SlideShare a Scribd company logo

Rtlws2013

Download as PPTX, PDF
Yutaka Matsuno
Yutaka Matsuno

A Presentation about D-Case Editor, an open source assurance case editor. Presented at RTLWS2013. Lugano, Switzerland, Oct 30, 2013

Technology
1 of 30
D-Case Editor An Open Source Assurance Case Tool The University of Electro-Communications Yutaka Matsuno matsuno@is.uec.ac.jp ⓒ 2013 UEC Tokyo.
Contents • Assurance Cases (Safety Cases) • DEOS and D-Case Editor • D-Case Editor Implementation – Compliance to Assurance Cases Standards – Modules and Patterns • Concluding Remarks ⓒ 2013 UEC Tokyo.
Assurance Case • A structured argument, supported by a body of evidence that provides a compelling, comprehensible and valid case that a system is safe for a given application in a given environment (City Univ Evidence London) Ex fault tree analysis result ゴール Evidence Ex. System is safe Evidence Argument Structure
Assurance Case • Case: All the reasons that one side in a legal argument can give against the other side. • Assurance Case is called safety case when arguing safety, dependability case when dependability, … • The term “Assurance Cases” is defined in ISO/IEC 15026: Systems and software engineering -- Systems and software assurance Assurance Case Safety Case Dependability Case Security Case …
Background of Assurance Cases • Piper Alpha Disaster (1988,167 dead) and many serious disasters since 1970– Not only prescriptive procedures, but argument why the safety is achieved by such procedures, based on evidence • Prescriptive and Goal Based regulations – Prescriptive: check safety lists given by standards – Goal Based: develop argument that the given safety goal is achieved -> Safety Cases (Lord Cullen’s Piper Alpha Disaster Report) – ISO26262 (automotive functional safety standard), EUROCONTROL (Eurocontrol, 2006), the Rail Yellow Book (Rail Track, 2000), and MoD Defense Standard 00-56 (MoD, 2007) require safety cases
Safety Cases in UK and World • UK (EU): “Using safety cases in industry and health care”, UK Health Foundation, 2012.12 – Avionics, Automobile, Defense, Atomic Plant, Oil, Railway, Medical and Health Devices http://www.health.org.uk/publications/using -safety-cases-in-industry-and-healthcare/ • World – USA: medical device such as infusion pomp – Japan: New, but because of ISO26262, several companies are now studying safety cases
Assurance Case Notation • Mostly by natural languages • Graphical Notations – CAE(Claim, Argument, Evidence) by Adelard, UK – GSN(Goal Structuring Notation) by Univ of Yok, UK CAE GSN CAE and GSN are essentially the same, and the metamodel is standardized as OMG SACM (structured assurance case metamodel)
GSN Example Goal Context Strategy Evidence Written with D-Case Editor
Cons for Safety Cases • Most papers about safety cases express personal opinions or deal with how to prepare a safety case, but not whether it is effective. (Nancy Leveson, MIT)
Contents • Assurance Cases • DEOS and D-Case Editor • D-Case Editor Implementation – Compliance to Assurance Cases Standards – Patterns and Modules • Concluding Remarks ⓒ 2013 UEC Tokyo.
DEOS and D-Case DEOS (Dependable Embedded Operating System) project funded by Japan Science and Technology Agency (2006.10 – 2014.3) •http://www.dependable-os.net/osddeos/index-e.html, or google “DEOS” •D-Case project, a sub project for assurance cases (2010.4-) (Dependability) – Tool Implementation, Lectures, meetings, case studies, standardization, … ⓒ 2013 UEC Tokyo.
D-Case Meetings • 2012.9.14(Nagoya), 12.20(Nagoya), 2013.4.19(Tokyo), 2013.10.22(Tokyo) Discussions Introduction of assurance cases in industries Use in ISO26262 Visibility of GSN, etc Participants Toyota、Yokogawa Electronics、Japan IBM、 Ogis RI、NTT Data、Denso Create、 Fuji Xerox, etc More than 60 participants http://www.dcase.jp (English page soon to be open) ⓒ 2013 UEC Tokyo.
D-Case Editor • An Open, Eclipse based GSN editor (2010.4-) – http://www.dependable-os.net/tech/DCaseEditor/index-e.html – GitHub https://github.com/d-case/d-case_editor • From Oct 2013, Eclipse Public Lisence • Purposes – Writing, presenting, sharing GSN • A few hundred downloads, tested by D-Case meeting participants and researchers in world – Prototyping for research ⓒ 2013 UEC Tokyo.
