Workshop ASSURE 2013 – Author Index |
Contents -
Abstracts -
Authors
|
Attwood, Katrina |
ASSURE '13: "Nuanced Term-Matching to Assist ..."
Nuanced Term-Matching to Assist in Compositional Safety Assurance
Katrina Attwood and Philippa Conmy (University of York, UK) Increased complexity in the design, technology and supply chains for software-intensive safety-critical systems has resulted in a growing demand for a compositional approach to safety assurance. Assurance data relating to independently-derived components must be melded together into a compelling case for overall system safety. One of the barriers to composition is the lack of consistency in the terminology used to describe and share assurance data. Linguistic mismatches highlight various problems for the composition of peer modules and their integration into an overall case. In this paper, we propose the application of a linguistic model of understanding to identify mismatches and to provide guidance on composition and integration. The approach is illustrated using a simple example. @InProceedings{ASSURE13p18, author = {Katrina Attwood and Philippa Conmy}, title = {Nuanced Term-Matching to Assist in Compositional Safety Assurance}, booktitle = {Proc.\ ASSURE}, publisher = {IEEE}, pages = {18--23}, doi = {}, year = {2013}, } |
|
Cleaveland, Rance |
ASSURE '13: "Constructing Safety Assurance ..."
Constructing Safety Assurance Cases for Medical Devices
Arnab Ray and Rance Cleaveland (Fraunhofer CESE, USA; University of Maryland, USA) This paper lays out a approach for safety assurance case argumentation. The approach links together in a principled manner a devices highest-level safety claims, operating environments and hazards; and its safety requirements, final implementation, and test and other validation results. This approach is intended for the creation of safety assurance cases for pre-market submissions to a regulatory authority like the Food and Drug Administration. @InProceedings{ASSURE13p40, author = {Arnab Ray and Rance Cleaveland}, title = {Constructing Safety Assurance Cases for Medical Devices}, booktitle = {Proc.\ ASSURE}, publisher = {IEEE}, pages = {40--45}, doi = {}, year = {2013}, } |
|
Conmy, Philippa |
ASSURE '13: "Nuanced Term-Matching to Assist ..."
Nuanced Term-Matching to Assist in Compositional Safety Assurance
Katrina Attwood and Philippa Conmy (University of York, UK) Increased complexity in the design, technology and supply chains for software-intensive safety-critical systems has resulted in a growing demand for a compositional approach to safety assurance. Assurance data relating to independently-derived components must be melded together into a compelling case for overall system safety. One of the barriers to composition is the lack of consistency in the terminology used to describe and share assurance data. Linguistic mismatches highlight various problems for the composition of peer modules and their integration into an overall case. In this paper, we propose the application of a linguistic model of understanding to identify mismatches and to provide guidance on composition and integration. The approach is illustrated using a simple example. @InProceedings{ASSURE13p18, author = {Katrina Attwood and Philippa Conmy}, title = {Nuanced Term-Matching to Assist in Compositional Safety Assurance}, booktitle = {Proc.\ ASSURE}, publisher = {IEEE}, pages = {18--23}, doi = {}, year = {2013}, } |
|
Feather, Martin S. |
ASSURE '13: "Architecting and Generalizing ..."
Architecting and Generalizing a Safety Case for Critical Condition Detection Software: An Experience Report
Martin S. Feather and Lawrence Z. Markosian (Jet Propulsion Laboratory, USA; SGT, USA) Safety cases and, specifically, software safety cases, have had virtually no presence in engineering practice in the US. Recent interest, in addition to an early attempt to introduce them into practice in the NASA Constellation Program, motivated us to develop a partial safety case for a safety critical subsystem for the Ares I vehicle, namely the abort detection, notification and response (AFDNR) system. This paper relates our experience applying the safety case concept to AFDNR, particularly from the perspective of generalizing the safety issues to similar fault management systems. We also provide lessons learned, including a discussion of issues that led to our current refactoring of our initial safety case. @InProceedings{ASSURE13p29, author = {Martin S. Feather and Lawrence Z. Markosian}, title = {Architecting and Generalizing a Safety Case for Critical Condition Detection Software: An Experience Report}, booktitle = {Proc.\ ASSURE}, publisher = {IEEE}, pages = {29--33}, doi = {}, year = {2013}, } |
|
Goodenough, John B. |
ASSURE '13: "Measuring Assurance Case Confidence ..."
Measuring Assurance Case Confidence using Baconian Probabilities
Charles B. Weinstock, John B. Goodenough, and Ari Z. Klein (SEI, USA) The basis for assessing the validity of an assurance case is an active area of study. In this paper, we discuss how to assess confidence in a case by considering the doubts eliminated by the claims and evidence in a case. This is an application of eliminative induction and the notion of Baconian probability as put forward by L. Jonathan Cohen. @InProceedings{ASSURE13p7, author = {Charles B. Weinstock and John B. Goodenough and Ari Z. Klein}, title = {Measuring Assurance Case Confidence using Baconian Probabilities}, booktitle = {Proc.\ ASSURE}, publisher = {IEEE}, pages = {7--11}, doi = {}, year = {2013}, } |
|
Joyce, Jeffrey J. |
ASSURE '13: "Creating Safety Assurance ..."
