skip to main content
10.1145/3422392.3422398acmotherconferencesArticle/Chapter ViewAbstractPublication PagessbesConference Proceedingsconference-collections
research-article

Incremental Development of Safety Cases: a Mapping Study

Published: 21 December 2020 Publication History

Abstract

Context: Safety assurance case (SAC) development is an approach for discussing, analysing and assessing the safety properties of systems before a certification procedure. Late development of SACs lead to late discovery of hazards, risks, requirement and design issues that affect safety of the systems. Also, increased rework to recall safety evidence information impact project schedules and costs. However, it is still challenging to develop SACs incrementally. Objective: We aim to identify and analyse existing approaches for integrating SAC development as part of the software development processes in an incremental manner and an analysis of such approaches in terms of how the integration with existing processes occurs, which are the roles involved and which are the expected outcomes. Method: We performed a Systematic Mapping Study to identify and analyse the existing approaches for incremental SAC development. We identified 16 peer-reviewed studies from a set of 1242 studies published until January 2020. Results: We developed a classification for the approaches using three aspects: life cycle model, task integration and argument development. We also found that development-related roles are gaining importance in the construction and review of SACs. Finally, we identified the expected outcomes when adopting incremental development of SACs. Conclusions: The analysis presented in this paper can help practitioners to understand the SAC development area better, and to choose how to adopt incremental SAC development into their processes. Also, we present research directions for further work on the topic.

