Assurance cases are used to communicate and assess confidence in critical system properties such as safety and security. Historically, assurance cases have been manually created documents, which are evaluated by system stakeholders through lengthy and complicated processes. In recent years, model-based system assurance approaches have gained popularity to improve the efficiency and quality of system assurance activities. This becomes increasingly important, as systems becomes more complex, it is a challenge to manage their development life-cycles, including coordination of development, verification and validation activities, and change impact analysis in inter-connected system assurance artifacts. Moreover, there is a need for assurance cases that support evolution during the operational life of the system, to enable continuous assurance in the face of an uncertain environment, as Robotics and Autonomous Systems (RAS) are adopted into society. In this paper, we contribute ACCESS - Assurance Case Centric Engineering of Safety-critical Systems, an engineering methodology, together with its tool support, for the development of safety critical systems around evolving model-based assurance cases. We show how model-based system assurance cases can trace to heterogeneous engineering artifacts (e.g. system architectural models, system safety analysis, system behaviour models, etc.), and how formal methods can be integrated during the development process. We demonstrate how assurance cases can be automatically evaluated both at development and runtime. We apply our approach to a case study based on an Autonomous Underwater Vehicle (AUV).
翻译:摘要:保障案例用于沟通和评估对系统关键属性(如安全性和保密性)的信心。传统上,保障案例是手动创建的文档,系统利益相关者需通过冗长且复杂的流程对其进行评估。近年来,基于模型的系统保障方法逐渐流行,以提高系统保障活动的效率和质量。随着系统日益复杂,管理其开发生命周期(包括开发、验证和确认活动的协调,以及互联系统保障工件中的变更影响分析)已成为一项挑战,这使得上述方法愈发重要。此外,随着机器人自治系统(RAS)融入社会,系统运行寿命期间需支持演化的保障案例,以在不确定环境下实现持续保障。本文提出了一种以保障案例为中心的安全关键系统工程方法ACCESS及其工具支持,用于围绕演化的基于模型的保障案例开发安全关键系统。我们展示了基于模型的系统保障案例如何追溯到异构工程工件(如系统架构模型、系统安全分析、系统行为模型等),以及如何在开发过程中集成形式化方法。我们演示了如何在开发阶段和运行时自动评估保障案例。最后,我们将该方法应用于基于自主水下航行器(AUV)的案例研究。