Advertisement

Towards Systematic Compliance Evaluation Using Safety-Oriented Process Lines and Evidence Mapping

  • Timo Varkoi
  • Timo Mäkinen
  • Barbara Gallina
  • Frank Cameron
  • Risto Nevalainen
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 748)

Abstract

The role of software is growing in safety related systems. This underlines the need for software process assessment in many safety-critical domains. For example, the nuclear power industry has strict safety requirements for control systems and many methods are applied to evaluate compliance to domain specific standards and requirements. This paper discusses the needs of the nuclear domain and presents alternatives to develop a process assessment method that takes into account domain specific requirements. The aim is to provide an approach that facilitates the use of assessment findings in evaluating compliance with the domain requirements and supports other assurance needs. Safety-oriented Process Line Engineering (SoPLE) is studied as a method for mapping assessment criteria to domain specific requirements. A binary distance metric is used to evaluate, how far a process mapping based method would solve problems found in compliance evaluation. Based on the results, SoPLE is applicable in this case, but process mapping is not adequate to facilitate compliance evaluation.

Keywords

Safety Systems engineering Process assessment Process lines 

Notes

Acknowledgements

This work has been jointly funded by the Finnish national nuclear safety program SAFIR2018 (http://safir2018.vtt.fi/) and Finnish Software Measurement Association, FiSMA (www.fisma.fi), and the EU and VINNOVA via the ECSEL JU project AMASS (No. 692474) (http://www.amass-ecsel.eu).

References

  1. 1.
    Varkoi, T., Nevalainen, R., Mäkinen, T.: Toward Nuclear SPICE – integrating IEC 61508, IEC 60880 and SPICE. J. Softw. Evol. Process 26, 357–365 (2013). WileyCrossRefGoogle Scholar
  2. 2.
    ISO/IEC 33001: Information technology – Process assessment – Concepts and terminology (2015)Google Scholar
  3. 3.
    ISO/IEC 33020: Information technology – Process assessment – Process measurement framework for assessment of process capability (2015)Google Scholar
  4. 4.
    ISO/IEC/IEEE 15288: Systems and software engineering—System life cycle processes (2015)Google Scholar
  5. 5.
    Varkoi, T., Nevalainen, R., Mäkinen, T.: Process assessment in a safety domain - assessment method and results as evidence in an assurance case. In: Proceedings of QUATIC 2016, Lisbon, Portugal, pp. 52–58. IEEE Computer Society, 6–9 September 2016Google Scholar
  6. 6.
    IEC 60880:2006 Nuclear power plants – Instrumentation and control systems important to safety – Software aspects for computer-based systems performing category A functions (2006)Google Scholar
  7. 7.
    IEC 62138:2004 Nuclear power plants – I&C Systems Important to Safety – Software aspects for computer-based systems performing category B or C functions (2004)Google Scholar
  8. 8.
    STUK: YVL B.1, Safety design of a nuclear power plant. Finnish Radiation and Nuclear Safety Authority (2013a)Google Scholar
  9. 9.
    STUK: YVL E.7, Electrical and I&C equipment of a nuclear facility. Finnish Radiation and Nuclear Safety Authority (2013b)Google Scholar
  10. 10.
    Gallina, B., Sljivo, I., Jaradat, O.: Towards a safety-oriented process line for enabling reuse in safety critical systems development and certification. In: Post-proceedings of the 35th IEEE Software Engineering Workshop (SEW-35), Heraclion, Crete, Greece. IEEE Computer Society (2012). ISBN:978-1-4673-5574-2Google Scholar
  11. 11.
    Gallina, B., Kashiyarandi, S., Martin, H., Bramberger, R.: Modeling a safety-and automotive-oriented process line to enable reuse and flexible process derivation. In: Proceedings of the 8th IEEE International Workshop on Quality-Oriented Reuse of Software (QUORS), Västerås, Sweden. IEEE Computer Society (2014)Google Scholar
  12. 12.
    Gallina, B., Kashiyarandi, S., Zugsbratl, K., Geven, A.: Enabling cross-domain reuse of tool qualification certification artefacts. In: Bondavalli, A., Ceccarelli, A., Ortmeier, F. (eds.) SAFECOMP 2014. LNCS, vol. 8696, pp. 255–266. Springer, Cham (2014). doi: 10.1007/978-3-319-10557-4_28 Google Scholar
  13. 13.
    Choi, S.-S., Cha, S.-H., Tappert, C.C.: A survey of binary similarity and distance measures. Systemics Cybern. Inform. 8(1), 43–48 (2010)Google Scholar
  14. 14.
    Bender, M., Maibaum, T., Lawford, M., Wassyng, A.: Positioning verification in the context of software/system certification. In: Proceedings of the 11th International Workshop on Automated Verification of Critical Systems (AVoCS 2011), Electronic Communications of the EASST, vol. 46 (2011)Google Scholar
  15. 15.
    Knight, J.C., Rowanhill, J.: The indispensable role of rationale in safety standards. In: Skavhaug, A., Guiochet, J., Bitsch, F. (eds.) SAFECOMP 2016. LNCS, vol. 9922, pp. 39–50. Springer, Cham (2016). doi: 10.1007/978-3-319-45477-1_4 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Timo Varkoi
    • 1
  • Timo Mäkinen
    • 2
  • Barbara Gallina
    • 3
  • Frank Cameron
    • 2
  • Risto Nevalainen
    • 1
  1. 1.Finnish Software Measurement Association – FiSMA ryEspooFinland
  2. 2.Pori DepartmentTampere University of TechnologyPoriFinland
  3. 3.Mälardalen UniversityVästeråsSweden

Personalised recommendations