D-Case Editor Snapshot GSN nodes Eclipse Workspace Projects D-Case extensions Canvas ⓒ 2013 UEC Tokyo.
Feedbacks from Industries • Comments from Adelard, U York, Thales, OSADL, NASA, Denso Create (and many Japanese companies), … ⓒ 2013 UEC Tokyo.
D-Case Editor Functions Requirements from Industry Functions Editing and Viewing Graphical Editing Focusing Automatic Sub tee constructions Maintenance Module/Pattern, Word dictionary Change management Consistency Checking Simple type check on parameters D-Case/Agda (Proof Assistant Tool) Conversion to other formats Excel/PowerPoint OMG SACM Sharing among stakeholders D-Case Server (using Alfresco) Tool Chains Benchmark tools (DSN2012) SysML/UML Tools Experimental chain with Reqtify, Redmine, … ⓒ 2013 UEC Tokyo. Today’s topic Already implemented Partly implemented
Contents • Assurance Cases • DEOS and D-Case Editor • D-Case Editor Implementation – Compliance to Assurance Cases Standards – Modules and Patterns • Concluding Remarks ⓒ 2013 UEC Tokyo.
Compliance to Assurance Cases Standards • Compliance to standards is important – OMG SACM at OMG system assurance task force • SACM = Structured Assurance Case Metamodel • Harmonizing CAE and GSN – GSN Community Standard v1.0 (2011) • When implementing GSN Community Standard, we have several design choices • By showing our design choices, we hope to facilitate assurance case tool implementation ⓒ 2013 UEC Tokyo.
GSN Community Standard v1.0 • Part 0 Introduction and Concepts • Part 1 Definition of GSN • Annexes to Part 1 – Extension to GSN to support argument patterns – Modular extensions to GSN • Part 2 Guidance on the development and evaluation of goal structures • Annexes to Part 2 ⓒ 2013 UEC Tokyo.
GSN Modules B1.3.2.3 Contract modules can be used in the support relationship between modules to aid decoupling as shown in Figure 32. This de-coupling permits argument module construction in cases where the eventual source of support for an argument is unknown at the time of authoring or can be changed for example through re-use or planned product improvement or reconfiguration. (GSN Standard, p23) Current Implementation ⓒ 2013 UEC Tokyo.
GSN Patterns We focus on parameters ⓒ 2013 UEC Tokyo.
Design Choices for Modules (GSN Standard, p.17) • What is module? “module” is not so clearly defined – Interpret module as “a GSN tree with one top goal” Argument = GSN? • Away goals, solutions, contexts, … We do not want to introduce “away” nodes for each kind of GSN nodes (too many kinds of nodes) ⓒ 2013 UEC Tokyo.
Design Choices for Modules (GSN Standard p.17) • Away goals by color change Referring node as green Referred node as orange ⓒ 2013 UEC Tokyo.
Inter-Module notation • Automatically generate inter-module notation GSN Community Standard, P23 ⓒ 2013 UEC Tokyo.
Snapshot of GSN modules for LAN device management system Architecture ⓒ 2013 UEC Tokyo.
Some issues in Parameters We focus on parameters How to define parameters? What is the scope of parameters? In {System X}, what is “System”? ⓒ 2013 UEC Tokyo.
Design Choices for Patterns • Use context nodes to define parameters • Scope is subtree of goal of the context • Introduce types for parameters – Currently Int, double, string, enum ⓒ 2013 UEC Tokyo.
A Snap Shot of Parameter Definition of Availability Definition of SIL Scope of SIL Scope of Availability ⓒ 2013 UEC Tokyo.
Publically available tools we have tested Tool Name Platform Notations GSN Modules GSN Patterns ASCE (Adelard) None (Windows XP or later) GSN, CAE Partly? Not yet? Visio Plug-in (York) Visio GSN Not yet? Not yet? NASA CertWare (Open Source) Eclipse GSN, CAE, etc Not yet Not yet GSN Editor Web browser GSN Not yet Not yet Eclipse GSN Partly (Contract nodes are not done) Partly (Only Parameters) (Dependable Computing LLC) D-Case Editor (DEOS) Others: AdvoCATE(NASA, will be open source), AutoFOCUS3, acedit(York, not tested) E-Safety Case(Praxis), GSN CaseMaker(ERA), ISCADE, ISIS High ⓒ 2013 UEC Tokyo. Integrity Solution, TACE,…
Concluding Remarks • D-Case Editor, an open source assurance case editor • Tool Implementation, Use in Industries, Standardization should be co-developed Tool Implementation Open Source Development Standardization Use in industries ⓒ 2013 UEC Tokyo.

