A Systematic Approach for Developing Software Safety Arguments

摘要

It is becoming increasingly common to develop safety arguments (also called assurance arguments) to demonstrate that the software aspects of a system are acceptably safe to operate. A software safety argument enables a compelling justification of the sufficiency of the software to be provided, whilst also giving the software developer flexibility to adopt the development approach that is most appropriate for their system. To be compelling, the safety argument must provide sufficient assurance in the safety claims made about the software. Our investigations have shown that creating compelling software safety arguments remains a major challenge for those developing safety-related software. To help address this challenge we have developed a systematic approach to software safety argument construction which explicitly considers and addresses assurance. Our approach has two key elements which, when used together, facilitate the construction of compelling software safety arguments. Firstly a method for argument construction is proposed, this method extends an existing method by explicitly considering assurance at each step. Secondly a set of software safety argument patterns have been developed. These patterns document reusable software safety argument structures which may be instantiated for the system under consideration. These patterns again build on existing work, and have been developed such that they highlight as clearly as possible where assurance may be gained and lost during the development of the argument.