Creating Safety Assurance Cases for Rebreather Systems
Alma L. Juarez Dominguez, Bruce G. Partridge, and Jeffrey J. Joyce (University of Waterloo, Canada; Shearwater Research, Canada; Critical Systems Labs, Canada) The creation of safety assurance cases is a new requirement for rebreather manufacturers, where a rebreather is simply understood as a self-contained underwater breathing apparatus. The two main potential benefits to creating safety assurance cases for rebreather systems are: ensuring that the system is sufficiently safe in a given context and showing compliance to a regulatory framework. This paper presents our experience in the process of developing a safety assurance case for a rebreather sub-system, thus providing guidance on this process to other rebreather manufacturers. We used the Goal Structuring Notation (GSN) to develop a safety argument that compelled us to re-evaluate our safety goals, and that provided a basis for productive discussion between embedded systems engineers, systems safety consultants, and reviewers. @InProceedings{ASSURE13p34, author = {Alma L. Juarez Dominguez and Bruce G. Partridge and Jeffrey J. Joyce}, title = {Creating Safety Assurance Cases for Rebreather Systems}, booktitle = {Proc.\ ASSURE}, publisher = {IEEE}, pages = {34--39}, doi = {}, year = {2013}, } |
|
Juarez Dominguez, Alma L. |
ASSURE '13: "Creating Safety Assurance ..."
Creating Safety Assurance Cases for Rebreather Systems
Alma L. Juarez Dominguez, Bruce G. Partridge, and Jeffrey J. Joyce (University of Waterloo, Canada; Shearwater Research, Canada; Critical Systems Labs, Canada) The creation of safety assurance cases is a new requirement for rebreather manufacturers, where a rebreather is simply understood as a self-contained underwater breathing apparatus. The two main potential benefits to creating safety assurance cases for rebreather systems are: ensuring that the system is sufficiently safe in a given context and showing compliance to a regulatory framework. This paper presents our experience in the process of developing a safety assurance case for a rebreather sub-system, thus providing guidance on this process to other rebreather manufacturers. We used the Goal Structuring Notation (GSN) to develop a safety argument that compelled us to re-evaluate our safety goals, and that provided a basis for productive discussion between embedded systems engineers, systems safety consultants, and reviewers. @InProceedings{ASSURE13p34, author = {Alma L. Juarez Dominguez and Bruce G. Partridge and Jeffrey J. Joyce}, title = {Creating Safety Assurance Cases for Rebreather Systems}, booktitle = {Proc.\ ASSURE}, publisher = {IEEE}, pages = {34--39}, doi = {}, year = {2013}, } |
|
Klein, Ari Z. |
ASSURE '13: "Measuring Assurance Case Confidence ..."
Measuring Assurance Case Confidence using Baconian Probabilities
Charles B. Weinstock, John B. Goodenough, and Ari Z. Klein (SEI, USA) The basis for assessing the validity of an assurance case is an active area of study. In this paper, we discuss how to assess confidence in a case by considering the doubts eliminated by the claims and evidence in a case. This is an application of eliminative induction and the notion of Baconian probability as put forward by L. Jonathan Cohen. @InProceedings{ASSURE13p7, author = {Charles B. Weinstock and John B. Goodenough and Ari Z. Klein}, title = {Measuring Assurance Case Confidence using Baconian Probabilities}, booktitle = {Proc.\ ASSURE}, publisher = {IEEE}, pages = {7--11}, doi = {}, year = {2013}, } |
|
Langari, Zarrin |
ASSURE '13: "Safety Cases: A Review of ..."
Safety Cases: A Review of Challenges
Zarrin Langari and Tom Maibaum (McMaster University, Canada) In this article, we address safety cases as special cases of the more general class of assurance cases, which were developed as an extension to the concept of safety case. Related to the development and use of safety cases, there remain challenges, such as their size, readability, and identifying fallacious reasoning used in arguments. Some of these challenges are reviewed in the current article and followed by a review of challenges for the assessment of safety cases by regulators. @InProceedings{ASSURE13p1, author = {Zarrin Langari and Tom Maibaum}, title = {Safety Cases: A Review of Challenges}, booktitle = {Proc.\ ASSURE}, publisher = {IEEE}, pages = {1--6}, doi = {}, year = {2013}, } |
|
Maibaum, Tom |
ASSURE '13: "Safety Cases: A Review of ..."