References

[1]
R. Alexander, T. Kelly, and B. Gorry. 2010. Safety Lifecycle Activities for Autonomous Systems Development. In 4th SEAS DTC Technical Conf. Edinburgh, 1323--1330.
[2]
G. Cicotti. 2017. An evidence-based risk-oriented V-model methodology to develop ambient intelligent medical software. Journal of Reliable Intelligent Environments 3, 1 (2017), 41--53.
[3]
J. Cleland-Huang and M. Vierhauser. 2018. Discovering, Analyzing, and Managing Safety Stories in Agile Projects. IEEE 26th Intl. Requirements Engineering Conf. (2018), 262--273.
[4]
A. Dick and S. Wills. 2008. Evidence-Based Development - Applying Safety Engineering Techniques to the Progressive Assurance and Certification of Complex Systems. In 2008 3rd IET Intl. Conf. on System Safety. 1--6.
[5]
X. Ge, R. Paige, and J. McDermid. 2010. An Iterative Approach for Development of Safety-Critical Software and Safety Arguments. In Agile Conf. 35--43.
[6]
P. Graydon, J. Knight, and E. Strunk. 2007. Assurance Based Development of Critical Systems. In 37th Annual IEEE/IFIP Intl. Conf. on Dependable Systems and Networks (DSN'07). IEEE, 347--357.
[7]
J. Hall and L. Rapanotti. 2008. Assurance-Driven Design. In The Third Intl. Conf. on Software Engineering Advances. 379--388.
[8]
J. Knight, J. Rowanhill, M. Aiello, and K. Wasson. 2015. A Comprehensive Safety Lifecycle. In Intl. Ws. on Assurance Cases for Software -Intensive Systems, Floor Koornneef and Coen van Gulijk (Eds.). Springer, 38--49.
[9]
K. Kuramitsu. 2016. Continuously revised assurance cases with stakeholders ' cross-validation: a DEOS experience. PeerJ Computer Science 2 (2016), e101.
[10]
C. Lin and W. Shen. 2015. Generation of assurance cases for medical devices. Studies in Computational Intelligence 566 (2015), 127--140.
[11]
K. Łukasiewicz and J. Górski. 2018. Introducing Agile Practices into Development Processes of Safety Critical Software. In Proc. of the 19th Intl. Conf. on Agile Software Development: Companion (XP '18). ACM, 1--8.
[12]
Y. Matsuno, J. Nakazawa, M. Takeyama, M. Sugaya, and Y. Ishikawa. 2010. Towards a Language for Communication among Stakeholders. In 2010 IEEE 16th Pacific Rim Intl. Symposium on Dependable Computing. 93--100.
[13]
M. O'Halloran, J. Hall, and L. Rapanotti. 2017. Safety engineering with COTS components. Reliability Engineering and System Safety 160 (2017), 54--66.
[14]
Y. Papadopoulos and J. McDermid. 1999. The potential for a generic approach to certification of safety critical systems in the transportation sector. Reliability Engineering and System Safety 63, 1 (1999), 47--66.
[15]
A. Ruiz, P. Barbosa, Y. Medeiros, and H. Espinoza. 2015. Safety Case Driven Development for Medical Devices. In Intl. Conf. on Computer Safety, Reliability, and Security (SAFECOMP), Vol. 9337. Cham, 183--196.
[16]
T. Stålhane and T. Myklebust. 2016. The agile safety case. Lecture Notes in Computer Science 9923 LNCS (2016), 5--16.
[17]
C. Almendra, C. Silva, and J. Vilela. 2020. Supplementary Material for the paper "Incremental Development of Safety Cases: a Mapping Study". https://ccalmendra.github.io/mapping-sacd-sdlc/.
[18]
P. Bishop and R. Bloomfield. 2000. A Methodology for Safety Case Development. Safety and Reliability 20, 1 (2000), 34--42.
[19]
R. Bloomfield and P. Bishop. 2010. Safety and Assurance Cases: Past, Present and Possible Future - an Adelard Perspective. In Making Systems Safer, Chris Dale and Tom Anderson (Eds.). Springer, London, 51--67.
[20]
J. Cheng, R. Metoyer, M. Goodrum, and J. Cleland-Huang. 2018. How Do Practitioners Perceive Assurance Cases in Safety-Critical Software Systems ?. In Proc. of the 11th Intl. Works. on Cooperative and Human Aspects of Software Engineering. ACM, 5--8.
[21]
J.L. De La Vara. 2014. Current and necessary insights into SACM: An analysis based on past publications. In 2014 IEEE 7th Intl. Works. on Requirements Engineering and Law. IEEE, 10--13.
[22]
J.L. De La Vara, M. Borg, K. Wnuk, and L. Moonen. 2016. An Industrial Survey of Safety Evidence Change Impact Analysis Practice. IEEE Trans. on Softw. Eng. 42, 12 (2016), 1095--1117.
[23]
J.L. De La Vara, A. Ruiz, and H. Espinoza. 2018. Recent Advances towards the Industrial Application of Model-Driven Engineering for Assurance of Safety-Critical Systems. In Proc. of the 6th Intl. Conf. on Model-Driven Engineering and Software Development, {MODELSWARD} 2018. 632--641.
[24]
D. Dermeval, J. Vilela, I. Bittencourt, J. Castro, S. Isotani, P. Brito, and A. Silva. 2016. Applications of ontologies in requirements engineering: a systematic review of the literature. Requirements Engineering 21, 4 (01 Nov 2016), 405--437.
[25]
P. Diebold and S. Theobald. 2018. How is agile development currently being used in regulated embedded domains ? Journal of Software: Evolution and Process 30, November 2017 (2018).
[26]
O. Doss and T. Kelly. 2016. Challenges and Opportunities in Agile Development in Safety Critical Systems: A Survey. SIGSOFT Softw. Eng. Notes 41, 2 (May 2016), 30--31.
[27]
S. Easterbrook, J. Singer, M. Storey, and D. Damian. 2008. Selecting Empirical Methods for Software Engineering Research. Springer, London, 285--311.
[28]
D. Gade and S. Deshpande. 2015. A Literature Review on Assurance Driven Software Design. Intl. Journal of Advanced Research in Computer and Communication Engineering 4, 9 (2015), 82--87.
[29]
G. Hanssen, T. Stålhane, and T. Myklebust. 2018. SafeScrum® Additional Elements. Springer, Cham, 109--134.
[30]
J. Hatcliff, A. Wassyng, T. Kelly, C. Comar, and P. Jones. 2014. Certifiably Safe Software-dependent Systems: Challenges and Directions. In Proc. of the on Future of Software Engineering (FOSE 2014). ACM, India, 182--200.
[31]
R. Hawkins, I. Habli, T. Kelly, and J. McDermid. 2013. Assurance cases and prescriptive software safety certification: A comparative study. Safety Science 59 (2013), 55--71.
[32]
L. Heeager and P. Nielsen. 2018. A conceptual model of agile software development in a safety-critical context: A systematic literature review. Information and Software Technology 103, July(2018), 22--39.
[33]
I ISO. 2010. Systems and software engineering-vocabulary. ISO/IEC/IEEE 24765: 2010 (E), ed (2010), 1--418.
[34]
T. Kelly. 1999. Arguing safety: a systematic approach to managing safety cases. Ph.D. Dissertation. University of York.
[35]
T. Kelly. 2018. Safety Cases. John Wiley & Sons, Ltd, Chapter 16, 361--385.
[36]
B. Kitchenham and S. Charters. 2007. Guidelines for performing Systematic Literature Reviews in Software Engineering. Technical Report.
[37]
Z. Langari and T. Maibaum. 2013. Safety cases: A review of challenges. In 1st Intl. Ws. on Assurance Cases for Software-Intensive Systems (ASSURE). 1--6.
[38]
T. Myklebust, G. Hanssen, and N. Lyngby. 2017. A survey of the software and safety case development practice in the railway signalling sector. In European Safety and Reliability Conf. (ESREL). 3385--3391.
[39]
S. Nair, J.L. De La Vara, M. Sabetzadeh, and D. Falessi. 2015. Evidence management for compliance of critical systems with safety standards: A survey on the state of practice. Inf. and Software Technology 60 (2015), 1--15.
[40]
D. Rinehart, J. Knight, and J. Rowanhill. 2015. Current Practices in Constructing and Evaluating Assurance Cases With Applications to Aviation. Technical Report January 2015. NASA Langley Research Center. 87 pages.
[41]
N. Ruparelia. 2010. Software Development Lifecycle Models. SIGSOFT Softw. Eng. Notes 35, 3 (2010), 8--13.
[42]
J. Steghöfer, E. Knauss, J. Horkoff, and R. Wohlrab. 2019. Challenges of Scaled Agile for Safety-Critical Systems. In Product-Focused Software Process Improvement. Springer, Cham, 350--366.
[43]
S. Tiwari and A. Gupta. 2015. A systematic literature review of use case specifications research. Information and Software Technology 67 (2015), 128--158.
[44]
M. Tokoro. 2015. Open systems dependability: dependability engineering for ever-changing systems. CRC press.
[45]
C. Weinstock and J. Goodenough. 2009. Towards an Assurance Case Practice for Medical Devices. Technical Report October. SEI.
[46]
R. Wieringa, N. Maiden, N. Mead, and C. Rolland. 2006. Requirements engineering paper classification and evaluation criteria: a proposal and a discussion. Requirements Engineering 11, 1 (2006), 102--107.
[47]
C. Wohlin. 2014. Guidelines for snowballing in systematic literature studies and a replication in software engineering. In Proc. of the 18th Intl. Conf. on Evaluation and Assessment in Software Engineering- EASE '14. 1--10.

