irfan
    Mälardalen University, School of Innovation, Design and Engineering.
    Jaradat, Omar
    Mälardalen University, School of Innovation, Design and Engineering.
    Towards a Safety-oriented Process Line for Enabling Reuse in Safety Critical Systems Development and Certification2012In: Proceedings of the 2012 IEEE 35th Software Engineering Workshop, SEW 2012, 2012, p. 148-157Conference paper (Refereed)
    Abstract [en]

    Safety standards define development processes by indicating the set of partially ordered tasks that have to be executed to achieve acceptably safe systems. Process compliance constitutes a fundamental ingredient in safety argumentation for certification purposes. Certification is a very expensive, time-consuming and quality demanding activity. To increase quality and reduce time and cost, reusebased approaches are being investigated. In this paper, we adopt process line approach in the framework of safety processes. This means that we treat a family of processes as a product line, and we identify commonalities and variabilities between them. The resulting information guides developers in reusing parts of the process, the system and safety case, e.g. which parts to make more generic, isolating changes in others to avoid ripple effects etc..

  • 76.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Szatmari, Zoltan
    Resiltech Srl, Pontedera, Italy.
    Ontology-based Identification of Commonalities and Variabilities among Safety Processes2015In: Product-Focused Software Process Improvement: 16th International Conference, PROFES 2015 Bolzano, Italy, December 2–4, 2015, Proceedings, 2015, p. 182-189Conference paper (Refereed)
    Abstract [en]

    Safety standards impose requirements on the process used to develop safety-critical systems. For certification purposes, manufacturers have to properly interpret and meet these requirements, which exhibit commonalities and variabilities. However, since different terms are used to state them, the comparative work aimed at manually identifying and managing these commonalities and variabilities is hard, time-consuming, and costly. In this paper, we propose to solve this problem by creating ontology-based models of safety standards and automate the comparative work. Then, we show how the result of this comparative study can be exploited to semi-automate the generation of safety-oriented process line models. To illustrate our solution, we apply it to portions of ISO 26262 and EN 50126. Finally, we draw our conclusions and future work.

  • 77.
    Gallina, Barbara
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    UL Muram, Faiz
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Castellanos Ardila, Julieth Patricia
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Compliance of agilized (Software) development processes with safety standards: A vision2018In: ACM International Conference Proceeding Series, Association for Computing Machinery , 2018, article id Article number a14Conference paper (Refereed)
    Abstract [en]

    Hybrid software development, meant as a combination of traditional and agile methods/practices, has become a reality in safety-critical systems engineering. The spreading of hybrid software development stems from the impossibility to face the manyfold challenges via the definition of a process by the book. In this context, compliance management becomes challenging and the role of existing means for compliance should be clarified/rethought. In this position paper, we discuss the challenges and we propose our compliance management vision, which is being implemented in the context of the EU ECSEL AMASS project.

  • 78.
    Gannous, A.
    et al.
    Apartment of Computer Science, University of Denver, Denver, CO, United States.
    Andrews, A.
    rtment of Computer Science, University of Denver, Denver, CO, United States.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Bridging the gap between testing and safety certification2018In: IEEE Aerospace Conference Proceedings, IEEE Computer Society , 2018, p. 1-18Conference paper (Refereed)
    Abstract [en]

    DO-178C and its supplement DO-331 provide a set of objectives to be achieved for any development of airborne software systems when model-driven development approaches are in use. Fail-safeMBT is an academic recently proposed model-based approach for testing safety-critical systems. Fail-safeMBT is a potential innovative testing process that needs compelling arguments to be adopted for the development of aeronautical software. In this paper, we reduce the gap between industrial settings and academic settings by adopting the safety case approach and derive substantiation data aimed at arguing Fail-safeMBT compliance with the standards. We explain Fail-safeMBT processes in compliance with software process engineering Meta-Model 2.0, then apply Fail-safeMBT on the Autopilot system. Finally, we link Fail-safeMBT outputs to DO-178/DO-331 process elements, then we derive a substantiation from Fail-safeMBT outputs to support the compelling arguments for achieving certification objectives. Thus, we provide a validation of Fail-safeMBT in the avionic domain.

