Abstract:Assurance cases are used to demonstrate confidence in system properties of interest (e.g. safety and/or security). A number of system assurance approaches are adopted by industries in the safety-critical domain. However, the task of constructing assurance cases remains a manual, trivial and informal process. The Structured Assurance Case Metamodel (SACM) is a standard specified by the Object Management Group (OMG). SACM provides a richer set of features than existing system assurance languages/approaches. SACM provides a foundation for model-based system assurance, which has great potentials in growing technology domains such as Open Adaptive Systems. However, the intended usage of SACM has not been sufficiently explained. In addition, there has been no support to interoperate between existing assurance case (models) and SACM models. In this article, we explain the intended usage of SACM based on our involvement in the OMG specification process of SACM. In addition, to promote a model-based approach, we provide SACM compliant metamodels for existing system assurance approaches (the Goal Structuring Notation and Claims-Arguments-Evidence), and the transformations from these models to SACM. We also briefly discuss the tool support for model-based system assurance which helps practitioners to make the transition from existing system assurance approaches to model-based system assurance using SACM.

What problem does this paper attempt to address?

The problems that this paper attempts to solve mainly focus on the following aspects: 1. **Standardization and Interoperability**: Although there are multiple system assurance methods, these methods are usually manual, trivial and informal processes. The paper points out that the Object Management Group (OMG) has specified the Structured Assurance Case Metamodel (SACM) standard, aiming to provide a richer set of functions than existing system assurance languages/methods. However, the intended use of SACM has not been fully explained, and there is a lack of interoperability support between existing assurance cases (models) and SACM models. 2. **Model - Driven System Assurance**: With the continuous expansion of the technology field, such as Open Adaptive Systems, model - driven system assurance has become particularly important. The paper emphasizes the advantages of Model Driven Engineering (MDE) in terms of automation and consistency, especially in runtime system assurance. 3. **Relationship between Existing Methods and SACM**: The paper also explores the relationship between existing assurance case methods (such as Goal Structuring Notation and Claims - Arguments - Evidence) and SACM, and provides a conversion mechanism from these methods to SACM to facilitate the transition from existing methods to model - based system assurance. Specifically, the paper solves the above problems through the following contributions: - Provides a detailed explanation of SACM version 2.0. - Explains how to use SACM to create assurance case models. - Provides GSN and CAE metamodels that conform to the SACM standard and their mapping relationships. - Discusses tools that support model - driven system assurance, helping practitioners transition from existing system assurance methods to model - based methods. In summary, the main objective of the paper is to promote the application of SACM in model - driven system assurance, especially for runtime assurance of open adaptive systems, by providing a detailed explanation of the use of SACM and a conversion mechanism from existing methods to SACM.

Model Based System Assurance Using the Structured Assurance Case Metamodel

ACCESS: Assurance Case Centric Engineering of Safety-critical Systems

Automated Model-Based Assurance Case Management Using Constrained Natural Language

On the Transition from Design Time to Runtime Model-Based Assurance Cases.

Integration of Formal Proof into Unified Assurance Cases with Isabelle/SACM

Automatic Support of the Generation and Maintenance of Assurance Cases.

Security Assurance Cases -- State of the Art of an Emerging Approach

How do practitioners perceive assurance cases in safety-critical software systems?

Automating Semantic Analysis of System Assurance Cases using Goal-directed ASP

Model-based Generation of Hazard-driven Arguments and Formal Verification Evidence for Assurance Cases

A system-theoretic assurance framework for safety-driven systems engineering

An Improved Formal Failure Analysis Approach for Safety-Critical System Based on MBSA

Guidance on the Safety Assurance of Autonomous Systems in Complex Environments (SACE)

Filling the Gap Between IMA Development and Safety Assessment Through Safety-Driven Model-Based System Engineering

Towards Understanding and Applying Security Assurance Cases for Automotive Systems

A Methodology for Automating Assurance Case Generation

A Formal Model of Security Controls' Capabilities and Its Applications to Policy Refinement and Incident Management

A Configurable Semantic-Based Transformation Method towards Conceptual Models

Reconciling Safety Measurement and Dynamic Assurance

Defining and characterizing model-based safety assessment: A review