Recommended

The ideal module system and the harsh reality
The ideal module system and the harsh realityThe ideal module system and the harsh reality
The ideal module system and the harsh realityAdam Warski
 
Jamil R. Mazzawi, Founder and CEO, Optima Design Automation
Jamil R. Mazzawi, Founder and CEO, Optima Design AutomationJamil R. Mazzawi, Founder and CEO, Optima Design Automation
Jamil R. Mazzawi, Founder and CEO, Optima Design Automationchiportal
 
DMAP's presentation
DMAP's presentationDMAP's presentation
DMAP's presentationSILKAN
 
ISApaperIEC61508_AMN_Final
ISApaperIEC61508_AMN_FinalISApaperIEC61508_AMN_Final
ISApaperIEC61508_AMN_FinalAndy Nack
 
Narated mike bartley reqs signoff
Narated mike bartley reqs signoffNarated mike bartley reqs signoff
Narated mike bartley reqs signoffMikeBartley
 
Dorner works do-254_information
Dorner works do-254_informationDorner works do-254_information
Dorner works do-254_informationAnnmarie Davidson
 
Volvo Presents: Support for ISO 26262 in the EAST-ADL/AUTOSAR Context
Volvo Presents: Support for ISO 26262 in the EAST-ADL/AUTOSAR ContextVolvo Presents: Support for ISO 26262 in the EAST-ADL/AUTOSAR Context
Volvo Presents: Support for ISO 26262 in the EAST-ADL/AUTOSAR ContextTorben Haagh
 
TÜV SÜD on functional safety for multi-core architectures
TÜV SÜD on functional safety for multi-core architecturesTÜV SÜD on functional safety for multi-core architectures
TÜV SÜD on functional safety for multi-core architecturesTorben Haagh
 

Recommended

The ideal module system and the harsh reality
The ideal module system and the harsh realityThe ideal module system and the harsh reality
The ideal module system and the harsh realityAdam Warski
 
Jamil R. Mazzawi, Founder and CEO, Optima Design Automation
Jamil R. Mazzawi, Founder and CEO, Optima Design AutomationJamil R. Mazzawi, Founder and CEO, Optima Design Automation
Jamil R. Mazzawi, Founder and CEO, Optima Design Automationchiportal
 
DMAP's presentation
DMAP's presentationDMAP's presentation
DMAP's presentationSILKAN
 
ISApaperIEC61508_AMN_Final
ISApaperIEC61508_AMN_FinalISApaperIEC61508_AMN_Final
ISApaperIEC61508_AMN_FinalAndy Nack
 
Narated mike bartley reqs signoff
Narated mike bartley reqs signoffNarated mike bartley reqs signoff
Narated mike bartley reqs signoffMikeBartley
 
Dorner works do-254_information
Dorner works do-254_informationDorner works do-254_information
Dorner works do-254_informationAnnmarie Davidson
 
Volvo Presents: Support for ISO 26262 in the EAST-ADL/AUTOSAR Context
Volvo Presents: Support for ISO 26262 in the EAST-ADL/AUTOSAR ContextVolvo Presents: Support for ISO 26262 in the EAST-ADL/AUTOSAR Context
Volvo Presents: Support for ISO 26262 in the EAST-ADL/AUTOSAR ContextTorben Haagh
 
TÜV SÜD on functional safety for multi-core architectures
TÜV SÜD on functional safety for multi-core architecturesTÜV SÜD on functional safety for multi-core architectures
TÜV SÜD on functional safety for multi-core architecturesTorben Haagh
 
Unified Systems Engineering feasibility
Unified Systems Engineering feasibilityUnified Systems Engineering feasibility
Unified Systems Engineering feasibilityEric Verhulst
 
Iec61508 guide
Iec61508 guideIec61508 guide
Iec61508 guideronnyalex2013
 
Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...
Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...
Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...Schneider Electric
 
T062500000 p003050ppte
T062500000 p003050ppteT062500000 p003050ppte
T062500000 p003050pptePhani Kumar
 