  • 79.
    Gannous, Aiman
    et al.
    Denver University, USA.
    Andrews, Anneliese
    Denver University, USA.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Toward a Systematic and Safety Evidence Productive Verification Approach for Safety-Critical Systems2018In: 8th IEEE International Workshop on Software Certification WoSoCER-2018, 2018, p. 329-336Conference paper (Refereed)
    Abstract [en]

    In safety-critical systems, the verification and validation phase in the software development life cycle plays an important role in assuring safety. The artifacts' outputs of the verification and validation processes represent the evidence needed to show a satisfactory fulfillment of the safety requirements. Providing strong evidence to show that the requirements of the domain standards are met is the core of demonstrating safety standards compliance. In this paper, we propose a systematic approach for verifying safety-critical systems efficiently by integrating model-based testing, combinatorial testing, and safety analysis; this is all driven by providing safety assurance. The approach provides both testing and formal verification capabilities, and it is easy to implement into a tool for use in an industry setting. To show how our approach could contribute to safety standards compliance, we investigated it's capability to fulfill the safety requirements by analyzing and linking the data produced from the steps in the approach to a safety evidence taxonomy.

  • 80. Gómez-Martínez, Elena
    et al.
    Benac Earle, Clara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Model-Based Verification of Safety Requirements2016Other (Other academic)
  • 81.
    Haider, Zulqarnain
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Carlsson, A.
    OHB Sweden, Kista, Sweden.
    Mazzini, S.
    Intecs, Italy.
    Puri, S.
    Intecs, Italy.
    Concerto FLA-based multi-concern assurance for space systems2019In: Ada User Journal, ISSN 1381-6551, Vol. 40, no 1, p. 35-39Article in journal (Refereed)
    Abstract [en]

    Space systems often need to be engineered in compliance with standards such as ECSS and need to ensure a certain degree of dependability. Given the multi-faceted nature of dependability (characterized by a set of concerns), assuring dependability implies multi-concern assurance, which requires the modelling of various system characteristics and their co-assessment and co-analysis, in order to enable the management of trade-offs between them. CHESS is a systems engineering methodology and an open source toolset, which includes ConcertoFLA. ConcertoFLA allows users (system architects and dependability engineers) to decorate component-based architectural models with dependability-related information, execute Failure Logic Analysis (FLA) techniques, and get the results back-propagated onto the original model. In this paper, we present the customization of the CHESS methodology and ConcertoFLA in the context of the ECSS standards to enable architects and dependability engineers to define a system and perform dependability-centered co-analysis for assuring the required non-functional properties of the system according to ECSS requirements. The proposed customization is then applied in the context of spacecraft Attitude Control Systems engineering, which is a part of satellite on-board software. 

  • 82.
    Haider, Zulqarnain
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Moreno, Enrique Zornoza
    Mälardalen University.
    FLA2FT: Automatic Generation of Fault Tree from ConcertoFLA Results2019In: Proceedings - 2018 3rd International Conference on System Reliability and Safety, ICSRS 201811 April 2019, 2019, p. 176-181, article id 8688825Conference paper (Refereed)
    Abstract [en]

    Dependability-critical systems (e.g., space systems) need to be engineered according to dependability standards (e.g. ECSS standards), which require the application of various dependability analyses, including Fault Tree Analysis (FTA). Due to the complex nature of such systems, conducting FTA may turn out to be time-consuming and error prone. Thus, automation is highly desirable. In this paper, we build on top of our previous work and we propose FLA2FT, a tool-supported Fault Tree (FT) generation from ConcertoFLA results. More specifically, we integrate FTA in a well-established existing system modeling and analysis methodology to generate FT automatically using model transformations. To illustrate the usage of FLA2FT, we apply it to the space domain and automate the generation of ECSS-compliant FTs for an Attitude Control System (ACS). Finally, we draw our conclusions and sketch future work.

