Standards-based metamodel for the management of goals, risks and evidences in critical systems development

Safety critical system development includes a wide set of techniques, methods and tools for assuring system safety. The concept of evidence is one of the key notions used to provide safety confidence to stakeholders. Safety goals must be identified during safety analysis. In addition, risks should also be considered and managed, and linked to the achievement of safety goals. This paper proposes an extension of the ISO/IEC 24744 metamodel for development methodologies in order to integrate the management of goals, risks and evidence into system development lifecycles in an ISO/IEC 15026-compliant manner that is related to the approach of assurance cases. The proposed extension is illustrated through a real-life scenario in the automotive domain where the system being developed must comply with ISO 26262, a standard in this domain. By using the proposed approach, the management of goals, risks and evidence in critical systems development is formalized and harmonized with different ISO/IEC standards, resulting in a more robust and systematic treatment of these crucial aspects.This work was partially supported by a grant from “Programa de Movilidad del Personal Investigador del Departamento de Educación, Política Lingüística y Cultura del Gobierno Vasco” (MV_2014_1_34) and funding from the FP7 programme under grant agreement number 289011 (OPENCOSS).Peer Reviewe

Standards-based metamodel for the management of goals, risks and evidences in critical systems development

© 2016 Elsevier B.V. All rights reserved. Safety critical system development includes a wide set of techniques, methods and tools for assuring system safety. The concept of evidence is one of the key notions used to provide safety confidence to stakeholders. Safety goals must be identified during safety analysis. In addition, risks should also be considered and managed, and linked to the achievement of safety goals. This paper proposes an extension of the ISO/IEC 24744 metamodel for development methodologies in order to integrate the management of goals, risks and evidence into system development lifecycles in an ISO/IEC 15026-compliant manner that is related to the approach of assurance cases. The proposed extension is illustrated through a real-life scenario in the automotive domain where the system being developed must comply with ISO 26262, a standard in this domain. By using the proposed approach, the management of goals, risks and evidence in critical systems development is formalized and harmonized with different ISO/IEC standards, resulting in a more robust and systematic treatment of these crucial aspects