Deriving Safety Cases for the Formal Safety Certification of Automatically Generated Code

We present an approach to systematically derive safety cases for automatically generated code from information collected during a formal, Hoare-style safety certification of the code. This safety case makes explicit the formal and informal reasoning principles, and reveals the top-level assumptions and external dependencies that must be taken into account; however, the evidence still comes from the formal safety proofs. It uses a generic goal-based argument that is instantiated with respect to the certified safety property (i.e., safety claims) and the program. This will be combined with a complementary safety case that argues the safety of the framework itself, in particular the correctness of the Hoare rules with respect to the safety property and the trustworthiness of the certification system and its individual components

Deriving safety cases for hierarchical structure in model-based development

Model-based development and automated code generation are increasingly used for actual production code, in particular in mathematical and engineering domains. However, since code generators are typically not qualified, there is no guarantee that their output satisfies the system requirements, or is even safe. Here we present an approach to systematically derive safety cases that argue along the hierarchical structure in model-based development. The safety cases are constructed mechanically using a formal analysis, based on automated theorem proving, of the automatically generated code. The analysis recovers the model structure and component hierarchy from the code, providing independent assurance of both code and model. It identifies how the given system safety requirements are broken down into component requirements, and where they are ultimately established, thus establishing a hierarchy of requirements that is aligned with the hierarchical model structure. The derived safety cases reflect the results of the analysis, and provide a high-level argument that traces the requirements on the model via the inferred model structure to the code. We illustrate our approach on flight code generated from hierarchical Simulink models by Real-Time Worksho

Evaluation of Malaysian Universities Websites based on Quality in Use Evaluation Model

Quality-in-Use (QinU) is one of the important quality factors in measuring website quality. Most existing studies on measuring website quality only focuses on evaluating quality from the user point of view but not on the similarities and the differences between the users and decision-makers perspective. Different stakeholders have different preference in term of quality aspects that are important. Therefore, the objective of this study is to analyse the quality aspects of the websites from different stakeholders’ perspectives and rank the websites based on the results. In this study, we develop a Quality-in-Use Evaluation Model (QinUEM) to identify the quality aspects' priorities. Two quantitative approaches were used for this purpose. The first was a Multi Criteria Decision Making (MCDM) approach using the Fuzzy Analytic Hierarchy Process (FAHP) method to determine the priority and the weight of each quality aspect from the users’ viewpoint. Then the statistical analysis was used to determine the priority of the same quality aspect from the developers’ perspective. To evaluate the model, we conducted a survey. The respondents of the survey were the students (users) and developers (decision-makers) from six Malaysian universities with 486 numbers of questionnaires been distributed. Based on the results, it shows users (students) prefer Functional Quality rather than Content and Appearance Qualities while the decision makers (developers) favour on Content rather than Appearance and Functional Qualities. These results shows different viewpoint and priority in quality aspects needed for users and decision-makers. Based on the results we then used the QinUEM to rank the universities websites according to the defined QinU

Deriving Safety Cases from Machine-Generated Proofs

Proofs provide detailed justification for the validity of claims and are widely used in formal software development methods. However, they are often complex and difficult to understand, because they use machine-oriented formalisms; they may also be based on assumptions that are not justified. This causes concerns about the trustworthiness of using formal proofs as arguments in safety-critical applications. Here, we present an approach to develop safety cases that correspond to formal proofs found by automated theorem provers and reveal the underlying argumentation structure and top-level assumptions. We concentrate on natural deduction proofs and show how to construct the safety cases by covering the proof tree with corresponding safety case fragments

Synonymous non-taxonomic relations extraction

Construction of ontology is a difficult task, expensive and time-consuming. Concept, taxonomy and non-taxonomic relations, are the three important components in the development of ontology. These three components are used to represent the whole domain texts. Currently, most of studies focused on extracting the concept, the taxonomic relationships and the non-taxonomic relationships within the scope of single sentence. In order to enrich the domain ontology, we introduced a method to extract the non-taxonomic relations by using the similarities of relations that exist in more than one sentence. The most appropriate predicate are used as a reference to relate between concepts that occur not only in the same sentence, but also in different sentences. Here, the proposed method was tested using a collection of domain texts that described electronic voting machine and are evaluated based on the standard information retrieval performance metrics, i.e. precision and recall