  • 83.
    Javed, Muhammad Atif
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Get EPF Composer back to the future: A trip from Galileo to Photon after 11 years2018Other (Other academic)
    Abstract [en]

    This talk provides a concrete return of experience about the migration of Eclipse Process Framework (EPF) Composer[i] from Eclipse Galileo 3.5.2 to Eclipse Neon 4.6.3. The migration of EPF Composer was performed[ii] in four phases: compatible versions of required softwares were installed from the Neon software repository and then deprecations in the source code were analyzed and fixed; scheduling conflicts were resolved for the persistence of method elements (i.e., method configurations, method plugins, method content descriptions and processes) in their own folders and XMI files; appearance and height problems were resolved for the combo box which supports users in selecting the currently used method configuration, the blank views were removed from the authoring and browsing perspectives, but also problems with the rich text editor were resolved for enabling users to format and style text; and incompatible bundles were removed from the feature plugins, replacing bundles were added and other missing dependencies for the bundles were resolved for exporting the standalone application. This talk will also present the return of experience of starting a collaboration with the EPF Composer team from IBM in order to submit the migrated code, eventually become a committer of the project, and publish a release of EPF Composer for Eclipse Neon. More about the Eclipse Process Framework: The EPF Composer is an open-source project developed for the process engineers and project managers. It provides support for authoring, tailoring and deploying methods and processes for development organizations and projects. Although this project has attracted considerable attention from researchers and practitioners worldwide, the migration to newer versions of technologies was never performed. In the context of the AMASS project[iii], the migration of EPF Composer was critical for allowing the integration with other tools in the AMASS platform, a large open-source platform that constitutes an ecosystem building on top of several Eclipse and PolarSys projects such as EPF Composer, OpenCert[iv] and CHESS[v]. The migration of EPF Composer has been tested by Vishal Sharnagat (IBM). Barbara Gallina and Muhammad Atif Javed would also like to thank Bruce MacIsaac (IBM), Huascar Espinoza (Tecnalia) and Gaël Blondelle (Eclipse Foundation) for their support in the migration. As future work, we plan to implement the support for CDO model repository[vi]. [i] https://www.eclipse.org/epf/ [ii] https://bugs.eclipse.org/bugs/show_bug.cgi?id=516608 [iii] https://www.amass-ecsel.eu/ [iv] https://www.polarsys.org/proposals/opencert [v] https://www.polarsys.org/projects/polarsys.chess [vi] https://www.eclipse.org/cdo/

  • 84.
    Javed, Muhammad Atif
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Safety-oriented Process Line Engineering via Seamless Integration between EPF Composer and BVR Tool: Variability Management in Process Lines2018In: SPLC '18 Proceeedings of the 22nd International Systems and Software Product Line Conference - Volume 2, 2018, p. 23-28Conference paper (Refereed)
    Abstract [en]

    The integration between process engineering and variability management is required for tailoring of safety-oriented processes with variabilities to individual projects in a similar manner to the product lines. Previous studies have not adequately established the Safety-oriented Process Lines (SoPLs). This paper focuses on the seamless integration between Eclipse Process Framework (EPF) Composer and Base Variability Resolution (BVR) Tool. The former supports the major parts of the OMG’s Software & Systems Process Engineering Metamodel (SPEM) Version 2.0, while the latter is a simplification and enhancement of the OMG’s revised submission of Common Variability Language (CVL). The proposed integration is implemented as Eclipse plugin. It provides support for importing backend folders and files within the method library of EPF Composer, resolving problems with the files for variability management with the BVR Tool, and exporting back the resolved process models to the EPF Composer. The applicability of the implemented plugin is demonstrated by engineering an ECSS-E-ST-40C compliant SoPL for the space projects and applications.

  • 85.
    Javed, Muhammad Atif
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Carlsson, A.
    OHB, Stockholm.
    Towards variant management and change impact analysis in safety-oriented process-product lines2019In: Proceedings of the ACM Symposium on Applied Computing, Association for Computing Machinery , 2019, p. 2372-2375Conference paper (Refereed)
    Abstract [en]

    In safety-critical (software) systems, safety management embraces both processes and products, which due to e.g., product's upgrade, tend to be tailored, giving rise to safety-oriented product lines and corresponding safety-oriented process lines. To tailor these lines systematically, their inter-dependencies would have been taken into consideration. To date, however, no satisfying implemented solution is available on the shelf. Accordingly, this paper focuses on the co-engineering of process and product lines. At first, the process and product lines need to be established for which the integration between Eclipse Process Framework (EPF) Composer, Composition with Guarantees for High-integrity Embedded Software Components Assembly (CHESS) Tool and Base Variability Resolution (BVR) Tool is achieved; they are process engineering, product design and variant management solutions, respectively. After that, the process and product lines are integrated. This is done for cross-dimension variant management and change impact analysis. The applicability of the integrated lines is illustrated for the attitude and orbit control subsystem.

