Managing the Evolution of Dependability Cases for Systems of Systems

. Dependability is a composite property consisting of attributes such as reliability, availability, safety and security. The achievement of these attri~utes is often essential for the operational success of systems undertaking critical and complex tasks. .Assurance that the fmal system will demonstrate the required dependability qualities, can be crucial to the acceptance of the system into service. Safety cases are a well established c,oncept used to establish assurance about the safety properties of a system. However, safety cases focus only on one attribute of dependability. The principles and processes ofcreating an integrated dependability case - that assures all aspects of dependable system behaviour - are less well understood. A number of challenges are faced when attempting to support dependability case development. These include the systematic elicitation of dependability goals, the management and justification of trade-offs, and the evolution of multi-attribute arguments in step with the design process. This thesis addresses these challenges by defming a rigorous framework, accompanied by a set of methods, for establishing dependability cases. Firstly, a method for eliciting dependability requirements is defmed by extending existing safety deviational analysis techniques. Secondly, a method for systematically identifying and managing justified trade-offs is presented. Thirdly, the thesis describes the co-evolution of depen~bility . case arguments alongside system development - using a dependability case architecture that corresponds to system structures. Finally, the thesis unifies these contributions by defming a metamodel that captures and interrelates the 'concepts underlying the proposed methods. Evaluation of the work is presented by means of peer review, pilot studies and industrial examples

UMOD : a device for monitoring postoperative urination

A Urine Monitoring Device (UMOD) has been designed and implemented for monitoring postoperative urination. This device has been created primarily to assist nurses and doctors monitor patients during their postoperative and recovery period. Furthermore, to reduce the burden of the nursing staff required to regularly monitor and empty the urine bags saving them precious time. The device consists of a stand and a load cell where the urine bag is attached. The stand is light and can easily move shall the patient require to move. An ESP Wi-Fi microprocessor module is used to calculate the rate of flow of urine in real time, identify and ignore any false readings due to accidental movements of the urine bag using an accelerometer and transmit the readings to a server / cloud through the local Wi-Fi

PROCEEDINGS of the 22nd INTERNATIONAL SYSTEM SAFETY CONFERENCE- 2004 Extending the Safety Case Concept to Address Dependability

A safety case is a well-reasoned argument, supported by evidence that a system is acceptably safe to operate in a particular context. For many, evolving a safety case in step with the design has proved to be an effective means of identifying and addressing safety concerns during a system’s lifecycle. However, ultimately safety cases address only one system attribute- safety. Increasingly, the idea of extending the well-established concept of the safety case to address wider dependability concerns is being discussed. Attempting to address all dependability attributes can result in competing objectives. As a consequence, there are trade-offs among the dependability attributes that need to be resolved in order to achieve the optimum dependability characteristics for the system. Furthermore, the balance of these trade-offs can depend heavily upon the context in which the system operates. In this paper we examine the suitability of extending existing methodologies and concepts from safety case development practice to address the wider concerns of dependability arguments. We will discuss existing approaches to managing trade-offs between competing design objectives and explain how trade-offs may be supported within the Goal Structuring Notation (GSN) framework. In particular we examine how trade-off resolution during the evolution of the dependability objectives, contributes to establishing a final dependability argument

The need for flexible requirements in dependable systems

For many critical systems, in addition to satisfying functional requirements it is important also to address qualities such as performance, availability and safety, which are attributes of dependability. Engineering practice has shown that it is impossible to achieve all dependability requirements without compromise. The satisfaction of requirements depends on design decisions during system evolution and contextual information about the operation of the system. A key challenge is to maintain the multiple attributes of dependability at acceptable levels, addressing the achievement of each attribute in context of the others. This task requires definition and justification of clear levels of acceptability for each dependability requirement, as well as traceability of the requirements ’ rationale throughout the entire lifecycle. Adopting a flexible approach when specifying satisfying requirements is a realistic and pragmatic approach, which lays the foundation for the evolution of requirements and the resolution of any conflicts that may appear. 1

Eliciting safety policy and balancing with operational fitness in systems of systems

Abstract- Systems of Systems (SoS) demonstrate a number of distinguishing characteristics, such as the autonomy of their constituent systems and the resulting emergent behaviour. The elements of SoS are united by a common purpose but, in order to operate in a manner that does not lead to accidents, must also comply with a consistent set of rules. Policy is just such a set of rules that provides an effective means for constraining the behaviour of the elements in a SoS within the boundaries of acceptably safe behaviour. However, addressing safety as the utmost objective can affect, and potentially compromise, other operational characteristics of the SoS, such as performance, mission effectiveness and availability. This can have an adverse effect on the SoS achieving operational objectives, consequently leading to unacceptable operation. In this paper we present and demonstrate how we can balance safety with other operational characteristics. This is achieved by assessing the operational consequences of policy implementation decisions and by making justified trade-offs. This is illustrated using a Network Centric Warfare (NCW) example

Unmanned Aerial Systems and Healthcare: Possibilities and Challenges

Unmanned Aerial Systems (UAS) have an enormous number of possible commercial and personal uses ranging from the basic delivery of packages to environmental monitoring and disaster relief support. Their possible use in emergency situations from the delivery of an automated external defibrillator to cardiac arrest victims, to `search and rescue' operations, provides an indication of how useful the technology can be. Before the widespread adoption of UAS within the public and commercial sectors is achieved a number of challenges need to be overcome, especially those pertaining to public risk in the areas of safety, privacy and security. This contribution initially examines the proposed and active usage of UAS within healthcare, not only for emergency medical services and drug/blood delivery but also `search and rescue' operations. The challenges to UAV usage for healthcare related services, as well as the current evolving state of UAS operational regulations are then discussed