DMAP\'s Brochure
DMAP\'s BrochureDMAP\'s Brochure
DMAP\'s BrochureDMAP
 
Overview of DO-254: Design Assurance Guidance For Airborne Electronic Hardware
Overview of DO-254: Design Assurance Guidance For Airborne Electronic HardwareOverview of DO-254: Design Assurance Guidance For Airborne Electronic Hardware
Overview of DO-254: Design Assurance Guidance For Airborne Electronic HardwareOak Systems
 
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...RAKESH RANA
 
Qualification of Eclipse-based Tools according to ISO 26262
Qualification of Eclipse-based Tools according to ISO 26262Qualification of Eclipse-based Tools according to ISO 26262
Qualification of Eclipse-based Tools according to ISO 26262Oscar Slotosch
 
20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastruc20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastrucCISEC
 
2017 03-10 - vu amsterdam - testing safety critical systems
2017 03-10 - vu amsterdam - testing safety critical systems2017 03-10 - vu amsterdam - testing safety critical systems
2017 03-10 - vu amsterdam - testing safety critical systemsJaap van Ekris
 
From use case to software architecture
From use case to software architectureFrom use case to software architecture
From use case to software architectureAhmad karawash
 
Safe & Sec Case Patterns (ASSURE 2015)
Safe & Sec Case Patterns (ASSURE 2015)Safe & Sec Case Patterns (ASSURE 2015)
Safe & Sec Case Patterns (ASSURE 2015)Kenji Taguchi
 
Clone of an organization
Clone of an organizationClone of an organization
Clone of an organizationIRJET Journal
 
Software Engineering with Objects (M363) Final Revision By Kuwait10
Software Engineering with Objects (M363) Final Revision By Kuwait10Software Engineering with Objects (M363) Final Revision By Kuwait10
Software Engineering with Objects (M363) Final Revision By Kuwait10Kuwait10
 
A Study on MDE Approaches for Engineering Wireless Sensor Networks
A Study on MDE Approaches for Engineering Wireless Sensor Networks A Study on MDE Approaches for Engineering Wireless Sensor Networks
A Study on MDE Approaches for Engineering Wireless Sensor Networks Ivano Malavolta
 
Managing Complexity and Change with Scalable Software Design
Managing Complexity and Change with Scalable Software DesignManaging Complexity and Change with Scalable Software Design
Managing Complexity and Change with Scalable Software Designlbergmans
 
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...Benoit Combemale
 
Week1.pptx
Week1.pptxWeek1.pptx
Week1.pptxMarriamNawaz
 
research about system safety.docx
research about system safety.docxresearch about system safety.docx
research about system safety.docxbkbk37
 
Werner Weil: UCUM - epicenter 2010
Werner Weil: UCUM - epicenter 2010Werner Weil: UCUM - epicenter 2010
Werner Weil: UCUM - epicenter 2010IrishDev.com
 
Ooad lab manual(original)
Ooad lab manual(original)Ooad lab manual(original)
Ooad lab manual(original)dipenpatelpatel
 
Security Patterns: Research Direction, Metamodel, Application and Verification
Security Patterns: Research Direction, Metamodel, Application and VerificationSecurity Patterns: Research Direction, Metamodel, Application and Verification
Security Patterns: Research Direction, Metamodel, Application and VerificationHironori Washizaki
 

More Related Content

Viewers also liked

Unified Systems Engineering feasibility
Unified Systems Engineering feasibilityUnified Systems Engineering feasibility
Unified Systems Engineering feasibilityEric Verhulst
 
Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...
Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...
Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...Schneider Electric
 
T062500000 p003050ppte
T062500000 p003050ppteT062500000 p003050ppte
T062500000 p003050pptePhani Kumar
 
DMAP\'s Brochure
DMAP\'s BrochureDMAP\'s Brochure
DMAP\'s BrochureDMAP
 
Overview of DO-254: Design Assurance Guidance For Airborne Electronic Hardware
Overview of DO-254: Design Assurance Guidance For Airborne Electronic HardwareOverview of DO-254: Design Assurance Guidance For Airborne Electronic Hardware
Overview of DO-254: Design Assurance Guidance For Airborne Electronic HardwareOak Systems
 
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...RAKESH RANA
 
Qualification of Eclipse-based Tools according to ISO 26262
Qualification of Eclipse-based Tools according to ISO 26262Qualification of Eclipse-based Tools according to ISO 26262
Qualification of Eclipse-based Tools according to ISO 26262Oscar Slotosch
 
20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastruc20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastrucCISEC
 
2017 03-10 - vu amsterdam - testing safety critical systems
2017 03-10 - vu amsterdam - testing safety critical systems2017 03-10 - vu amsterdam - testing safety critical systems
2017 03-10 - vu amsterdam - testing safety critical systemsJaap van Ekris
 

Viewers also liked (10)

Unified Systems Engineering feasibility
Unified Systems Engineering feasibilityUnified Systems Engineering feasibility
Unified Systems Engineering feasibility
 
Iec61508 guide
Iec61508 guideIec61508 guide
Iec61508 guide
 
Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...
Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...
Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...
 
