ICSE 2013 Workshops
2013 35th International Conference on Software Engineering (ICSE)
Powered by
Conference Publishing Consulting

2013 1st International Workshop on Assurance Cases for Software-Intensive Systems (ASSURE), May 19, 2013, San Francisco, CA, USA

ASSURE 2013 – Proceedings

Contents - Abstracts - Authors

1st International Workshop on Assurance Cases for Software-Intensive Systems (ASSURE)


Title Page

Software plays a key role in high-risk systems, i.e., safety- and security-critical systems. Several certification standards and guidelines, e.g., in the defense, transportation (aviation, automotive, rail), and healthcare domains, now recommend and/or mandate the development of assurance cases for software-intensive systems. As such, there is a need to understand and evaluate (a) the application of assurance cases to software, and (b) the relationship between the development and assessment of assurance cases, and software engineering concepts, processes and techniques. The ICSE 2013 Workshop on Assurance Cases for Software-intensive Systems (ASSURE) aims to provide an international forum for high-quality contributions (research, practice, and position papers) on the application of assurance case principles and techniques for software assurance, and on the treatment of assurance cases as artifacts to which the full range of software engineering techniques can be applied.


Safety Cases: A Review of Challenges
Zarrin Langari and Tom Maibaum
(McMaster University, Canada)
In this article, we address safety cases as special cases of the more general class of assurance cases, which were developed as an extension to the concept of safety case. Related to the development and use of safety cases, there remain challenges, such as their size, readability, and identifying fallacious reasoning used in arguments. Some of these challenges are reviewed in the current article and followed by a review of challenges for the assessment of safety cases by regulators.

Article Search
Measuring Assurance Case Confidence using Baconian Probabilities
Charles B. Weinstock, John B. Goodenough, and Ari Z. Klein
The basis for assessing the validity of an assurance case is an active area of study. In this paper, we discuss how to assess confidence in a case by considering the doubts eliminated by the claims and evidence in a case. This is an application of eliminative induction and the notion of Baconian probability as put forward by L. Jonathan Cohen.

Article Search

Notations and Techniques

An Evaluation of Argument Patterns to Reduce Pitfalls of Applying Assurance Case
Shuichiro Yamamoto and Yutaka Matsuno
(Nagoya University, Japan)
In this paper, we will introduce some of the problem areas that Japanese software engineers are susceptible to during the creation of assurance cases, based on the author's educational experience with assurance cases. In addition, methods for dealing with these problem areas will also be explained. To mitigate these problems, it is expected to apply assurance case patterns that help engineers develop assurance cases by reusing those patterns. It is also shown an evaluation result of assurance case pattern application to develop an assurance case for a LAN device management system.

Article Search
Nuanced Term-Matching to Assist in Compositional Safety Assurance
Katrina Attwood and Philippa Conmy
(University of York, UK)
Increased complexity in the design, technology and supply chains for software-intensive safety-critical systems has resulted in a growing demand for a compositional approach to safety assurance. Assurance data relating to independently-derived components must be melded together into a compelling case for overall system safety. One of the barriers to composition is the lack of consistency in the terminology used to describe and share assurance data. Linguistic mismatches highlight various problems for the composition of peer modules and their integration into an overall case. In this paper, we propose the application of a linguistic model of understanding to identify mismatches and to provide guidance on composition and integration. The approach is illustrated using a simple example.

Article Search
An Implementation of GSN Community Standard
Yutaka Matsuno and Shuichiro Yamamoto
(Nagoya University, Japan)
GSN (Goal Structuring Notation) is a graphical notation widely used to construct assurance cases, which are required for the system assurance of safety critical systems specially in Europe, and now worldwide as the importance of system assurance has been growing and several safety standard such as ISO 26262 mandate the use of safety case (assurance case for system safety). The syntax and extensions for module and patterns have been defined in GSN Community Standard. In this paper we report our preliminary implementation partly satisfying the standard. The prototype implementation has been done on D-Case Editor, an Eclipse based GSN editor. Among syntax defined in the standard, we have implemented “away goal” and “module node” as the basis for the module system, together with parameters with scope and pattern instantiation function which are extensions of our previous works. Due to some ambiguity in the GSN community standard, several design choices may exist. In this paper we report our design choices. We also report further a few issues for implementing the full syntax of the GSN community standard.

Article Search


Architecting and Generalizing a Safety Case for Critical Condition Detection Software: An Experience Report
Martin S. Feather and Lawrence Z. Markosian
(Jet Propulsion Laboratory, USA; SGT, USA)
Safety cases and, specifically, software safety cases, have had virtually no presence in engineering practice in the US. Recent interest, in addition to an early attempt to introduce them into practice in the NASA Constellation Program, motivated us to develop a partial safety case for a safety critical subsystem for the Ares I vehicle, namely the abort detection, notification and response (AFDNR) system. This paper relates our experience applying the safety case concept to AFDNR, particularly from the perspective of generalizing the safety issues to similar fault management systems. We also provide lessons learned, including a discussion of issues that led to our current refactoring of our initial safety case.

Article Search
Creating Safety Assurance Cases for Rebreather Systems
Alma L. Juarez Dominguez, Bruce G. Partridge, and Jeffrey J. Joyce
(University of Waterloo, Canada; Shearwater Research, Canada; Critical Systems Labs, Canada)
The creation of safety assurance cases is a new requirement for rebreather manufacturers, where a rebreather is simply understood as a self-contained underwater breathing apparatus. The two main potential benefits to creating safety assurance cases for rebreather systems are: ensuring that the system is sufficiently safe in a given context and showing compliance to a regulatory framework. This paper presents our experience in the process of developing a safety assurance case for a rebreather sub-system, thus providing guidance on this process to other rebreather manufacturers. We used the Goal Structuring Notation (GSN) to develop a safety argument that compelled us to re-evaluate our safety goals, and that provided a basis for productive discussion between embedded systems engineers, systems safety consultants, and reviewers.

Article Search
Constructing Safety Assurance Cases for Medical Devices
Arnab Ray and Rance Cleaveland
(Fraunhofer CESE, USA; University of Maryland, USA)
This paper lays out a approach for safety assurance case argumentation. The approach links together in a principled manner a devices highest-level safety claims, operating environments and hazards; and its safety requirements, final implementation, and test and other validation results. This approach is intended for the creation of safety assurance cases for pre-market submissions to a regulatory authority like the Food and Drug Administration.

Article Search

proc time: 0.32