Tool-Supported Safety-Relevant Component Reuse: From Specification to Argumentation
Contracts are envisaged to support compositional verification of a system as well as reuse and independent development of their implementations. But reuse of safety-relevant components in safety-critical systems needs to cover more than just the implementations. As many safety-relevant artefacts related to the component as possible should be reused together with the implementation to assist the integrator in assuring that the system they are developing is acceptably safe. Furthermore, the reused assurance information related to the contracts should be structured clearly to communicate the confidence in the component. In this work we present a tool-supported methodology for contract-driven assurance and reuse. We define the variability on the contract level in the scope of a trace-based approach to contract-based design. With awareness of the hierarchical nature of systems subject to compositional verification, we propose assurance patterns for arguing confidence in satisfaction of requirements and contracts. We present an implementation extending the AMASS platform to support automated instantiation of the proposed patterns, and evaluate its adequacy for assurance and reuse in a real-world case study.
This work is supported by the EU and VINNOVA via the ECSEL Joint Undertaking projects AMASS (No 692474) and SafeCop (No 692529), as well as the Swedish Foundation for Strategic Research (SSF) via the FiC project.
- 1.Varnell-Sarjeant, J., Andrews, A.A., Stefik, A.: Comparing reuse strategies: an empirical evaluation of developer views. In: 8th International Workshop on Quality Oriented Reuse of Software, pp. 498–503. IEEE (2014)Google Scholar
- 3.International Organization for Standardization (ISO). ISO 26262: Road vehicles – Functional safety. ISO (2011)Google Scholar
- 4.Sljivo, I., Gallina, B., Carlson, J., Hansson, H., Puri, S.: A method to generate reusable safety case argument-fragments from compositional safety analysis. J. Syst. Softw. Spec. Issue Softw. Reuse 131, 570–590 (2016)Google Scholar
- 5.Benveniste, A., Caillaud, B., Nickovic, D., Passerone, R., Raclet, J.-B., Reinkemeier, P., Sangiovanni-Vincentelli, A., Damm, W., Henzinger, T., Larsen, K.G.: Contracts for system design. Research report RR-8147, Inria, November 2012Google Scholar
- 6.Sljivo, I., Gallina, B., Carlson, J., Hansson, H.: Strong and weak contract formalism for third-party component reuse. In: 3rd International Workshop on Software Certification, pp. 359–364. IEEE, November 2013Google Scholar
- 7.Cimatti, A., Tonetta, S.: Contracts-refinement proof system for component-based embedded systems. Sci. Comput. Program. 97(3), 333–348 (2014)Google Scholar
- 10.Nair, S., Walkinshaw, N., Kelly, T., de la Vara, J.L.: An evidential reasoning approach for assessing confidence in safety evidence. In: 26th International Symposium on Software Reliability Engineering, pp. 541–552. IEEE (2015)Google Scholar
- 11.Denney, E., Pai, G.: Tool support for assurance case development. Autom. Softw. Eng., 1–65 (2017)Google Scholar
- 12.Goal Structuring Notation Working Group. GSN Community Standard V1.0. Origin Consulting (York) Limited (2011)Google Scholar
- 13.Object Management Group. SACM: Structured Assurance Case Metamodel. Technical report, V1.0 (2013). http://www.omg.org/spec/SACM
- 14.Sljivo, I., Gallina, B., Carlson, J., Hansson, H.: Generation of safety case argument-fragments from safety contracts. In: Bondavalli, A., Di Giandomenico, F. (eds.) SAFECOMP 2014. LNCS, vol. 8666, pp. 170–185. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10506-2_12CrossRefGoogle Scholar
- 15.Object Management Group. MOFM2T: MOF Model to Text Transformation Language. Technical report, V1.0 (2008). http://www.omg.org/spec/MOFM2T
- 16.Filipovikj, P., Nyberg, M., Rodriguez-Navas, G.: Reassessing the pattern-based approach for formalizing requirements in the automotive domain. In: 22nd International Requirements Engineering Conference. IEEE, August 2014Google Scholar