T062500000 p003050ppte
T062500000 p003050ppteT062500000 p003050ppte
T062500000 p003050ppte
 
DMAP\'s Brochure
DMAP\'s BrochureDMAP\'s Brochure
DMAP\'s Brochure
 
Overview of DO-254: Design Assurance Guidance For Airborne Electronic Hardware
Overview of DO-254: Design Assurance Guidance For Airborne Electronic HardwareOverview of DO-254: Design Assurance Guidance For Airborne Electronic Hardware
Overview of DO-254: Design Assurance Guidance For Airborne Electronic Hardware
 
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...
 
Qualification of Eclipse-based Tools according to ISO 26262
Qualification of Eclipse-based Tools according to ISO 26262Qualification of Eclipse-based Tools according to ISO 26262
Qualification of Eclipse-based Tools according to ISO 26262
 
20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastruc20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastruc
 
2017 03-10 - vu amsterdam - testing safety critical systems
2017 03-10 - vu amsterdam - testing safety critical systems2017 03-10 - vu amsterdam - testing safety critical systems
2017 03-10 - vu amsterdam - testing safety critical systems
 

Similar to Rtlws2013

From use case to software architecture
From use case to software architectureFrom use case to software architecture
From use case to software architectureAhmad karawash
 
Safe & Sec Case Patterns (ASSURE 2015)
Safe & Sec Case Patterns (ASSURE 2015)Safe & Sec Case Patterns (ASSURE 2015)
Safe & Sec Case Patterns (ASSURE 2015)Kenji Taguchi
 
Clone of an organization
Clone of an organizationClone of an organization
Clone of an organizationIRJET Journal
 
Software Engineering with Objects (M363) Final Revision By Kuwait10
Software Engineering with Objects (M363) Final Revision By Kuwait10Software Engineering with Objects (M363) Final Revision By Kuwait10
Software Engineering with Objects (M363) Final Revision By Kuwait10Kuwait10
 
A Study on MDE Approaches for Engineering Wireless Sensor Networks
A Study on MDE Approaches for Engineering Wireless Sensor Networks A Study on MDE Approaches for Engineering Wireless Sensor Networks
A Study on MDE Approaches for Engineering Wireless Sensor Networks Ivano Malavolta
 
Managing Complexity and Change with Scalable Software Design
Managing Complexity and Change with Scalable Software DesignManaging Complexity and Change with Scalable Software Design
Managing Complexity and Change with Scalable Software Designlbergmans
 
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...Benoit Combemale
 
research about system safety.docx
research about system safety.docxresearch about system safety.docx
research about system safety.docxbkbk37
 
Werner Weil: UCUM - epicenter 2010
Werner Weil: UCUM - epicenter 2010Werner Weil: UCUM - epicenter 2010
Werner Weil: UCUM - epicenter 2010IrishDev.com
 
Ooad lab manual(original)
Ooad lab manual(original)Ooad lab manual(original)
Ooad lab manual(original)dipenpatelpatel
 
Security Patterns: Research Direction, Metamodel, Application and Verification
Security Patterns: Research Direction, Metamodel, Application and VerificationSecurity Patterns: Research Direction, Metamodel, Application and Verification
Security Patterns: Research Direction, Metamodel, Application and VerificationHironori Washizaki
 
Lecture 1 uml with java implementation
Lecture 1 uml with java implementationLecture 1 uml with java implementation
Lecture 1 uml with java implementationthe_wumberlog
 
15 03-25-wallom-cloudwatch-wp2
15 03-25-wallom-cloudwatch-wp215 03-25-wallom-cloudwatch-wp2
15 03-25-wallom-cloudwatch-wp2David Wallom
 
Emerging standards and support organizations within engineering simulation
Emerging standards and support organizations within engineering simulation Emerging standards and support organizations within engineering simulation
Emerging standards and support organizations within engineering simulation Modelon
 