Preliminary survey of educational simulations towards educational context

In accordance with the rapid technological emergence, new educational methods have been implemented such as simulations, educational games (serious game), virtual reality, intelligent tutoring systems, flipped and blended learning, telepresence, cloud computing and so forth. These new era of learning tools are most beneficial to educational process especially in teaching and learning process, class management, teaching practice, personal and specific skills development, administration and others. Educational simulations are one of the most debatable, yet still have brought major impacts towards educational field.The main objective is to study on the implementation of mostly applied educational simulations specifically in higher education and teaching practice.The considerations are on the characteristics, strengths and drawbacks along with special features of each. Findings indicate that educational simulations are worth to be integrated; leading to positive effect on motivation, ease understanding, decrease digital gap, as well as enhance communication, collaboration, practical and professional skills development. Future recommendations highlight on a more complicated real life scenarios, more additional intelligent avatars, import additional features, expand the graphical user interface, create a database for future references of user’s actions and automatic update to increase the level of difficulty

Quantitative metric for ranking web accessibility barriers based on their severity

Web accessibility aims at providing disabled users with a barrier free user experience so they can use and contribute to the Web more effectively. However, not all websites comply with WCAG 2.0 which results in Web accessibility barriers in websites. Thus, assistive technologies such as screen readers would not be able to interpret the presented contents on the monitor due to these barriers and this will contribute to making websites inaccessible to disabled users.This paper proposed an innovative metric that assigns measurable weight to each identified barrier based on its severity and impacts on the accessibility level, and then ranks the barriers accordingly. Following, Web developers can fix the highly ranked severe barriers instead of wasting time in studying and fixing less severe types of barriers that may rarely occur.An experiment was conducted to check the metric validity.We found the metric was valid and thereby we suggested the usage of the metric as a valid scientific measurement

TACIT REQUIREMENTS ELICITATION FRAMEWORK

ABSTRACT Requirements engineering (RE) is an integral and fundamental part of software development life cycle (SDLC). The most cited reason for software failure is the inability to fully capture and implement the exact user requirements in a timely, operationally and financially expected manner. Requirements can be categorized into two types; explicit and tacit. Explicit requirements usually expressed clearly and well-identified requirements in which the system must perform. In contrast, tacit requirements are considered as hidden or embedded requirements that incapability of getting such may caused a software failure. The importance of tacit requirements in requirements engineering (RE) has been acknowledged widely as characteristics for developing projects in software engineering (SE). Therefore, the aim of this paper is to construct a framework for tacit requirement elicitation process. The framework is design based on the integration of the tacit knowledge elicitation process of Nonaka and Takeuchi model with the tacit requirements elicitation process

Safety cases for the formal verification of automatically generated code

Model-based development and automated code generation are increasingly used for actual production code, in particular in mathematical and engineering domains. However, since code generators are typically not qualified, there is no guarantee that their output is correct or even safe. Formal methods which are based on mathematically-based techniques have been proposed as a means to improve software quality by providing formal safety proofs as explicit evidence for the assurance claims. However, the proofs are often complex and may also be based on assumptions and reasoning principles that are not justified. This causes concerns about the trustworthiness of the proofs and hence the assurance claims on the safety of the program. This thesis presents an approach to systematically and automatically construct comprehensive safety cases using the Goal Structuring Notation from a formal analysis of automatically generated code, based on automated theorem proving, and driven by a set of safety requirements and properties. We also present an approach to systematically derive safety cases that argue along the hierarchical structure of systems in model-based development. This core safety case is extended by separately specified auxiliary information from other verification and validation activities such as testing. The thesis also presents an approach to develop safety cases that correspond to the formal proofs found by automated theorem provers and that reveal the underlying proof argumentation structure and top-level assumptions. The resulting safety cases will make explicit the formal and informal reasoning principles, and reveal the top-level assumptions and external dependencies that must be taken into account in demonstrating software safety. The safety cases can be thought as “structured reading guide" for the software and the safety proofs that provide traceable arguments on the assurance provided. The approach has been illustrated on code generated using Real-Time Workshop for Guidance, Navigation, and Control (GN&amp;C) systems of NASA' s Project Constellation and on code for deep space attitude estimation generated by the AutoFilter system developed at NASA Ames.<br/

Deriving Safety Cases for the Formal Safety Certification of Automatically Generated Code

We present an approach to systematically derive safety cases for automatically generated code from information collected during a formal, Hoare-style safety certification of the code. This safety case makes explicit the formal and informal reasoning principles, and reveals the top-level assumptions and external dependencies that must be taken into account; however, the evidence still comes from the formal safety proofs. It uses a generic goal-based argument that is instantiated with respect to the certified safety property (i.e., safety claims) and the program. This will be combined with a complementary safety case that argues the safety of the framework itself, in particular the correctness of the Hoare rules with respect to the safety property and the trustworthiness of the certification system and its individual components. Keywords: Automated code generation, Hoare logic, formal code certification, safety case, Goal Structuring Notation