Safety Cases: A Review of Challenges
Zarrin Langari and Tom Maibaum (McMaster University, Canada) In this article, we address safety cases as special cases of the more general class of assurance cases, which were developed as an extension to the concept of safety case. Related to the development and use of safety cases, there remain challenges, such as their size, readability, and identifying fallacious reasoning used in arguments. Some of these challenges are reviewed in the current article and followed by a review of challenges for the assessment of safety cases by regulators. @InProceedings{ASSURE13p1, author = {Zarrin Langari and Tom Maibaum}, title = {Safety Cases: A Review of Challenges}, booktitle = {Proc.\ ASSURE}, publisher = {IEEE}, pages = {1--6}, doi = {}, year = {2013}, } |
|
Markosian, Lawrence Z. |
ASSURE '13: "Architecting and Generalizing ..."
Architecting and Generalizing a Safety Case for Critical Condition Detection Software: An Experience Report
Martin S. Feather and Lawrence Z. Markosian (Jet Propulsion Laboratory, USA; SGT, USA) Safety cases and, specifically, software safety cases, have had virtually no presence in engineering practice in the US. Recent interest, in addition to an early attempt to introduce them into practice in the NASA Constellation Program, motivated us to develop a partial safety case for a safety critical subsystem for the Ares I vehicle, namely the abort detection, notification and response (AFDNR) system. This paper relates our experience applying the safety case concept to AFDNR, particularly from the perspective of generalizing the safety issues to similar fault management systems. We also provide lessons learned, including a discussion of issues that led to our current refactoring of our initial safety case. @InProceedings{ASSURE13p29, author = {Martin S. Feather and Lawrence Z. Markosian}, title = {Architecting and Generalizing a Safety Case for Critical Condition Detection Software: An Experience Report}, booktitle = {Proc.\ ASSURE}, publisher = {IEEE}, pages = {29--33}, doi = {}, year = {2013}, } |
|
Matsuno, Yutaka |
ASSURE '13: "An Evaluation of Argument ..."
An Evaluation of Argument Patterns to Reduce Pitfalls of Applying Assurance Case
Shuichiro Yamamoto and Yutaka Matsuno (Nagoya University, Japan) In this paper, we will introduce some of the problem areas that Japanese software engineers are susceptible to during the creation of assurance cases, based on the author's educational experience with assurance cases. In addition, methods for dealing with these problem areas will also be explained. To mitigate these problems, it is expected to apply assurance case patterns that help engineers develop assurance cases by reusing those patterns. It is also shown an evaluation result of assurance case pattern application to develop an assurance case for a LAN device management system. @InProceedings{ASSURE13p12, author = {Shuichiro Yamamoto and Yutaka Matsuno}, title = {An Evaluation of Argument Patterns to Reduce Pitfalls of Applying Assurance Case}, booktitle = {Proc.\ ASSURE}, publisher = {IEEE}, pages = {12--17}, doi = {}, year = {2013}, } ASSURE '13: "An Implementation of GSN Community ..." An Implementation of GSN Community Standard Yutaka Matsuno and Shuichiro Yamamoto (Nagoya University, Japan) GSN (Goal Structuring Notation) is a graphical notation widely used to construct assurance cases, which are required for the system assurance of safety critical systems specially in Europe, and now worldwide as the importance of system assurance has been growing and several safety standard such as ISO 26262 mandate the use of safety case (assurance case for system safety). The syntax and extensions for module and patterns have been defined in GSN Community Standard. In this paper we report our preliminary implementation partly satisfying the standard. The prototype implementation has been done on D-Case Editor, an Eclipse based GSN editor. Among syntax defined in the standard, we have implemented “away goal” and “module node” as the basis for the module system, together with parameters with scope and pattern instantiation function which are extensions of our previous works. Due to some ambiguity in the GSN community standard, several design choices may exist. In this paper we report our design choices. We also report further a few issues for implementing the full syntax of the GSN community standard. @InProceedings{ASSURE13p24, author = {Yutaka Matsuno and Shuichiro Yamamoto}, title = {An Implementation of GSN Community Standard}, booktitle = {Proc.\ ASSURE}, publisher = {IEEE}, pages = {24--28}, doi = {}, year = {2013}, } |
|
Partridge, Bruce G. |
ASSURE '13: "Creating Safety Assurance ..."