COCOMO methods for software size estimation
COCOMO methods for software size estimationCOCOMO methods for software size estimation
COCOMO methods for software size estimationPramod Parajuli
 
Standards for the Future of Java Embedded (16:9)
Standards for the Future of Java Embedded (16:9)Standards for the Future of Java Embedded (16:9)
Standards for the Future of Java Embedded (16:9)Werner Keil
 
Software development effort reduction with Co-op
Software development effort reduction with Co-opSoftware development effort reduction with Co-op
Software development effort reduction with Co-oplbergmans
 
Towards Software Sustainability Guides for Industrial Software Systems
Towards Software Sustainability Guides for Industrial Software SystemsTowards Software Sustainability Guides for Industrial Software Systems
Towards Software Sustainability Guides for Industrial Software SystemsHeiko Koziolek
 

Similar to Rtlws2013 (20)

From use case to software architecture
From use case to software architectureFrom use case to software architecture
From use case to software architecture
 
Safe & Sec Case Patterns (ASSURE 2015)
Safe & Sec Case Patterns (ASSURE 2015)Safe & Sec Case Patterns (ASSURE 2015)
Safe & Sec Case Patterns (ASSURE 2015)
 
Clone of an organization
Clone of an organizationClone of an organization
Clone of an organization
 
Software Engineering with Objects (M363) Final Revision By Kuwait10
Software Engineering with Objects (M363) Final Revision By Kuwait10Software Engineering with Objects (M363) Final Revision By Kuwait10
Software Engineering with Objects (M363) Final Revision By Kuwait10
 
A Study on MDE Approaches for Engineering Wireless Sensor Networks
A Study on MDE Approaches for Engineering Wireless Sensor Networks A Study on MDE Approaches for Engineering Wireless Sensor Networks
A Study on MDE Approaches for Engineering Wireless Sensor Networks
 
Managing Complexity and Change with Scalable Software Design
Managing Complexity and Change with Scalable Software DesignManaging Complexity and Change with Scalable Software Design
Managing Complexity and Change with Scalable Software Design
 
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...
 
Week1.pptx
Week1.pptxWeek1.pptx
Week1.pptx
 
research about system safety.docx
research about system safety.docxresearch about system safety.docx
research about system safety.docx
 
Werner Weil: UCUM - epicenter 2010
Werner Weil: UCUM - epicenter 2010Werner Weil: UCUM - epicenter 2010
Werner Weil: UCUM - epicenter 2010
 
Ooad lab manual(original)
Ooad lab manual(original)Ooad lab manual(original)
Ooad lab manual(original)
 
Security Patterns: Research Direction, Metamodel, Application and Verification
Security Patterns: Research Direction, Metamodel, Application and VerificationSecurity Patterns: Research Direction, Metamodel, Application and Verification
Security Patterns: Research Direction, Metamodel, Application and Verification
 
Lecture 1 uml with java implementation
Lecture 1 uml with java implementationLecture 1 uml with java implementation
Lecture 1 uml with java implementation
 
15 03-25-wallom-cloudwatch-wp2
15 03-25-wallom-cloudwatch-wp215 03-25-wallom-cloudwatch-wp2
15 03-25-wallom-cloudwatch-wp2
 
Emerging standards and support organizations within engineering simulation
Emerging standards and support organizations within engineering simulation Emerging standards and support organizations within engineering simulation
Emerging standards and support organizations within engineering simulation
 
COCOMO methods for software size estimation
COCOMO methods for software size estimationCOCOMO methods for software size estimation
COCOMO methods for software size estimation
 
Standards for the Future of Java Embedded (16:9)
Standards for the Future of Java Embedded (16:9)Standards for the Future of Java Embedded (16:9)
Standards for the Future of Java Embedded (16:9)
 
software lecture
software lecturesoftware lecture
software lecture
 
Software development effort reduction with Co-op
Software development effort reduction with Co-opSoftware development effort reduction with Co-op
Software development effort reduction with Co-op
 
Towards Software Sustainability Guides for Industrial Software Systems
Towards Software Sustainability Guides for Industrial Software SystemsTowards Software Sustainability Guides for Industrial Software Systems
Towards Software Sustainability Guides for Industrial Software Systems
 

Recently uploaded

Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 

Recently uploaded (20)

Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 

Rtlws2013

  • 1. D-Case Editor An Open Source Assurance Case Tool The University of Electro-Communications Yutaka Matsuno matsuno@is.uec.ac.jp ⓒ 2013 UEC Tokyo.
  • 2. Contents • Assurance Cases (Safety Cases) • DEOS and D-Case Editor • D-Case Editor Implementation – Compliance to Assurance Cases Standards – Modules and Patterns • Concluding Remarks ⓒ 2013 UEC Tokyo.
  • 3. Assurance Case • A structured argument, supported by a body of evidence that provides a compelling, comprehensible and valid case that a system is safe for a given application in a given environment (City Univ Evidence London) Ex fault tree analysis result ゴール Evidence Ex. System is safe Evidence Argument Structure
  • 4. Assurance Case • Case: All the reasons that one side in a legal argument can give against the other side. • Assurance Case is called safety case when arguing safety, dependability case when dependability, … • The term “Assurance Cases” is defined in ISO/IEC 15026: Systems and software engineering -- Systems and software assurance Assurance Case Safety Case Dependability Case Security Case …
  • 5. Background of Assurance Cases • Piper Alpha Disaster (1988,167 dead) and many serious disasters since 1970– Not only prescriptive procedures, but argument why the safety is achieved by such procedures, based on evidence • Prescriptive and Goal Based regulations – Prescriptive: check safety lists given by standards – Goal Based: develop argument that the given safety goal is achieved -> Safety Cases (Lord Cullen’s Piper Alpha Disaster Report) – ISO26262 (automotive functional safety standard), EUROCONTROL (Eurocontrol, 2006), the Rail Yellow Book (Rail Track, 2000), and MoD Defense Standard 00-56 (MoD, 2007) require safety cases
  • 6. Safety Cases in UK and World • UK (EU): “Using safety cases in industry and health care”, UK Health Foundation, 2012.12 – Avionics, Automobile, Defense, Atomic Plant, Oil, Railway, Medical and Health Devices http://www.health.org.uk/publications/using -safety-cases-in-industry-and-healthcare/ • World – USA: medical device such as infusion pomp – Japan: New, but because of ISO26262, several companies are now studying safety cases
  • 7. Assurance Case Notation • Mostly by natural languages • Graphical Notations – CAE(Claim, Argument, Evidence) by Adelard, UK – GSN(Goal Structuring Notation) by Univ of Yok, UK CAE GSN CAE and GSN are essentially the same, and the metamodel is standardized as OMG SACM (structured assurance case metamodel)
  • 9. Cons for Safety Cases • Most papers about safety cases express personal opinions or deal with how to prepare a safety case, but not whether it is effective. (Nancy Leveson, MIT)
  • 10. Contents • Assurance Cases • DEOS and D-Case Editor • D-Case Editor Implementation – Compliance to Assurance Cases Standards – Patterns and Modules • Concluding Remarks ⓒ 2013 UEC Tokyo.
  • 11. DEOS and D-Case DEOS (Dependable Embedded Operating System) project funded by Japan Science and Technology Agency (2006.10 – 2014.3) •http://www.dependable-os.net/osddeos/index-e.html, or google “DEOS” •D-Case project, a sub project for assurance cases (2010.4-) (Dependability) – Tool Implementation, Lectures, meetings, case studies, standardization, … ⓒ 2013 UEC Tokyo.
  • 12. D-Case Meetings • 2012.9.14(Nagoya), 12.20(Nagoya), 2013.4.19(Tokyo), 2013.10.22(Tokyo) Discussions Introduction of assurance cases in industries Use in ISO26262 Visibility of GSN, etc Participants Toyota、Yokogawa Electronics、Japan IBM、 Ogis RI、NTT Data、Denso Create、 Fuji Xerox, etc More than 60 participants http://www.dcase.jp (English page soon to be open) ⓒ 2013 UEC Tokyo.
  • 13. D-Case Editor • An Open, Eclipse based GSN editor (2010.4-) – http://www.dependable-os.net/tech/DCaseEditor/index-e.html – GitHub https://github.com/d-case/d-case_editor • From Oct 2013, Eclipse Public Lisence • Purposes – Writing, presenting, sharing GSN • A few hundred downloads, tested by D-Case meeting participants and researchers in world – Prototyping for research ⓒ 2013 UEC Tokyo.
  • 15. Feedbacks from Industries • Comments from Adelard, U York, Thales, OSADL, NASA, Denso Create (and many Japanese companies), … ⓒ 2013 UEC Tokyo.