  • 86.
    Luis de la Vara, Jose
    et al.
    Universidad Carlos III de Madrid, Spain.
    Ruiz Lopez, Alejandra
    TECNALIA, Spain.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Blondelle, Gaël
    Eclipse Foundation Europe GmbH, Germany.
    Alaña, Elena
    GMV Aerospace and Defence Madrid, Spain.
    Herrero, Javier
    GMV Aerospace and Defence Madrid, Spain.
    Warg, Fredrik
    RISE Research Institutes of Sweden Borås, Sweden.
    Skoglund, Martin
    RISE Research Institutes of Sweden Borås, Sweden.
    Bramberger, Robert
    VIRTUAL VEHICLE Research Center, Austria.
    The AMASS Approach for Assurance and Certification of Critical Systems2019In: embedded world 2019 ewC-2019, 2019Conference paper (Refereed)
    Abstract [en]

    Safety-critical systems are subject to rigorous assurance and certification processes to guarantee that they do not pose unreasonable risks to people, property, or the environment. The associated activities are usually complex and time-consuming, thus they need adequate support for their execution. The activities are further becoming more challenging as the systems are evolving towards open, interconnected systems with new features, e.g. Internet connectivity, and new assurance needs, e.g. compliance with several assurance standards for different dependability attributes. This requires the development of novel approaches for cost-effective assurance and certification. With the overall goal of lowering assurance and certification costs in face of rapidly changing features and market needs, the AMASS project has created and consolidated the de-facto European-wide open solution for assurance and certification of critical systems. This has been achieved by establishing a novel holistic and reuse-oriented approach for architecture-driven assurance, multi-concern assurance, and for seamless interoperability between assurance and engineering activities along with third-party activities. This paper introduces the main elements of the AMASS approach and how to use them and benefit from them.

  • 87.
    Montecchi, L.
    et al.
    University of Florence, Florence, Italy.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    SafeConcert: A metamodel for a concerted safety modeling of socio-technical systems2017In: Lect. Notes Comput. Sci., Springer Verlag , 2017, p. 129-144Conference paper (Refereed)
    Abstract [en]

    Socio-technical systems are characterized by the interplay of heterogeneous entities i.e., humans, organizations, and technologies. Application domains such as petroleum, e-health, and many others rely on solutions based on safety-critical socio-technical systems. To ensure a safe operation of these interacting heterogeneous entities, multifaceted and integrated modeling and analysis capabilities are needed. Currently, such capabilities are not at disposal. To contribute to the provision of such capabilities, in this paper we propose SafeConcert, a metamodel that offers constructs to model socio-technical entities and their safety-related properties. SafeConcert also represents a unified and harmonized language that supports the integrated application of qualitative as well as quantitative safety analyses techniques. To support our claims we briefly report about the evaluation that was conducted and documented in the context of the EU CONCERTO project.

  • 88.
    Nešic, D.
    et al.
    Royal Institute of Technology, Stockholm, Sweden.
    Nyberg, M.
    Royal Institute of Technology, Brinellvägen 85, Stockholm, Sweden.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Modeling product-line legacy assets using multi-level theory2017In: ACM International Conference Proceeding Series, Association for Computing Machinery , 2017, p. 89-96Conference paper (Refereed)
    Abstract [en]

    The use of non-systematic reuse techniques in Systems Engineering (SE) leads to the creation of legacy products comprised of legacy assets like software, hardware, and mechanical parts coupled with associated traceability links to requirements, testing artifacts, architectural fragments etc. The sheer number of different legacy assets and different technologies used to engineer such legacy products makes reverse engineering of PLs in this context a daunting task. One of the prerequisites for reverse engineering of PLs is to create a family model that captures implementation aspects of all the legacy products. In this paper, we evaluate the applicability of a modeling paradigm called Multi-Level Modeling, which is based on the classinstance relation, for the creation of a family model that captures all the implementation concerns in an SE PL. More specifically, we evaluate an approach called Multi-Level conceptual Theory (MLT) for capturing different legacy assets, their mutual relations and related variability information. Moreover, we map PL concepts like variants, presence conditions and product configurations to MLT concepts and provide formal interpretation of their semantics in the MLT framework. The illustrative example used throughout the paper comes from a real case from the automotive domain.

