Soporte automático para la generación de perfiles UML asociados a la definición modelos de safety

Tesis (Ingeniero Civil Informático)En el desarrollo de software críticos para la seguridad, se consideró como alternativa para documentar o diseñar las pruebas de seguridad en base al desarrollo dirigido por modelo (MDE), ya que es una herramienta utilizada en varios ámbitos de la ingeniería y tiene argumentos sólidos que permite definir con mayor solidez modelos de dominio. En este ámbito se utilizan metamodelos para definir el diseño de la aplicación, perfiles UML para diseñar los conceptos específicos que no son considerados por el lenguaje unificado de modelado (UML), permitiendo definir de manera íntegra la aplicación o dominio que se desea certificar. Sumado al diseño de la aplicación se debe considerar el o los estándares internacionales presentes, garantizando las propiedades necesarias de la aplicación, reduciendo el riesgo para los usuarios. La totalidad de la definición de la aplicación en la actualidad se genera de forma manual, lo que requiere un gran esfuerzo y de varios especialistas conectados (ingenieros, especialistas del estándar, entre otros). Con el presente trabajo se pretende reducir ese esfuerzo automatizando la generación de perfiles de acuerdo al estándar IEC 61508. Sin embargo, se puede interpolar a cualquier estándar ya que son derivados del estándar mencionado

Model-based specification of safety compliance needs for critical systems : A holistic generic metamodel

Abstract Context: Many critical systems must comply with safety standards as a way of providing assurance that they do not pose undue risks to people, property, or the environment. Safety compliance is a very demanding activity, as the standards can consist of hundreds of pages and practitioners typically have to show the fulfilment of thousands of safety-related criteria. Furthermore, the text of the standards can be ambiguous, inconsistent, and hard to understand, making it difficult to determine how to effectively structure and manage safety compliance information. These issues become even more challenging when a system is intended to be reused in another application domain with different applicable standards. Objective: This paper aims to resolve these issues by providing a metamodel for the specification of safety compliance needs for critical systems. Method: The metamodel is holistic and generic, and abstracts common concepts for demonstrating safety compliance from different standards and application domains. Its application results in the specification of “reference assurance frameworks” for safety-critical systems, which correspond to a model of the safety criteria of a given standard. For validating the metamodel with safety standards, parts of several standards have been modelled by both academic and industry personnel, and other standards have been analysed. We further augment this with feedback from practitioners, including feedback during a workshop. Results: The results from the validation show that the metamodel can be used to specify safety compliance needs for aerospace, automotive, avionics, defence, healthcare, machinery, maritime, oil and gas, process industry, railway, and robotics. Practitioners consider that the metamodel can meet their needs and find benefits in its use. Conclusion: The metamodel supports the specification of safety compliance needs for most critical computer-based and software-intensive systems. The resulting models can provide an effective means of structuring and managing safety compliance information