  • 16. D-Case Editor Functions Requirements from Industry Functions Editing and Viewing Graphical Editing Focusing Automatic Sub tee constructions Maintenance Module/Pattern, Word dictionary Change management Consistency Checking Simple type check on parameters D-Case/Agda (Proof Assistant Tool) Conversion to other formats Excel/PowerPoint OMG SACM Sharing among stakeholders D-Case Server (using Alfresco) Tool Chains Benchmark tools (DSN2012) SysML/UML Tools Experimental chain with Reqtify, Redmine, … ⓒ 2013 UEC Tokyo. Today’s topic Already implemented Partly implemented
  • 17. Contents • Assurance Cases • DEOS and D-Case Editor • D-Case Editor Implementation – Compliance to Assurance Cases Standards – Modules and Patterns • Concluding Remarks ⓒ 2013 UEC Tokyo.
  • 18. Compliance to Assurance Cases Standards • Compliance to standards is important – OMG SACM at OMG system assurance task force • SACM = Structured Assurance Case Metamodel • Harmonizing CAE and GSN – GSN Community Standard v1.0 (2011) • When implementing GSN Community Standard, we have several design choices • By showing our design choices, we hope to facilitate assurance case tool implementation ⓒ 2013 UEC Tokyo.
  • 19. GSN Community Standard v1.0 • Part 0 Introduction and Concepts • Part 1 Definition of GSN • Annexes to Part 1 – Extension to GSN to support argument patterns – Modular extensions to GSN • Part 2 Guidance on the development and evaluation of goal structures • Annexes to Part 2 ⓒ 2013 UEC Tokyo.
  • 20. GSN Modules B1.3.2.3 Contract modules can be used in the support relationship between modules to aid decoupling as shown in Figure 32. This de-coupling permits argument module construction in cases where the eventual source of support for an argument is unknown at the time of authoring or can be changed for example through re-use or planned product improvement or reconfiguration. (GSN Standard, p23) Current Implementation ⓒ 2013 UEC Tokyo.
  • 21. GSN Patterns We focus on parameters ⓒ 2013 UEC Tokyo.
  • 22. Design Choices for Modules (GSN Standard, p.17) • What is module? “module” is not so clearly defined – Interpret module as “a GSN tree with one top goal” Argument = GSN? • Away goals, solutions, contexts, … We do not want to introduce “away” nodes for each kind of GSN nodes (too many kinds of nodes) ⓒ 2013 UEC Tokyo.
  • 23. Design Choices for Modules (GSN Standard p.17) • Away goals by color change Referring node as green Referred node as orange ⓒ 2013 UEC Tokyo.
  • 24. Inter-Module notation • Automatically generate inter-module notation GSN Community Standard, P23 ⓒ 2013 UEC Tokyo.
  • 25. Snapshot of GSN modules for LAN device management system Architecture ⓒ 2013 UEC Tokyo.
  • 26. Some issues in Parameters We focus on parameters How to define parameters? What is the scope of parameters? In {System X}, what is “System”? ⓒ 2013 UEC Tokyo.
  • 27. Design Choices for Patterns • Use context nodes to define parameters • Scope is subtree of goal of the context • Introduce types for parameters – Currently Int, double, string, enum ⓒ 2013 UEC Tokyo.
  • 28. A Snap Shot of Parameter Definition of Availability Definition of SIL Scope of SIL Scope of Availability ⓒ 2013 UEC Tokyo.
  • 29. Publically available tools we have tested Tool Name Platform Notations GSN Modules GSN Patterns ASCE (Adelard) None (Windows XP or later) GSN, CAE Partly? Not yet? Visio Plug-in (York) Visio GSN Not yet? Not yet? NASA CertWare (Open Source) Eclipse GSN, CAE, etc Not yet Not yet GSN Editor Web browser GSN Not yet Not yet Eclipse GSN Partly (Contract nodes are not done) Partly (Only Parameters) (Dependable Computing LLC) D-Case Editor (DEOS) Others: AdvoCATE(NASA, will be open source), AutoFOCUS3, acedit(York, not tested) E-Safety Case(Praxis), GSN CaseMaker(ERA), ISCADE, ISIS High ⓒ 2013 UEC Tokyo. Integrity Solution, TACE,…
  • 30. Concluding Remarks • D-Case Editor, an open source assurance case editor • Tool Implementation, Use in Industries, Standardization should be co-developed Tool Implementation Open Source Development Standardization Use in industries ⓒ 2013 UEC Tokyo.