  • 89.
    Nešić, D.
    et al.
    Royal Institute of Technology, Stockholm, Sweden.
    Nyberg, M.
    Royal Institute of Technology, Stockholm, Sweden.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Constructing product-line safety cases from contract-based specifications2019In: Proceedings of the ACM Symposium on Applied Computing, Association for Computing Machinery , 2019, p. 2022-2031Conference paper (Refereed)
    Abstract [en]

    Safety cases are used to argue that safety-critical systems satisfy the requirements that are determined to mitigate the potential hazards in the systems operating environment. Although typically a manual task, safety cases have been successfully created for systems without many configuration options. However, in highly configurable systems, typically developed as a Product Line (PL), arguing about each possible configuration, and ensuring the completeness of the safety case are still open research problems. This paper presents a novel and general approach, based on Contract-Based Specification (CBS), for the construction of a safety case for an arbitrary PL. Starting from a general CBS framework, we present a PL extensions that allows expressing configurable systems and preserves the properties of the original CBS framework. Then, we define the transformation from arbitrary PL models, created using extended CBS framework, to a safety case argumentation-structure, expressed using the Goal Structuring Notation. Finally, the approach is exemplified on a simplified, but real, and currently produced system by Scania CV AB.

  • 90.
    Ruiz, Alejandra
    et al.
    TECNALIA, ICT Div, Derio, Spain..
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Luis de la Vara, Jose
    Univ Carlos III Madrid, Madrid, Spain..
    Mazzini, Silvia
    INTECS, Pisa, Italy..
    Espinoza, Huascar
    TECNALIA, ICT Div, Derio, Spain..
    Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems2016In: COMPUTER SAFETY, RELIABILITY, AND SECURITY, SAFECOMP 2016, 2016, p. 311-321Conference paper (Refereed)
    Abstract [en]

    Unlike practices in electrical and mechanical equipment engineering, Cyber-Physical Systems (CPS) do not have a set of standardized and harmonized practices for assurance and certification that ensures safe, secure and reliable operation with typical software and hardware architectures. This paper presents a recent initiative called AMASS (Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems) to promote harmonization, reuse and automation of labour-intensive certification-oriented activities via using model-based approaches and incremental techniques. AMASS will develop an integrated and holistic approach, a supporting tool ecosystem and a self-sustainable community for assurance and certification of CPS. The approach will be driven by architectural decisions (fully compatible with standards, e.g. AUTOSAR and IMA), including multiple assurance concerns such as safety, security and reliability. AMASS will support seamless interoperability between assurance/certification and engineering activities along with third-party activities (external assessments, supplier assurance). The ultimate aim is to lower certification costs in face of rapidly changing product features and market needs.

  • 91.
    Ruiz Lopez, Alejandra
    et al.
    TECNALIA, Spain.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Luis de la Vara, Jose
    Universidad Carlos III de Madrid, Spain.
    Mazzini, Silvia
    Intecs SpA, Italy.
    Espinoza Ortiz, Huascar
    TECNALIA, Spain.
    AMASS: Architecture-driven, Multi-concern, Seamless, Reuse-Oriented Assurance and Certification of CPSs2016In: 5th International Workshop on Next Generation of System Assurance Approaches for Safety-Critical Systems SASSUR-2016, 2016Conference paper (Refereed)
  • 92.
    Sheikh Bahaei, Soheila
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Augmented Reality-extended Humans: Towards a Taxonomy of Failures – Focus on Visual Technologies2019In: Proceedings of the 29th European Safety and Reliability Conference, Hannover, Germany: Research Publishing Services , 2019, p. 207-214Conference paper (Refereed)
    Abstract [en]

    Augmented reality, e.g. immersive visual technologies, augment the human's capabilities. If not properly designed, such augmentation may contribute to the decrease of the human's awareness (e.g., due to distraction) and reaction time efficiency, leading to catastrophic consequences, when included within safety-critical socio-technical systems. Current state-of-the-art taxonomies and vocabularies on human failures do not consider the augmented realityextended humans. In this paper, first, we review, harmonize and systematically organize the existing human failure taxonomies and vocabularies. More specifically, we consider the existing taxonomies as a product line and propose a feature diagram (visual specification of product lines), which includes the human's functions and the potential failures of those functions, and where commonalities and variabilities represent the evolution over time. Then, to deal with immersive visual technologies, we make the diagram evolve by including additional features. Our feature diagram-given taxonomies of taxonomies may serve as the foundation for failure logic-based analysis of imagecentric socio-technical systems.

