GSN Support of Mixed-Criticality Systems Certification

  • Carlos-F. NicolasEmail author
  • Fernando Eizaguirre
  • Asier Larrucea
  • Simon Barner
  • Franck Chauvel
  • Goiuria Sagardui
  • Jon Perez
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10489)


Safety-critical applications could benefit from the standardisation, cost reduction and cross-domain suitability of current heterogeneous computing platforms. They are of particular interest for Mixed-Criticality Product Lines (MCPL) where safety- and non-safety functions can be deployed on a single embedded device using suitable isolation artefacts and development processes. The development of MCPLs can be facilitated by providing a reference architecture, a model-based design, analysis tools and Modular Safety Cases (MSC) to support the safety claims.

In this paper, we present a method based on the MSCs to ease the certification of MCPLs. This approach consists of a semi-automated composition of layered argument fragments that trace the safety requirements argumentation to the supporting evidences. The core of the method presented in this paper is an argument database that is represented using the Goal Structuring Notation language (GSN). The defined method enables the concurrent generation of the arguments and the compilation of evidences, as well as the automated composition of safety cases for the variants of products. In addition, this paper exposes an industrial-grade case study consisting of a safety wind turbine system where the presented methodology is exemplified.


Goal Structuring Notation (GSN) Model-based development Safety-critical systems Product lines Variability 



This work was funded by the European Union’s 7th Framework Programme under grant agreement No. 610640. Any opinions, findings and conclusions expressed in this article are those of the authors and do not necessarily reflect the views of funding agencies.


  1. 1.
    AMASS (Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems).
  2. 2.
  3. 3.
    OPENCOSS Open Platform for EvolutioNary Certification of Safety-critical Systems (2016).
  4. 4.
    Aravantinos, V., Voss, S., Teufl, S., Hölzl, F., Schätz, B.: AutoFOCUS 3: tooling concepts for seamless, model-based development of embedded systems. In: Proceedings of the 8th International Workshop Model-Based Architecting of Cyber-Physical and Embedded Systems (ACES-MB), pp. 19–26 (2015)Google Scholar
  5. 5.
  6. 6.
    Barner, S., Diewald, A., Eizaguirre, F., Vasilevskiy, A., Chauvel, F.: Building product-lines of mixed-criticality systems. In: Proceedings of the Forum on Specification and Design Languages (FDL 2016). IEEE, Bremen, September 2016Google Scholar
  7. 7.
    CENELEC: PD CLC/TR 50506–2: 2009 Railway applications. Communication, signalling and processing systems. Application guide for EN 50129. Part 2: Safety assurance, CENELEC (2009)Google Scholar
  8. 8.
    DREAMS: DREAMS - Distributed real-time architecture for mixed-criticality systems (2013).
  9. 9.
    DREAMS: DREAMS 5.5.3 - Distributed real-time architecture for mixed-criticality systems - Methods for certifying mixed-criticality (2016)Google Scholar
  10. 10.
    DREAMS: DREAMS 5.6.1 - Distributed real-time architecture for mixed-criticality systems - Functional Safety Management (2017)Google Scholar
  11. 11.
  12. 12.
    Fan Jiang, Y.Y., Kuo, J., Ma, S.P.: An embedded software modeling and process by using aspect-oritented approach. J. Softw. Eng. Appl. 4(2), 16 (2011). doi: 10.4236/jsea.2011.42012 Google Scholar
  13. 13.
    Hutchesson, S., McDermid, J.: Trusted product lines. Inf. Softw. Technol. 55(3), 525–540 (2013). doi: 10.1016/j.infsof.2012.06.005 CrossRefGoogle Scholar
  14. 14.
    ISO/IEC: ISO/IEC 17000 Conformity assessment - Vocabulary and general principles, June 2004Google Scholar
  15. 15.
    Kelly, T.: Arguing safety - a systematic approach to managing safety cases. Ph.D. thesis (1998).
  16. 16.
    Kelly, T.: Concepts and principles of compositional safety case construction, May 2001Google Scholar
  17. 17.
    Kelly, T.: Modular certification: acknowledgements to the industrial avionic working group (IAWG) (2007)Google Scholar
  18. 18.
    Larrucea, A., Perez, J., Agirre, I., Brocal, V., Obermaisser, R.: A modular safety case for an IEC 61508 compliant generic hypervisor, August 2015. doi: 10.1109/DSD.2015.27
  19. 19.
    Larrucea, A., Perez, J., Obermaisser, R.: A modular safety case for an IEC 61508-compliant COTS multi-core device. In: Proceedings of the DASC 2015 Conference, October 2015. doi: 10.1109/DSD.2016.66
  20. 20.
    Obermaisser, R., Weber, D.: Architectures for mixed-criticality systems based on networked multi-core chips. In: Proceedings of the 2014 IEEE Emerging Technology and Factory Automation (ETFA). pp. 1–10, September 2014Google Scholar
  21. 21.
    de Oliveira, A.L., Braga, R.T.V., Masiero, P.C., Papadopoulos, Y., Habli, I.: A model-based approach to support the automatic safety analysis of multiple product line products. In: Proceedings of the SBESC 2014. IEEE (2014). doi: 10.1109/SBESC.2014.20
  22. 22.
    Perez, J., Gonzalez, D., Trujillo, S., Trapman, T.: A safety concept for an IEC-61508 compliant fail-safe wind power mixed-criticality system based on multicore and partitioning. In: de la Puente, J.A., Vardanega, T. (eds.) Ada-Europe 2015. LNCS, vol. 9111, pp. 3–17. Springer, Cham (2015). doi: 10.1007/978-3-319-19584-1_1 CrossRefGoogle Scholar
  23. 23.
    Prochnow, D., Hilton, L., Zabek, A., Willoughby, M., Harrison, C.: Systems of systems and product line best practices from the DoD modeling and simulation industry, Septemeber 2014.
  24. 24.
    Sangiovanni-Vincentelli, A., Martin, G.: Platform-based design and software design methodology for embedded systems. IEEE Des. Test Comput. 18(6), 10 (2001). doi: 10.1109/54.970421 CrossRefGoogle Scholar
  25. 25.
    Sangiovanni-Vincentelli, A., Carloni, L., Bernardinis, F.D., Sgroi, M.: Benefits and challenges for platform-based design. In: Proceedings of the 41st Annual Conference on Design Automation - DAC 2004, p. 5. ACM (2004). doi: 10.1145/996566.996684
  26. 26.
    Toulmin, S.E.: The Use of Argument, No. 241. Cambridge University Press, Cambridge (1958)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Carlos-F. Nicolas
    • 1
    Email author
  • Fernando Eizaguirre
    • 1
  • Asier Larrucea
    • 1
  • Simon Barner
    • 2
  • Franck Chauvel
    • 3
  • Goiuria Sagardui
    • 4
  • Jon Perez
    • 1
  1. 1.IK4-IkerlanMondragonSpain
  2. 2.FortissMunichGermany
  3. 3.SINTEF ICTOsloNorway
  4. 4.Mondragon Goi EskolaMondragonSpain

Personalised recommendations