Facilitating construction of safety cases from formal models in Event-B |
| |
Affiliation: | 1. Computer Science Department, Carlos III University of Madrid, Avda. Universidad 30, 28911 Leganés, Madrid, Spain;2. ICT-European Software Institute, Tecnalia, Parque Tecnológico Ed. 700, E-48160 Derio, Spain;3. Department of Computer Science, University of York, Heslington, York YO10 5GH, United Kingdom;4. Meta-zen Consulting, Unit 50-12165, 75 Avenue, Surrey, British Columbia V3W0W7, Canada;1. Virtual Vehicle Research GmbH, Austria;2. Bosch Engineering, Austria;3. Austrian Institute of Technology GmbH, Austria;4. Fraunhofer IESE, Germany;5. Technische Universität Berlin, Germany;6. Graz University of Technology, Austria |
| |
Abstract: | ContextCertification of safety–critical software systems requires submission of safety assurance documents, e.g., in the form of safety cases. A safety case is a justification argument used to show that a system is safe for a particular application in a particular environment. Different argumentation strategies (informal and formal) are applied to determine the evidence for a safety case. For critical software systems, application of formal methods is often highly recommended for their safety assurance.ObjectiveThe objective of this paper is to propose a methodology that combines two activities: formalisation of system safety requirements of critical software systems for their further verification as well as derivation of structured safety cases from the associated formal specifications.MethodWe propose a classification of system safety requirements in order to facilitate the mapping of informally defined requirements into a formal model. Moreover, we propose a set of argument patterns that aim at enabling the construction of (a part of) a safety case from a formal model in Event-B.ResultsThe results reveal that the proposed classification-based mapping of safety requirements into formal models facilitates requirements traceability. Moreover, the provided detailed guidelines on construction of safety cases aim to simplify the task of the argument pattern instantiation for different classes of system safety requirements. The proposed methodology is illustrated by numerous case studies.ConclusionFirstly, the proposed methodology allows us to map the given system safety requirements into elements of the formal model to be constructed, which is then used for verification of these requirements. Secondly, it guides the construction of a safety case, aiming to demonstrate that the safety requirements are indeed met. Consequently, the argumentation used in such a constructed safety case allows us to support it with formal proofs and model checking results used as the safety evidence. |
| |
Keywords: | Safety–critical software systems Safety requirements Formal development and verification Event-B Safety cases Argument patterns |
本文献已被 ScienceDirect 等数据库收录! |
|