ACCESS: Assurance Case Centric Engineering of Safety-critical Systems

Ran Wei,Simon Foster,Haitao Mei,Fang Yan,Ruizhe Yang,Ibrahim Habli,Colin O'Halloran,Nick Tudor,Tim Kelly,Yakoub Nemouchi
2024-04-16
Abstract:Assurance cases are used to communicate and assess confidence in critical system properties such as safety and security. Historically, assurance cases have been manually created documents, which are evaluated by system stakeholders through lengthy and complicated processes. In recent years, model-based system assurance approaches have gained popularity to improve the efficiency and quality of system assurance activities. This becomes increasingly important, as systems becomes more complex, it is a challenge to manage their development life-cycles, including coordination of development, verification and validation activities, and change impact analysis in inter-connected system assurance artifacts. Moreover, there is a need for assurance cases that support evolution during the operational life of the system, to enable continuous assurance in the face of an uncertain environment, as Robotics and Autonomous Systems (RAS) are adopted into society. In this paper, we contribute ACCESS - Assurance Case Centric Engineering of Safety-critical Systems, an engineering methodology, together with its tool support, for the development of safety critical systems around evolving model-based assurance cases. We show how model-based system assurance cases can trace to heterogeneous engineering artifacts (e.g. system architectural models, system safety analysis, system behaviour models, etc.), and how formal methods can be integrated during the development process. We demonstrate how assurance cases can be automatically evaluated both at development and runtime. We apply our approach to a case study based on an Autonomous Underwater Vehicle (AUV).
Software Engineering
What problem does this paper attempt to address?
The key problem that this paper attempts to solve is how to automatically manage and evaluate assurance cases through model - based methods (Model - Based Systems Engineering, MBSE) during the development and operation of safety - critical systems, in order to improve the safety, reliability and maintainability of the system. Specifically, the paper proposes a methodology named ACCESS (Assurance Case Centric Engineering of Safety - critical Systems) and its tool support, aiming to solve the following main problems: 1. **Manual creation and evaluation of assurance cases**: Traditionally, assurance cases are manually created documents and need to be evaluated by system stakeholders through a long and complex process. This manual process is error - prone and inefficient. 2. **Traceability and integration of engineering artifacts**: Assurance cases usually depend on a variety of engineering artifacts (such as requirement documents, architecture designs, behavior models, safety analyses, etc.), which may come from different languages and tools. Existing methods are difficult to effectively integrate these artifacts with assurance cases and maintain traceability. 3. **Complexity of the system and life - cycle management**: As the complexity of the system increases, it becomes more challenging to coordinate development, verification and validation activities and analyze the impact of changes in interconnected system assurance artifacts. In addition, it is necessary to support the evolution of the system during its operational life cycle to achieve continuous assurance. 4. **Special requirements of autonomous and robotic systems**: With the increasing application of robots and autonomous systems (RAS), these systems are often open (interconnected at runtime) and adaptive (adapt to the changing environment at runtime), which makes current safety assurance methods insufficient to meet these dynamically changing requirements. 5. **Runtime assurance evaluation**: It is necessary to transfer some system safety assurance activities from development time to runtime in order to achieve continuous assurance in an uncertain environment. This requires automated verification and validation activities to ensure that each engineering artifact meets its requirements, and to ensure that the actual system behavior is consistent with the model prediction through techniques such as runtime safety monitoring. To solve the above problems, the ACCESS methodology makes the following contributions: - **A key systems engineering methodology centered around the evolving assurance case model**: Combine automated assurance case and engineering artifact management and evaluation at design time with runtime assurance case evaluation based on runtime data. - **Automatically evaluate assurance cases at development time and runtime**: Include a prototype dynamic assurance case management system for evaluating assurance cases based on runtime data. - **Integrate different formal verification results into assurance cases**: Automatically generate Isabelle/SACM formal assurance cases for analysis using theorem proving. - **Automated change impact analysis from engineering artifacts to assurance cases**. - **A case study applied to autonomous underwater vehicles (AUV)**, showing how to apply the ACCESS methodology during development and operation. Through these contributions, ACCESS aims to improve the automation and reliability of the development and assurance processes of safety - critical systems.