Exmouth House 3–11 Pine Street London EC1R 0JH T +44 20 7832 5850 F +44 20 7832 5853 E W CAE – Next generation and Building.

Slides:



Advertisements
Similar presentations
Whole Airspace Safety Case Meeting – Overview of Prior Work – 1 Whole Airspace Safety Case Meeting Overview of Prior Work Tim Kelly John McDermid Department.
Advertisements

AMUSE Autonomic Management of Ubiquitous Systems for e-Health Prof. J. Sventek University of Glasgow In collaboration.
MDI 2010, Oslo, Norway Behavioural Interoperability to Support Model-Driven Systems Integration Alek Radjenovic, Richard Paige The University of York,
Data Quality Considerations
Mapping Assurance to the Software Engineering Process Alfred H. Kromholz, Ph.D. The MITRE Corporation mitre.org Copyright © 2004.
Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.
Using the Crosscutting Concepts As conceptual tools when meeting an unfamiliar problem or phenomenon.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 24 Slide 1 Critical Systems Validation 2.
Background information Formal verification methods based on theorem proving techniques and model­checking –to prove the absence of errors (in the formal.
Trusted Hardware: Can it be Trustworthy? Design Automation Conference 5 June 2007 Karl Levitt National Science Foundation Cynthia E. Irvine Naval Postgraduate.
1 Basic abstract interpretation theory. 2 The general idea §a semantics l any definition style, from a denotational definition to a detailed interpreter.
1 Certification Chapter 14, Storey. 2 Topics  What is certification?  Various forms of certification  The process of system certification (the planning.
Industrial Avionics Working Group 19/04/07 Modular Certification Developing Safety Case Modules.
Requirements Analysis Concepts & Principles
Software Architecture in Practice RiSE’s Seminars Bass’s book :: Chapters 07 Eduardo Santana de Almeida.
Industrial Avionics Working Group 19/04/07 Architecture Integration.
1 Optimizing Utility in Cloud Computing through Autonomic Workload Execution Reporter : Lin Kelly Date : 2010/11/24.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
User Centered Web Site Engineering Part 2. Developing Site Structure & Content Content View Addressing content Outlining content Creating a content delivery.
System Engineering Instructor: Dr. Jerry Gao. System Engineering Jerry Gao, Ph.D. Jan System Engineering Hierarchy - System Modeling - Information.
Exmouth House 3–11 Pine Street London EC1R 0JH T F E W PT/227/30028/1 Extending ASCE:
Architectural Design Establishing the overall structure of a software system Objectives To introduce architectural design and to discuss its importance.
Dimensions of Data Quality M&E Capacity Strengthening Workshop, Addis Ababa 4 to 8 June 2012 Arif Rashid, TOPS.
Exmouth House 3–11 Pine Street London EC1R 0JH T F E W ASCE – Railway Hazard Log Technical.
Exmouth House 3–11 Pine Street London EC1R 0JH T F E W How ASCE Support Works? Dr.
Traditional Approach to Requirements Data Flow Diagram (DFD)
System Analysis Overview Document functional requirements by creating models Two concepts help identify functional requirements in the traditional approach.
The design process z Software engineering and the design process for interactive systems z Standards and guidelines as design rules z Usability engineering.
Systems Analysis and Design in a Changing World, Fifth Edition
Chapter 6 The Traditional Approach to Requirements
Systems Analysis and Design in a Changing World, Fifth Edition
Architecting secure software systems
CPSC 871 John D. McGregor Module 4 Session 3 Architecture Evaluation.