Creating Safety Assurance Cases for Rebreather Systems
Alma L. Juarez Dominguez, Bruce G. Partridge, and Jeffrey J. Joyce (University of Waterloo, Canada; Shearwater Research, Canada; Critical Systems Labs, Canada) The creation of safety assurance cases is a new requirement for rebreather manufacturers, where a rebreather is simply understood as a self-contained underwater breathing apparatus. The two main potential benefits to creating safety assurance cases for rebreather systems are: ensuring that the system is sufficiently safe in a given context and showing compliance to a regulatory framework. This paper presents our experience in the process of developing a safety assurance case for a rebreather sub-system, thus providing guidance on this process to other rebreather manufacturers. We used the Goal Structuring Notation (GSN) to develop a safety argument that compelled us to re-evaluate our safety goals, and that provided a basis for productive discussion between embedded systems engineers, systems safety consultants, and reviewers. @InProceedings{ASSURE13p34, author = {Alma L. Juarez Dominguez and Bruce G. Partridge and Jeffrey J. Joyce}, title = {Creating Safety Assurance Cases for Rebreather Systems}, booktitle = {Proc.\ ASSURE}, publisher = {IEEE}, pages = {34--39}, doi = {}, year = {2013}, } |
|
Ray, Arnab |
ASSURE '13: "Constructing Safety Assurance ..."
Constructing Safety Assurance Cases for Medical Devices
Arnab Ray and Rance Cleaveland (Fraunhofer CESE, USA; University of Maryland, USA) This paper lays out a approach for safety assurance case argumentation. The approach links together in a principled manner a devices highest-level safety claims, operating environments and hazards; and its safety requirements, final implementation, and test and other validation results. This approach is intended for the creation of safety assurance cases for pre-market submissions to a regulatory authority like the Food and Drug Administration. @InProceedings{ASSURE13p40, author = {Arnab Ray and Rance Cleaveland}, title = {Constructing Safety Assurance Cases for Medical Devices}, booktitle = {Proc.\ ASSURE}, publisher = {IEEE}, pages = {40--45}, doi = {}, year = {2013}, } |
|
Weinstock, Charles B. |
ASSURE '13: "Measuring Assurance Case Confidence ..."
Measuring Assurance Case Confidence using Baconian Probabilities
Charles B. Weinstock, John B. Goodenough, and Ari Z. Klein (SEI, USA) The basis for assessing the validity of an assurance case is an active area of study. In this paper, we discuss how to assess confidence in a case by considering the doubts eliminated by the claims and evidence in a case. This is an application of eliminative induction and the notion of Baconian probability as put forward by L. Jonathan Cohen. @InProceedings{ASSURE13p7, author = {Charles B. Weinstock and John B. Goodenough and Ari Z. Klein}, title = {Measuring Assurance Case Confidence using Baconian Probabilities}, booktitle = {Proc.\ ASSURE}, publisher = {IEEE}, pages = {7--11}, doi = {}, year = {2013}, } |
|
Yamamoto, Shuichiro |
ASSURE '13: "An Evaluation of Argument ..."
An Evaluation of Argument Patterns to Reduce Pitfalls of Applying Assurance Case
Shuichiro Yamamoto and Yutaka Matsuno (Nagoya University, Japan) In this paper, we will introduce some of the problem areas that Japanese software engineers are susceptible to during the creation of assurance cases, based on the author's educational experience with assurance cases. In addition, methods for dealing with these problem areas will also be explained. To mitigate these problems, it is expected to apply assurance case patterns that help engineers develop assurance cases by reusing those patterns. It is also shown an evaluation result of assurance case pattern application to develop an assurance case for a LAN device management system. @InProceedings{ASSURE13p12, author = {Shuichiro Yamamoto and Yutaka Matsuno}, title = {An Evaluation of Argument Patterns to Reduce Pitfalls of Applying Assurance Case}, booktitle = {Proc.\ ASSURE}, publisher = {IEEE}, pages = {12--17}, doi = {}, year = {2013}, } ASSURE '13: "An Implementation of GSN Community ..." An Implementation of GSN Community Standard Yutaka Matsuno and Shuichiro Yamamoto (Nagoya University, Japan) GSN (Goal Structuring Notation) is a graphical notation widely used to construct assurance cases, which are required for the system assurance of safety critical systems specially in Europe, and now worldwide as the importance of system assurance has been growing and several safety standard such as ISO 26262 mandate the use of safety case (assurance case for system safety). The syntax and extensions for module and patterns have been defined in GSN Community Standard. In this paper we report our preliminary implementation partly satisfying the standard. The prototype implementation has been done on D-Case Editor, an Eclipse based GSN editor. Among syntax defined in the standard, we have implemented “away goal” and “module node” as the basis for the module system, together with parameters with scope and pattern instantiation function which are extensions of our previous works. Due to some ambiguity in the GSN community standard, several design choices may exist. In this paper we report our design choices. We also report further a few issues for implementing the full syntax of the GSN community standard. @InProceedings{ASSURE13p24, author = {Yutaka Matsuno and Shuichiro Yamamoto}, title = {An Implementation of GSN Community Standard}, booktitle = {Proc.\ ASSURE}, publisher = {IEEE}, pages = {24--28}, doi = {}, year = {2013}, } |
18 authors
proc time: 0.05