  • 93.
    Sheikh Bahaei, Soheila
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Laumann, Karin
    Norwegian University of Science and Technology, Trondheim, Norway.
    Rasmussen, Martin
    Effect of Augmented Reality on Faults Leading to Human Failures in Socio-technical SystemsIn: 4th International Conference on System Reliability and Safety ICSRS-2019Conference paper (Refereed)
    Abstract [en]

    With the ultimate purpose of assessing risk within augmented reality-equipped socio-technical systems, in our previous work, we systematically organized and extended state-ofthe- art taxonomies of human failures to include the failures related to the extended capabilities enabled by AR technologies. The result of our organization and extension was presented in form of a feature diagram. Current state-of-the-art taxonomies of faults leading to human failures do not consider augmented reality effects and the new types of faults leading to human failures. Thus, in this paper, we develop our previous work further and review state-of-the-art taxonomies of faults leading to human failures in order to: 1) organize them systematically, and 2) include the new faults, which might be due to AR. Coherently with what done previously, we use a feature diagram to represent the commonalities and variabilities of the different taxonomies and we introduce new features to represent the new AR-caused faults. Finally, an AR-equipped socio-technical system is presented and used to discuss about the usefulness of our taxonomy.

  • 94.
    Sljivo, Irfan
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Carlson, Jan
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Hansson, Hans
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Fostering Reuse within Safety-critical Component-based Systems through Fine-grained Contracts2013Conference paper (Refereed)
    Abstract [en]

    Our aim is to develop a notion of safety contracts and related reasoning that supports the reuse of software components in and across safety-critical systems, including support for certification related activities such as using the contract reasoning in safety argumentation. In this paper we introduce a formalism for specifying assumption/guarantee contracts for components developed out of context. We are utilising the concepts of weak and strong assumptions and guarantees to customise ne-grained contracts for addressing a broader component context and specification of properties for speci c alternative contexts. These out of context contracts can be conveniently instantiated to a speci c context, thereby providing support for component reuse.

  • 95.
    Sljivo, Irfan
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Building Multiple-Viewpoint Assurance Cases Using Assumption/Guarantee Contracts2016In: 1st International workshop on Interplay of Security, Safety and System/Software Architecture ISSA-2016, 2016, article id 39Conference paper (Refereed)
    Abstract [en]

    Assurance cases in form of structured arguments are often required by standards to show that a system is acceptable for its intended purpose with respect to a particular assurance viewpoint such as safety or security. The goal of such a case is to present an argument that connects the requirements of a particular viewpoint with the supporting evidence. Building a set of assurance cases for the different viewpoints can be time-consuming and costly. Means are needed to automate and reuse the assurance case artefacts between the assurance cases for the different viewpoints. In this paper we present how assumption/guarantee contracts can be used to facilitate reuse of assurance case artefacts by building multiple-viewpoint assurance cases from the contracts. More specifically, we build upon the previous work on argument-fragment generation from such contracts to allow for generating viewpoint specific argument-fragments. We illustrate the approach on a motivating case.

  • 96.
    Sljivo, Irfan
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Carlson, Jan
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Hansson, Hans
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Configuration-aware contracts2016In: Lecture Notes in Computer Science, vol. 9923, 2016, p. 43-54Conference paper (Refereed)
    Abstract [en]

    Assumption/guarantee contracts represent the basis for independent development of reusable components and their safety assurance within contract-based design. In the context of safety-critical systems, their use for reuse of safety assurance efforts has encountered some challenges: the need for evidence supporting the confidence in the contracts; and the challenge of context, where contracts need to impose different requirements on different systems. In this paper we propose the notion of configuration-aware contracts to address the challenge contract-based design faces with multiple contexts. Since reusable components are often developed with a set of configuration parameters that need to be configured in each context, we extend the notion of contract to distinguish between the configuration parameters and the other variables. Moreover, we define a multi-context reusable component based on the configuration-aware contracts. Finally, we demonstrate the usefulness of the multi-context components on a motivating case. 