Pushing the Security Boundaries of Ubiquitous Computing ACSF 2006 —————— 13 th July 2006 —————— David Llewellyn-Jones, Madjid Merabti, Qi Shi, Bob Askwith.
© Copyright 2014 Rockwell Collins, Inc. All rights reserved. Resolute: An Assurance Case Language for Architecture Models Andrew Gacek, John Backes, Darren.
Chapter 7 Recursion 1CSCI 3333 Data Structures. 2 Recurrent Sequence A recursively defined sequence – First, certain initial values are specified  c.f.,
OBJECT ORIENTED SYSTEM ANALYSIS AND DESIGN. COURSE OUTLINE The world of the Information Systems Analyst Approaches to System Development The Analyst as.
POSTECH DP & NM Lab. (1)(1) POWER Prototype (1)(1) POWER Prototype : Towards Integrated Policy-based Management Mi-Joung Choi
1 UML Basic Training. UML Basic training2 Agenda  Definitions: requirements, design  Basics of Unified Modeling Language 1.4  SysML.
6 Systems Analysis and Design in a Changing World, Fifth Edition.
SOFTWARE DESIGN AND ARCHITECTURE LECTURE 05. Review Software design methods Design Paradigms Typical Design Trade-offs.
Kuliah 9 : Product Architecture. Dira Ernawati, ST.MT2 Planning Concept Develop. System- Level Design Detail Design Testing And Refinement Production.
Chapter 18: Introduction to Assurance Dr. Wayne Summers Department of Computer Science Columbus State University
Copyright Prof. Dr. Shuichiro Yamamoto Prof. Dr. Shuichiro Yamamoto Nagoya University.
CPSC 871 John D. McGregor Module 3 Session 1 Architecture.
Software Safety Case Why, what and how… Jon Arvid Børretzen.
Requirements Engineering-Based Conceptual Modelling From: Requirements Engineering E. Insfran, O. Pastor and R. Wieringa Presented by Chin-Yi Tsai.
Kemal Baykal Rasim Ismayilov
12 Chapter 12: Advanced Topics in Object-Oriented Design Systems Analysis and Design in a Changing World, 3 rd Edition.
Architecture View Models A model is a complete, simplified description of a system from a particular perspective or viewpoint. There is no single view.
Exmouth House 3–11 Pine Street London EC1R 0JH T F E W ASCE 4.2 New Features and User.
Formal Verification. Background Information Formal verification methods based on theorem proving techniques and model­checking –To prove the absence of.
Exmouth House 3–11 Pine Street London EC1R 0JH T F E W ASCE Master-class Configuration.
Basic Concepts and Definitions
Exmouth House 3–11 Pine Street London EC1R 0JH T F E W ASCE Master-class Getting the.
By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.
1 Towards Integrated Tool Support for the User Requirements Notation Jean-François Roy
Review of last class Software Engineering Modeling Problem Solving
Definition CASE tools are software systems that are intended to provide automated support for routine activities in the software process such as editing.
Chapter 2 Database System Concepts and Architecture
Systems Design.
The design process Software engineering and the design process for interactive systems Standards and guidelines as design rules Usability engineering.
The design process Software engineering and the design process for interactive systems Standards and guidelines as design rules Usability engineering.
Chapter 5 Designing the Architecture Shari L. Pfleeger Joanne M. Atlee
THE ORANGE BOOK Ravi Sandhu
Internet of Things A Process Calculus Approach
Chapter 27 Security Engineering
Chapter 2: Building a System
Building a “System” Moving from writing a program to building a system. What’s the difference?! Complexity, size, complexity, size complexity Breadth.
Implementation Plan system integration required for each iteration
Presentation transcript:

Exmouth House 3–11 Pine Street London EC1R 0JH T F E W CAE – Next generation and Building Blocks ASCE User Forum 03 June 2015 Presented by: Dr Kate Netkachova

© ADELARD LLP Outline New trends and general concept CAE stack of resources Collection of basic blocks Composite blocks Templates, fragments Tool Support 2

© ADELARD LLP Claims, arguments, evidence (CAE) 3 “a documented body of evidence that provides a convincing and valid argument that a system is adequately safe for a given application in a given environment”

© ADELARD LLP Security-informed Safety Cases 4 Security consideration Impact on the Case Structure Some observations Supply chain integrity. Malicious events post deployment. Design changes to address user interactions, training, configuration, vulnerabilities. Additional functional requirements that implement security controls. Possible exploitation of the device/service to attack itself or others. Justification of safety which specifically takes into account the impact of security.

© ADELARD LLP Levels of abstraction 5 L0 Policy and requirements – the highest level of abstraction where the system represents its requirements, and defines safety and security policies and their interaction; L1 Architectural layer – the intermediate level where the abstract system components and architecture are analysed; L2 Implementation layer – the detailed level where the implementation of specific components and their integration within the specific system architecture are scrutinised.

© ADELARD LLP Development of the Blocks approach 6

© ADELARD LLP Schematic of the CAE stack 7

© ADELARD LLP Instantiating an assurance case

© ADELARD LLP 5 Building Blocks 9 Concretion Decomposition Substitution Calculation Evidence incorporation Decomposition Partition some aspect of the claim Substitution Refine a claim about an object into claim about an equivalent object Evidence incorporation Evidence supports the claim Concretion Some aspect of the claim is given a more precise definition Calculation or proof Some value of the claim can be computed or proved

© ADELARD LLP General structure of the block General block structure CAE blocks are a series of archetypal argument fragments. They are based on the CAE normal form with further simplification and enhancements. 10

© ADELARD LLP Decomposition block Example of a single object decomposition 11

© ADELARD LLP Examples of single decomposition 12

© ADELARD LLP Substitution block This block is used to claim that if a property holds for one object, then it holds for an equivalent object. The nature of this ‘equivalence’ will vary with the object and property and will need to be defined. Object substitution Property substitution 13

© ADELARD LLP Examples of substitution Product substitutionGeneralised: product type substitution 14

© ADELARD LLP Evidence incorporation This block is used to incorporate evidence elements into the case. A typical application of this block is at the edge of a case tree where a claim is shown to be directly satisfied by its supporting evidence. 15

© ADELARD LLP Example of evidence incorporation 16 Test report directly shows that there are 25 successful tests

© ADELARD LLP Concretion This block is used when a claim needs to be given a more precise definition or interpretation. The top claim P(X, Cn, En) can be replaced with a more precise or defined claim P1(X1, Cn, En) 17

© ADELARD LLP Example of concretion Property concretionEnvironment concretion 18

© ADELARD LLP Calculation This block is used to claim that the value of a property of a system can be computed from the values of related properties of other objects. Show that the value b of property P(X, b, E, C) of system X in env E and conf C can be calculated from values 19

© ADELARD LLP Example of calculation 20

© ADELARD LLP ‘Helping hand’ - guidance on selecting Blocks 21

© ADELARD LLP Composite blocks Example of a composite block and its expansion to show the underlying basic blocks 22 Substitution + Decomposition Concretion + Decomposition Any basic block + Evidence incorporation

© ADELARD LLP Fragments/Templates Test Harness M(X1),M(C)X1, C Oracle Test Cases True False Alternative resolution True False

© ADELARD LLP CAE normal form Example of a claim structure before and after normal form Claim nodes may only be connected to argument nodes Argument nodes may only be connected to claim and evidence nodes Each argument node may only have one outbound link to a claim node Each claim is to be supported by only one argument Argument nodes must be supported by at least one subclaim or evidence node Evidence nodes represent the bottom of the safety argument and are not supported A claim, subclaim or evidence may support more than one argument 24

© ADELARD LLP Positive outcome 1.Standardised way of creating cases 2.Simple patterns, easy to use 3.Structured vs narrative argument 4.Explicit backing for the argument/side-warrant 5.Explicit links to system models, etc. 6.Prototype tool support 25

© ADELARD LLP Tool Support – Enable the Blocks plugin

© ADELARD LLP Tool Support – Use the Blocks schema

© ADELARD LLP Tool support – Add/Edit Block

© ADELARD LLP Tool support – use the plugin

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.