A Method to Generate Reusable Safety Case Fragments from Compositional Safety Analysis

  • Irfan Sljivo
  • Barbara Gallina
  • Jan Carlson
  • Hans Hansson
  • Stefano Puri
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8919)


Safety-critical systems usually need to be accompanied by an explained and well-founded body of evidence to show that the system is acceptably safe. While reuse within such systems covers mainly code, reusing accompanying safety artefacts is limited due to a wide range of context dependencies that need to be satisfied for safety evidence to be valid in a different context. Currently the most commonly used approaches that facilitate reuse lack support for reuse of safety artefacts.

To facilitate reuse of safety artefacts we provide a method to generate reusable safety case argument-fragments that include supporting evidence related to safety analysis. The generation is performed from safety contracts that capture safety-relevant behaviour of components within assumption/guarantee pairs backed up by the supporting evidence. We illustrate our approach by applying it to an airplane wheel braking system example.


Component- and contract-based architectures Composi- tional safety analysis and argumentation Safety argumentation reuse 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    AC 20-148: Reusable Software Components. FAA (2004)Google Scholar
  2. 2.
    ARP4761: Guidelines and Methods for Conducting the Safety Assessment Process on Civil Airborne Systems and Equipment. Society of Automotive Engineers (1996)Google Scholar
  3. 3.
    Basir, N., Denney, E., Fischer, B.: Building heterogeneous safety cases for automatically generated code. In: Infotech@ Aerospace Conference. AIAA (2011)Google Scholar
  4. 4.
    Bloomfield, R., Cazin, J., Craigen, D., Juristo, N., Kesseler, E., et al.: Validation, Verification and Certification of Embedded Systems. Tech. rep., NATO (2005)Google Scholar
  5. 5.
    Chen, D., Johansson, R., Lönn, H., Papadopoulos, Y., Sandberg, A., Törner, F., Törngren, M.: Modelling support for design of safety-critical automotive embedded systems. In: Harrison, M.D., Sujan, M.-A. (eds.) SAFECOMP 2008. LNCS, vol. 5219, pp. 72–85. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  6. 6.
  7. 7.
    Gallina, B., Javed, M.A., Muram, F.U., Punnekkat, S.: Model-driven Dependability Analysis Method for Component-based Architectures. In: Euromicro-SEAA Conference. IEEE Computer Society Press (2012)Google Scholar
  8. 8.
    Gallina, B., Kashiyarandi, S., Zugsbratl, K., Geven, A.: Enabling cross-domain reuse of tool qualification certification artefacts. In: Bondavalli, A., Ceccarelli, A., Ortmeier, F. (eds.) SAFECOMP 2014 Workshop. LNCS, vol. 8696, pp. 255–266. Springer, Heidelberg (2014)Google Scholar
  9. 9.
    Gallina, B., Punnekkat, S.: FI4FA: A Formalism for Incompletion, Inconsistency, Interference and Impermanence Failures Analysis. In: International Workshop on Distributed Architecture Modeling for Novel Component Based Embedded Systems. IEEE Computer Society (2011)Google Scholar
  10. 10.
    GSN Community Standard Version 1. Origin Consulting (York) Limited (2011)Google Scholar
  11. 11.
    Hawkins, R., Habli, I., Kelly, T., McDermid, J.: Assurance cases and prescriptive software safety certification: A comparative study. Safety Science 59, 55–71 (2013)CrossRefGoogle Scholar
  12. 12.
    ISO 26262:2011: Road vehicles — Functional safety. International Organization for Standardization (2011)Google Scholar
  13. 13.
    Kelly, T.P.: Arguing Safety — A Systematic Approach to Managing Safety Cases. Ph.D. thesis, University of York, York, UK (1998)Google Scholar
  14. 14.
    Sljivo, I., Gallina, B., Carlson, J., Hansson, H.: Generation of Safety Case Argument-Fragments from Safety Contracts. In: Bondavalli, A., Di Giandomenico, F. (eds.) SAFECOMP 2014. LNCS, vol. 8666, pp. 170–185. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  15. 15.
    Sljivo, I., Gallina, B., Carlson, J., Hansson, H.: Strong and weak contract formalism for third-party component reuse. In: International Workshop on Software Certification. IEEE Computer Society (2013)Google Scholar
  16. 16.
    Varnell-Sarjeant, J., Andrews, A.A., Stefik, A.: Comparing Reuse Strategies: An Empirical Evaluation of Developer Views. In: International Workshop on Quality Oriented Reuse of Software. IEEE Computer Society (2014)Google Scholar
  17. 17.
    Wallace, M.: Modular architectural representation and analysis of fault propagation and transformation. In: International Workshop on Formal Foundations of Embedded Software and Component-Based Software Architectures. Elsevier (2005)Google Scholar
  18. 18.
    Weaver, R., McDermid, J., Kelly, T.: Absence of Late Hazardous Failure Mode,
  19. 19.
    Wu, W.: Architectural Reasoning for Safety — Critical Software Applications. Ph.D. thesis, University of York, York, UK (2007)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Irfan Sljivo
    • 1
  • Barbara Gallina
    • 1
  • Jan Carlson
    • 1
  • Hans Hansson
    • 1
  • Stefano Puri
    • 2
  1. 1.Mälardalen Real-Time Research CentreMälardalen UniversityVästeråsSweden
  2. 2.Intecs, SpAPisaItaly

Personalised recommendations