Safety Engineering with COTS components

Safety-critical systems are becoming more widespread, complex and reliant on software. Increasingly they are engineered through Commercial Off The Shelf (COTS) (Commercial Off The Shelf) components to alleviate the spiralling costs and development time, often in the context of complex supply chains. A parallel increased concern for safety has resulted in a variety of safety standards, with a growing consensus that a safety life cycle is needed which is fully integrated with the design and development life cycle, to ensure that safety has appropriate influence on the design decisions as system development progresses. In this article we explore the application of an integrated approach to safety engineering in which assurance drives the engineering process. The paper re- ports on the outcome of a case study on a live industrial project with a view to evaluate: its suitability for application in a real-world safety engineering setting; its benefits and limitations in counteracting some of the difficulties of safety en- gineering with COTS components across supply chains; and, its effectiveness in generating evidence which can contribute directly to the construction of safety cases

Reliability Analysis of Complex NASA Systems with Model-Based Engineering

The emergence of model-based engineering, with Model- Based Systems Engineering (MBSE) leading the way, is transforming design and analysis methodologies. The recognized benefits to systems development include moving from document-centric information systems and document-centric project communication to a model-centric environment in which control of design changes in the life cycles is facilitated. In addition, a single source of truth about the system, that is up-to-date in all respects of the design, becomes the authoritative source of data and information about the system. This promotes consistency and efficiency in regard to integration of the system elements as the design emerges and thereby may further optimize the design. Therefore Reliability Engineers (REs) supporting NASA missions must be integrated into model-based engineering to ensure the outputs of their analyses are relevant and value-needed to the design, development, and operational processes for failure risks assessment and communication

Measuring Confidence of Assurance Cases in Safety-Critical Domains

Evaluation of assurance cases typically requires certifiers’ domain knowledge and experience, and, as such, most software certification has been conducted manually. Given the advancement in uncertainty theories and software traceability, we envision that these technologies can synergistically be combined and leveraged to offer some degree of automation to improve the certifiers’ capability to perform software certification. To this end, we present DS4AC, a novel confidence calculation framework that 1) applies the Dempster-Shafer theory to calculate the confidence between a parent claim and its children claims; and 2) uses the vector space model to evaluate the confidence for the evidence items using traceability information. We illustrate our approach on two different applications, where safety is the key property of interest for both systems. In both cases, we use the Goal Structuring Notation to represent the respective assurance cases and provide proof of concept results that demonstrate the DS4AC framework can automate portions of the evaluation of assurance cases, thereby reducing the burden of manual certification process

Combined automotive safety and security pattern engineering approach

Automotive systems will exhibit increased levels of automation as well as ever tighter integration with other vehicles, traffic infrastructure, and cloud services. From safety perspective, this can be perceived as boon or bane - it greatly increases complexity and uncertainty, but at the same time opens up new opportunities for realizing innovative safety functions. Moreover, cybersecurity becomes important as additional concern because attacks are now much more likely and severe. However, there is a lack of experience with security concerns in context of safety engineering in general and in automotive safety departments in particular. To address this problem, we propose a systematic pattern-based approach that interlinks safety and security patterns and provides guidance with respect to selection and combination of both types of patterns in context of system engineering. A combined safety and security pattern engineering workflow is proposed to provide systematic guidance to support non-expert engineers based on best practices. The application of the approach is shown and demonstrated by an automotive case study and different use case scenarios.EC/H2020/692474/EU/Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems/AMASSEC/H2020/737422/EU/Secure COnnected Trustable Things/SCOTTEC/H2020/732242/EU/Dependability Engineering Innovation for CPS - DEIS/DEISBMBF, 01IS16043, Collaborative Embedded Systems (CrESt

Expressing best practices in (risk) analysis and testing of safety-critical systems using patterns

The continuing pervasion of our society with safety-critical cyber-physical systems not only demands for adequate (risk) analysis, testing and verification techniques, it also generates growing experience on their use, which can be considered as important as the tools themselves for their efficient use. This paper introduces workflow patterns to describe such best practices in a systematic way that efficiently represents this knowledge, and also provides a way to relate different patterns, making them easier to identify and use, and cover as wide a range of experiences as possible. The value of the approach is demonstrated using some pattern examples from a collection developed in the Artemis-project MBAT. Finally, the paper presents a wiki-based approach for developing and maintaining the pattern collection