Cited By

View all
  • (2023)ARCADE: A Framework for Integrated Management of Safety Assurance Information2023 IEEE 31st International Requirements Engineering Conference (RE)10.1109/RE57278.2023.00038(293-298)Online publication date: Sep-2023
  • (2022)How assurance case development and requirements engineering interplay: a study with practitionersRequirements Engineering10.1007/s00766-022-00375-727:2(273-292)Online publication date: 1-Jun-2022

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
SBES '20: Proceedings of the XXXIV Brazilian Symposium on Software Engineering
October 2020
901 pages
ISBN:9781450387538
DOI:10.1145/3422392
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

  • SBC: Brazilian Computer Society

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 December 2020

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Incremental development
  2. Safety assurance case
  3. Systematic mapping study

Qualifiers

  • Research-article
  • Research
  • Refereed limited

Funding Sources

  • CNPq (Conselho Nacionalde Desenvolvimento Científico e Tecnológico)
  • UniversidadeFederal do Ceará

Conference

SBES '20

Acceptance Rates

Overall Acceptance Rate 147 of 427 submissions, 34%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)27
  • Downloads (Last 6 weeks)1
Reflects downloads up to 12 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2023)ARCADE: A Framework for Integrated Management of Safety Assurance Information2023 IEEE 31st International Requirements Engineering Conference (RE)10.1109/RE57278.2023.00038(293-298)Online publication date: Sep-2023
  • (2022)How assurance case development and requirements engineering interplay: a study with practitionersRequirements Engineering10.1007/s00766-022-00375-727:2(273-292)Online publication date: 1-Jun-2022

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media