  • 97.
    Sljivo, Irfan
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Carlson, Jan
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Hansson, Hans
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Generation of Safety Case Argument-Fragments from Safety Contracts2014In: Computer Safety, Reliability, and Security: Lecture Notes in Computer Science, Volume 8666, 2014, p. 170-185Conference paper (Refereed)
    Abstract [en]

    Certification of safety-critical systems is a costly and time-consuming activity. To reduce the cost of certification and time-to-market, composable safety certification envisions reuse of safety case argument-fragments together with safety-relevant components developed out-of-context. The argument-fragments could cover safety aspects relevant for different contexts in which the component can be used. Creating argument-fragments for such out-of-context components is also time-consuming and currently no satisfying approach exists to facilitate their automatic generation. In this work we propose (semi-)automatic generation of argument-fragments from assumption/guarantee safety contracts. We use the contracts to capture the safety claims related to the component, including supporting evidence. We provide an overview of the argument-fragment architecture and rules for automatic generation, including their application in an illustrative example. By automating generation of argument-fragments, we enable safety engineers to focus on increasing the confidence in the knowledge about the system, rather than documenting a safety case.

  • 98.
    Sljivo, Irfan
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Carlson, Jan
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Hansson, Hans
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Strong and Weak Contract Formalism for Third-Party Component Reuse2013In: 2013 IEEE International Symposium on Software Reliability Engineering Workshops, ISSREW 2013, 2013, p. 359-364Conference paper (Refereed)
    Abstract [en]

    Our aim is to contribute to bridging the gap between the justified need from industry to reuse third-party components and skepticism of the safety community in integrating and reusing components developed without real knowledge of the system context. We have developed a notion of safety contract that will help to capture safety-related information for supporting the reuse of software components in and across safety-critical systems. In this paper we present our extension of the contract formalism for specifying strong and weak assumption/guarantee contracts for out-of-context reusable components. We elaborate on notion of satisfaction, including refinement, dominance and composition check. To show the usage and the expressiveness of our extended formalism, we specify strong and weak safety contracts related to a wheel braking system.

  • 99.
    Sljivo, Irfan
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Carlson, Jan
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Hansson, Hans
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Using Safety Contracts to Guide the Integration of Reusable Safety Elements within ISO 262622015Report (Other academic)
    Abstract [en]

    Safety-critical systems usually need to be compliant with a domain-specific safety standard, which in turn requires an explained and well-founded body of evidence to show that the system is acceptably safe. To reduce the cost and time needed to achieve the standard compliance, reuse of safety elements is not sufficient without the reuse of the accompanying evidence. The difficulties with reuse of safety elements within safety-critical systems lie mainly in the nature of safety being a system property and the lack of support for systematic reuse of safety elements and their accompanying artefacts. While safety standards provide requirements and recommendations on what should be subject to reuse, guidelines on how to perform reuse are typically lacking. We have developed a concept of strong and weak safety contracts that can be used to facilitate systematic reuse of safety elements and their accompanying artefacts. In this report we define a safety contracts development process and provide guidelines to bridge the gap between reuse and integration of reusable safety elements in the ISO 26262 safety standard. We use a real-world case for demonstration of the process, in which a safety element is developed out-of-context and reused together with its accompanying safety artefacts within two products of a construction equipment product-line.

  • 100.
    Sljivo, Irfan
    et al.
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Gallina, Barbara
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Carlson, Jan
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Hansson, Hans
    Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.
    Using Safety Contracts to Guide the Integration of Reusable Safety Elements within ISO 262622015In: Proceedings - 2015 IEEE 21st Pacific Rim International Symposium on Dependable Computing, PRDC 2015, 2015, p. 129-138Conference paper (Refereed)
    Abstract [en]

    Safety-critical systems usually need to comply with a domain-specific safety standard. To reduce the cost and time needed to achieve the standard compliance, reuse of safety-relevant components is not sufficient without the reuse of the accompanying artefacts. Developing reusable safety components out-of-context of a particular system is challenging, as safety is a system property, hence support is needed to capture and validate the context assumptions before integration of the reusable component and its artefacts in-context of the particular system. We have previously developed a concept of strong and weak safety contracts to facilitate systematic reuse of safety-relevant components and their accompanying artefacts. In this work we define a safety contracts development process and provide guidelines to bridge the gap between reuse of safety elements developed out-of-context of a particular system and their integration in the ISO 26262 safety standard. We use a real-world case for demonstration of the process.

123 51 - 100 of 107
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf