SlideShare a Scribd company logo

Rtlws2013

Download as PPTX, PDF
Yutaka Matsuno
Yutaka Matsuno

A Presentation about D-Case Editor, an open source assurance case editor. Presented at RTLWS2013. Lugano, Switzerland, Oct 30, 2013

Technology
1 of 30
D-Case Editor An Open Source Assurance Case Tool The University of Electro-Communications Yutaka Matsuno matsuno@is.uec.ac.jp ⓒ 2013 UEC Tokyo.
Contents • Assurance Cases (Safety Cases) • DEOS and D-Case Editor • D-Case Editor Implementation – Compliance to Assurance Cases Standards – Modules and Patterns • Concluding Remarks ⓒ 2013 UEC Tokyo.
Assurance Case • A structured argument, supported by a body of evidence that provides a compelling, comprehensible and valid case that a system is safe for a given application in a given environment (City Univ Evidence London) Ex fault tree analysis result ゴール Evidence Ex. System is safe Evidence Argument Structure
Assurance Case • Case: All the reasons that one side in a legal argument can give against the other side. • Assurance Case is called safety case when arguing safety, dependability case when dependability, … • The term “Assurance Cases” is defined in ISO/IEC 15026: Systems and software engineering -- Systems and software assurance Assurance Case Safety Case Dependability Case Security Case …
Background of Assurance Cases • Piper Alpha Disaster (1988,167 dead) and many serious disasters since 1970– Not only prescriptive procedures, but argument why the safety is achieved by such procedures, based on evidence • Prescriptive and Goal Based regulations – Prescriptive: check safety lists given by standards – Goal Based: develop argument that the given safety goal is achieved -> Safety Cases (Lord Cullen’s Piper Alpha Disaster Report) – ISO26262 (automotive functional safety standard), EUROCONTROL (Eurocontrol, 2006), the Rail Yellow Book (Rail Track, 2000), and MoD Defense Standard 00-56 (MoD, 2007) require safety cases
Safety Cases in UK and World • UK (EU): “Using safety cases in industry and health care”, UK Health Foundation, 2012.12 – Avionics, Automobile, Defense, Atomic Plant, Oil, Railway, Medical and Health Devices http://www.health.org.uk/publications/using -safety-cases-in-industry-and-healthcare/ • World – USA: medical device such as infusion pomp – Japan: New, but because of ISO26262, several companies are now studying safety cases
Assurance Case Notation • Mostly by natural languages • Graphical Notations – CAE(Claim, Argument, Evidence) by Adelard, UK – GSN(Goal Structuring Notation) by Univ of Yok, UK CAE GSN CAE and GSN are essentially the same, and the metamodel is standardized as OMG SACM (structured assurance case metamodel)
GSN Example Goal Context Strategy Evidence Written with D-Case Editor
Cons for Safety Cases • Most papers about safety cases express personal opinions or deal with how to prepare a safety case, but not whether it is effective. (Nancy Leveson, MIT)
Contents • Assurance Cases • DEOS and D-Case Editor • D-Case Editor Implementation – Compliance to Assurance Cases Standards – Patterns and Modules • Concluding Remarks ⓒ 2013 UEC Tokyo.
DEOS and D-Case DEOS (Dependable Embedded Operating System) project funded by Japan Science and Technology Agency (2006.10 – 2014.3) •http://www.dependable-os.net/osddeos/index-e.html, or google “DEOS” •D-Case project, a sub project for assurance cases (2010.4-) (Dependability) – Tool Implementation, Lectures, meetings, case studies, standardization, … ⓒ 2013 UEC Tokyo.
D-Case Meetings • 2012.9.14(Nagoya), 12.20(Nagoya), 2013.4.19(Tokyo), 2013.10.22(Tokyo) Discussions Introduction of assurance cases in industries Use in ISO26262 Visibility of GSN, etc Participants Toyota、Yokogawa Electronics、Japan IBM、 Ogis RI、NTT Data、Denso Create、 Fuji Xerox, etc More than 60 participants http://www.dcase.jp (English page soon to be open) ⓒ 2013 UEC Tokyo.
D-Case Editor • An Open, Eclipse based GSN editor (2010.4-) – http://www.dependable-os.net/tech/DCaseEditor/index-e.html – GitHub https://github.com/d-case/d-case_editor • From Oct 2013, Eclipse Public Lisence • Purposes – Writing, presenting, sharing GSN • A few hundred downloads, tested by D-Case meeting participants and researchers in world – Prototyping for research ⓒ 2013 UEC Tokyo.
D-Case Editor Snapshot GSN nodes Eclipse Workspace Projects D-Case extensions Canvas ⓒ 2013 UEC Tokyo.
Feedbacks from Industries • Comments from Adelard, U York, Thales, OSADL, NASA, Denso Create (and many Japanese companies), … ⓒ 2013 UEC Tokyo.
D-Case Editor Functions Requirements from Industry Functions Editing and Viewing Graphical Editing Focusing Automatic Sub tee constructions Maintenance Module/Pattern, Word dictionary Change management Consistency Checking Simple type check on parameters D-Case/Agda (Proof Assistant Tool) Conversion to other formats Excel/PowerPoint OMG SACM Sharing among stakeholders D-Case Server (using Alfresco) Tool Chains Benchmark tools (DSN2012) SysML/UML Tools Experimental chain with Reqtify, Redmine, … ⓒ 2013 UEC Tokyo. Today’s topic Already implemented Partly implemented
Contents • Assurance Cases • DEOS and D-Case Editor • D-Case Editor Implementation – Compliance to Assurance Cases Standards – Modules and Patterns • Concluding Remarks ⓒ 2013 UEC Tokyo.
Compliance to Assurance Cases Standards • Compliance to standards is important – OMG SACM at OMG system assurance task force • SACM = Structured Assurance Case Metamodel • Harmonizing CAE and GSN – GSN Community Standard v1.0 (2011) • When implementing GSN Community Standard, we have several design choices • By showing our design choices, we hope to facilitate assurance case tool implementation ⓒ 2013 UEC Tokyo.
GSN Community Standard v1.0 • Part 0 Introduction and Concepts • Part 1 Definition of GSN • Annexes to Part 1 – Extension to GSN to support argument patterns – Modular extensions to GSN • Part 2 Guidance on the development and evaluation of goal structures • Annexes to Part 2 ⓒ 2013 UEC Tokyo.
GSN Modules B1.3.2.3 Contract modules can be used in the support relationship between modules to aid decoupling as shown in Figure 32. This de-coupling permits argument module construction in cases where the eventual source of support for an argument is unknown at the time of authoring or can be changed for example through re-use or planned product improvement or reconfiguration. (GSN Standard, p23) Current Implementation ⓒ 2013 UEC Tokyo.
GSN Patterns We focus on parameters ⓒ 2013 UEC Tokyo.
Design Choices for Modules (GSN Standard, p.17) • What is module? “module” is not so clearly defined – Interpret module as “a GSN tree with one top goal” Argument = GSN? • Away goals, solutions, contexts, … We do not want to introduce “away” nodes for each kind of GSN nodes (too many kinds of nodes) ⓒ 2013 UEC Tokyo.
Design Choices for Modules (GSN Standard p.17) • Away goals by color change Referring node as green Referred node as orange ⓒ 2013 UEC Tokyo.
Inter-Module notation • Automatically generate inter-module notation GSN Community Standard, P23 ⓒ 2013 UEC Tokyo.
Snapshot of GSN modules for LAN device management system Architecture ⓒ 2013 UEC Tokyo.
Some issues in Parameters We focus on parameters How to define parameters? What is the scope of parameters? In {System X}, what is “System”? ⓒ 2013 UEC Tokyo.
Design Choices for Patterns • Use context nodes to define parameters • Scope is subtree of goal of the context • Introduce types for parameters – Currently Int, double, string, enum ⓒ 2013 UEC Tokyo.
A Snap Shot of Parameter Definition of Availability Definition of SIL Scope of SIL Scope of Availability ⓒ 2013 UEC Tokyo.
Publically available tools we have tested Tool Name Platform Notations GSN Modules GSN Patterns ASCE (Adelard) None (Windows XP or later) GSN, CAE Partly? Not yet? Visio Plug-in (York) Visio GSN Not yet? Not yet? NASA CertWare (Open Source) Eclipse GSN, CAE, etc Not yet Not yet GSN Editor Web browser GSN Not yet Not yet Eclipse GSN Partly (Contract nodes are not done) Partly (Only Parameters) (Dependable Computing LLC) D-Case Editor (DEOS) Others: AdvoCATE(NASA, will be open source), AutoFOCUS3, acedit(York, not tested) E-Safety Case(Praxis), GSN CaseMaker(ERA), ISCADE, ISIS High ⓒ 2013 UEC Tokyo. Integrity Solution, TACE,…
Concluding Remarks • D-Case Editor, an open source assurance case editor • Tool Implementation, Use in Industries, Standardization should be co-developed Tool Implementation Open Source Development Standardization Use in industries ⓒ 2013 UEC Tokyo.

Recommended

The ideal module system and the harsh reality
The ideal module system and the harsh realityThe ideal module system and the harsh reality
The ideal module system and the harsh reality
Adam Warski
 
Jamil R. Mazzawi, Founder and CEO, Optima Design Automation
Jamil R. Mazzawi, Founder and CEO, Optima Design AutomationJamil R. Mazzawi, Founder and CEO, Optima Design Automation
Jamil R. Mazzawi, Founder and CEO, Optima Design Automation
chiportal
 
DMAP's presentation
DMAP's presentationDMAP's presentation
DMAP's presentation
SILKAN
 
ISApaperIEC61508_AMN_Final
ISApaperIEC61508_AMN_FinalISApaperIEC61508_AMN_Final
ISApaperIEC61508_AMN_Final
Andy Nack
 
Narated mike bartley reqs signoff
Narated mike bartley reqs signoffNarated mike bartley reqs signoff
Narated mike bartley reqs signoff
MikeBartley
 
Dorner works do-254_information
Dorner works do-254_informationDorner works do-254_information
Dorner works do-254_information
Annmarie Davidson
 
Volvo Presents: Support for ISO 26262 in the EAST-ADL/AUTOSAR Context
Volvo Presents: Support for ISO 26262 in the EAST-ADL/AUTOSAR ContextVolvo Presents: Support for ISO 26262 in the EAST-ADL/AUTOSAR Context
Volvo Presents: Support for ISO 26262 in the EAST-ADL/AUTOSAR Context
Torben Haagh
 
TÜV SÜD on functional safety for multi-core architectures
TÜV SÜD on functional safety for multi-core architecturesTÜV SÜD on functional safety for multi-core architectures
TÜV SÜD on functional safety for multi-core architectures
Torben Haagh
 

Recommended

The ideal module system and the harsh reality
The ideal module system and the harsh realityThe ideal module system and the harsh reality
The ideal module system and the harsh reality
Adam Warski
 
Jamil R. Mazzawi, Founder and CEO, Optima Design Automation
Jamil R. Mazzawi, Founder and CEO, Optima Design AutomationJamil R. Mazzawi, Founder and CEO, Optima Design Automation
Jamil R. Mazzawi, Founder and CEO, Optima Design Automation
chiportal
 
DMAP's presentation
DMAP's presentationDMAP's presentation
DMAP's presentation
SILKAN
 
ISApaperIEC61508_AMN_Final
ISApaperIEC61508_AMN_FinalISApaperIEC61508_AMN_Final
ISApaperIEC61508_AMN_Final
Andy Nack
 
Narated mike bartley reqs signoff
Narated mike bartley reqs signoffNarated mike bartley reqs signoff
Narated mike bartley reqs signoff
MikeBartley
 
Dorner works do-254_information
Dorner works do-254_informationDorner works do-254_information
Dorner works do-254_information
Annmarie Davidson
 
Volvo Presents: Support for ISO 26262 in the EAST-ADL/AUTOSAR Context
Volvo Presents: Support for ISO 26262 in the EAST-ADL/AUTOSAR ContextVolvo Presents: Support for ISO 26262 in the EAST-ADL/AUTOSAR Context
Volvo Presents: Support for ISO 26262 in the EAST-ADL/AUTOSAR Context
Torben Haagh
 
TÜV SÜD on functional safety for multi-core architectures
TÜV SÜD on functional safety for multi-core architecturesTÜV SÜD on functional safety for multi-core architectures
TÜV SÜD on functional safety for multi-core architectures
Torben Haagh
 
Unified Systems Engineering feasibility
Unified Systems Engineering feasibilityUnified Systems Engineering feasibility
Unified Systems Engineering feasibility
Eric Verhulst
 
Iec61508 guide
Iec61508 guideIec61508 guide
Iec61508 guide
ronnyalex2013
 
Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...
Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...
Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...
Schneider Electric
 
T062500000 p003050ppte
T062500000 p003050ppteT062500000 p003050ppte
T062500000 p003050ppte
Phani Kumar
 
DMAP\'s Brochure
DMAP\'s BrochureDMAP\'s Brochure
DMAP\'s Brochure
DMAP
 
Overview of DO-254: Design Assurance Guidance For Airborne Electronic Hardware
Overview of DO-254: Design Assurance Guidance For Airborne Electronic HardwareOverview of DO-254: Design Assurance Guidance For Airborne Electronic Hardware
Overview of DO-254: Design Assurance Guidance For Airborne Electronic Hardware
Oak Systems
 
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...
RAKESH RANA
 
Qualification of Eclipse-based Tools according to ISO 26262
Qualification of Eclipse-based Tools according to ISO 26262Qualification of Eclipse-based Tools according to ISO 26262
Qualification of Eclipse-based Tools according to ISO 26262
Oscar Slotosch
 
20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastruc20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastruc
CISEC
 
2017 03-10 - vu amsterdam - testing safety critical systems
2017 03-10 - vu amsterdam - testing safety critical systems2017 03-10 - vu amsterdam - testing safety critical systems
2017 03-10 - vu amsterdam - testing safety critical systems
Jaap van Ekris
 
From use case to software architecture
From use case to software architectureFrom use case to software architecture
From use case to software architecture
Ahmad karawash
 
Safe & Sec Case Patterns (ASSURE 2015)
Safe & Sec Case Patterns (ASSURE 2015)Safe & Sec Case Patterns (ASSURE 2015)
Safe & Sec Case Patterns (ASSURE 2015)
Kenji Taguchi
 
Clone of an organization
Clone of an organizationClone of an organization
Clone of an organization
IRJET Journal
 
Software Engineering with Objects (M363) Final Revision By Kuwait10
Software Engineering with Objects (M363) Final Revision By Kuwait10Software Engineering with Objects (M363) Final Revision By Kuwait10
Software Engineering with Objects (M363) Final Revision By Kuwait10
Kuwait10
 
A Study on MDE Approaches for Engineering Wireless Sensor Networks
A Study on MDE Approaches for Engineering Wireless Sensor Networks A Study on MDE Approaches for Engineering Wireless Sensor Networks
A Study on MDE Approaches for Engineering Wireless Sensor Networks
Ivano Malavolta
 
Managing Complexity and Change with Scalable Software Design
Managing Complexity and Change with Scalable Software DesignManaging Complexity and Change with Scalable Software Design
Managing Complexity and Change with Scalable Software Design
lbergmans
 
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...
Benoit Combemale
 
Week1.pptx
Week1.pptxWeek1.pptx
Week1.pptx
MarriamNawaz
 
research about system safety.docx
research about system safety.docxresearch about system safety.docx
research about system safety.docx
bkbk37
 
Werner Weil: UCUM - epicenter 2010
Werner Weil: UCUM - epicenter 2010Werner Weil: UCUM - epicenter 2010
Werner Weil: UCUM - epicenter 2010
IrishDev.com
 
Ooad lab manual(original)
Ooad lab manual(original)Ooad lab manual(original)
Ooad lab manual(original)
dipenpatelpatel
 
Security Patterns: Research Direction, Metamodel, Application and Verification
Security Patterns: Research Direction, Metamodel, Application and VerificationSecurity Patterns: Research Direction, Metamodel, Application and Verification
Security Patterns: Research Direction, Metamodel, Application and Verification
Hironori Washizaki
 

More Related Content

Viewers also liked

T062500000 p003050ppte
T062500000 p003050ppteT062500000 p003050ppte
T062500000 p003050ppte
Phani Kumar
 
Qualification of Eclipse-based Tools according to ISO 26262
Qualification of Eclipse-based Tools according to ISO 26262Qualification of Eclipse-based Tools according to ISO 26262
Qualification of Eclipse-based Tools according to ISO 26262
Oscar Slotosch
 
20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastruc20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastruc
CISEC
 

Viewers also liked (10)

Unified Systems Engineering feasibility
Unified Systems Engineering feasibilityUnified Systems Engineering feasibility
Unified Systems Engineering feasibility
 
Iec61508 guide
Iec61508 guideIec61508 guide
Iec61508 guide
 
Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...
Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...
Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...
 
T062500000 p003050ppte
T062500000 p003050ppteT062500000 p003050ppte
T062500000 p003050ppte
 
DMAP\'s Brochure
DMAP\'s BrochureDMAP\'s Brochure
DMAP\'s Brochure
 
Overview of DO-254: Design Assurance Guidance For Airborne Electronic Hardware
Overview of DO-254: Design Assurance Guidance For Airborne Electronic HardwareOverview of DO-254: Design Assurance Guidance For Airborne Electronic Hardware
Overview of DO-254: Design Assurance Guidance For Airborne Electronic Hardware
 
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...
Increasing Efficiency of ISO 26262 Verification and Validation by Combining F...
 
Qualification of Eclipse-based Tools according to ISO 26262
Qualification of Eclipse-based Tools according to ISO 26262Qualification of Eclipse-based Tools according to ISO 26262
Qualification of Eclipse-based Tools according to ISO 26262
 
20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastruc20131216 cisec-standards-jp blanquart-jmastruc
20131216 cisec-standards-jp blanquart-jmastruc
 
2017 03-10 - vu amsterdam - testing safety critical systems
2017 03-10 - vu amsterdam - testing safety critical systems2017 03-10 - vu amsterdam - testing safety critical systems
2017 03-10 - vu amsterdam - testing safety critical systems
 

Similar to Rtlws2013

A Study on MDE Approaches for Engineering Wireless Sensor Networks
A Study on MDE Approaches for Engineering Wireless Sensor Networks A Study on MDE Approaches for Engineering Wireless Sensor Networks
A Study on MDE Approaches for Engineering Wireless Sensor Networks
Ivano Malavolta
 
Werner Weil: UCUM - epicenter 2010
Werner Weil: UCUM - epicenter 2010Werner Weil: UCUM - epicenter 2010
Werner Weil: UCUM - epicenter 2010
IrishDev.com
 
Lecture 1 uml with java implementation
Lecture 1 uml with java implementationLecture 1 uml with java implementation
Lecture 1 uml with java implementation
the_wumberlog
 
15 03-25-wallom-cloudwatch-wp2
15 03-25-wallom-cloudwatch-wp215 03-25-wallom-cloudwatch-wp2
15 03-25-wallom-cloudwatch-wp2
David Wallom
 
Standards for the Future of Java Embedded (16:9)
Standards for the Future of Java Embedded (16:9)Standards for the Future of Java Embedded (16:9)
Standards for the Future of Java Embedded (16:9)
Werner Keil
 

Similar to Rtlws2013 (20)

From use case to software architecture
From use case to software architectureFrom use case to software architecture
From use case to software architecture
 
Safe & Sec Case Patterns (ASSURE 2015)
Safe & Sec Case Patterns (ASSURE 2015)Safe & Sec Case Patterns (ASSURE 2015)
Safe & Sec Case Patterns (ASSURE 2015)
 
Clone of an organization
Clone of an organizationClone of an organization
Clone of an organization
 
Software Engineering with Objects (M363) Final Revision By Kuwait10
Software Engineering with Objects (M363) Final Revision By Kuwait10Software Engineering with Objects (M363) Final Revision By Kuwait10
Software Engineering with Objects (M363) Final Revision By Kuwait10
 
A Study on MDE Approaches for Engineering Wireless Sensor Networks
A Study on MDE Approaches for Engineering Wireless Sensor Networks A Study on MDE Approaches for Engineering Wireless Sensor Networks
A Study on MDE Approaches for Engineering Wireless Sensor Networks
 
Managing Complexity and Change with Scalable Software Design
Managing Complexity and Change with Scalable Software DesignManaging Complexity and Change with Scalable Software Design
Managing Complexity and Change with Scalable Software Design
 
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...
 
Week1.pptx
Week1.pptxWeek1.pptx
Week1.pptx
 
research about system safety.docx
research about system safety.docxresearch about system safety.docx
research about system safety.docx
 
Werner Weil: UCUM - epicenter 2010
Werner Weil: UCUM - epicenter 2010Werner Weil: UCUM - epicenter 2010
Werner Weil: UCUM - epicenter 2010
 
Ooad lab manual(original)
Ooad lab manual(original)Ooad lab manual(original)
Ooad lab manual(original)
 
Security Patterns: Research Direction, Metamodel, Application and Verification
Security Patterns: Research Direction, Metamodel, Application and VerificationSecurity Patterns: Research Direction, Metamodel, Application and Verification
Security Patterns: Research Direction, Metamodel, Application and Verification
 
Lecture 1 uml with java implementation
Lecture 1 uml with java implementationLecture 1 uml with java implementation
Lecture 1 uml with java implementation
 
15 03-25-wallom-cloudwatch-wp2
15 03-25-wallom-cloudwatch-wp215 03-25-wallom-cloudwatch-wp2
15 03-25-wallom-cloudwatch-wp2
 
Emerging standards and support organizations within engineering simulation
Emerging standards and support organizations within engineering simulation Emerging standards and support organizations within engineering simulation
Emerging standards and support organizations within engineering simulation
 
COCOMO methods for software size estimation
COCOMO methods for software size estimationCOCOMO methods for software size estimation
COCOMO methods for software size estimation
 
Standards for the Future of Java Embedded (16:9)
Standards for the Future of Java Embedded (16:9)Standards for the Future of Java Embedded (16:9)
Standards for the Future of Java Embedded (16:9)
 
software lecture
software lecturesoftware lecture
software lecture
 
Software development effort reduction with Co-op
Software development effort reduction with Co-opSoftware development effort reduction with Co-op
Software development effort reduction with Co-op
 
Towards Software Sustainability Guides for Industrial Software Systems
Towards Software Sustainability Guides for Industrial Software SystemsTowards Software Sustainability Guides for Industrial Software Systems
Towards Software Sustainability Guides for Industrial Software Systems
 

Recently uploaded

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 

Recently uploaded (20)

HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 

Rtlws2013

  • 1. D-Case Editor An Open Source Assurance Case Tool The University of Electro-Communications Yutaka Matsuno matsuno@is.uec.ac.jp ⓒ 2013 UEC Tokyo.
  • 2. Contents • Assurance Cases (Safety Cases) • DEOS and D-Case Editor • D-Case Editor Implementation – Compliance to Assurance Cases Standards – Modules and Patterns • Concluding Remarks ⓒ 2013 UEC Tokyo.
  • 3. Assurance Case • A structured argument, supported by a body of evidence that provides a compelling, comprehensible and valid case that a system is safe for a given application in a given environment (City Univ Evidence London) Ex fault tree analysis result ゴール Evidence Ex. System is safe Evidence Argument Structure
  • 4. Assurance Case • Case: All the reasons that one side in a legal argument can give against the other side. • Assurance Case is called safety case when arguing safety, dependability case when dependability, … • The term “Assurance Cases” is defined in ISO/IEC 15026: Systems and software engineering -- Systems and software assurance Assurance Case Safety Case Dependability Case Security Case …
  • 5. Background of Assurance Cases • Piper Alpha Disaster (1988,167 dead) and many serious disasters since 1970– Not only prescriptive procedures, but argument why the safety is achieved by such procedures, based on evidence • Prescriptive and Goal Based regulations – Prescriptive: check safety lists given by standards – Goal Based: develop argument that the given safety goal is achieved -> Safety Cases (Lord Cullen’s Piper Alpha Disaster Report) – ISO26262 (automotive functional safety standard), EUROCONTROL (Eurocontrol, 2006), the Rail Yellow Book (Rail Track, 2000), and MoD Defense Standard 00-56 (MoD, 2007) require safety cases
  • 6. Safety Cases in UK and World • UK (EU): “Using safety cases in industry and health care”, UK Health Foundation, 2012.12 – Avionics, Automobile, Defense, Atomic Plant, Oil, Railway, Medical and Health Devices http://www.health.org.uk/publications/using -safety-cases-in-industry-and-healthcare/ • World – USA: medical device such as infusion pomp – Japan: New, but because of ISO26262, several companies are now studying safety cases
  • 7. Assurance Case Notation • Mostly by natural languages • Graphical Notations – CAE(Claim, Argument, Evidence) by Adelard, UK – GSN(Goal Structuring Notation) by Univ of Yok, UK CAE GSN CAE and GSN are essentially the same, and the metamodel is standardized as OMG SACM (structured assurance case metamodel)
  • 9. Cons for Safety Cases • Most papers about safety cases express personal opinions or deal with how to prepare a safety case, but not whether it is effective. (Nancy Leveson, MIT)
  • 10. Contents • Assurance Cases • DEOS and D-Case Editor • D-Case Editor Implementation – Compliance to Assurance Cases Standards – Patterns and Modules • Concluding Remarks ⓒ 2013 UEC Tokyo.
  • 11. DEOS and D-Case DEOS (Dependable Embedded Operating System) project funded by Japan Science and Technology Agency (2006.10 – 2014.3) •http://www.dependable-os.net/osddeos/index-e.html, or google “DEOS” •D-Case project, a sub project for assurance cases (2010.4-) (Dependability) – Tool Implementation, Lectures, meetings, case studies, standardization, … ⓒ 2013 UEC Tokyo.
  • 12. D-Case Meetings • 2012.9.14(Nagoya), 12.20(Nagoya), 2013.4.19(Tokyo), 2013.10.22(Tokyo) Discussions Introduction of assurance cases in industries Use in ISO26262 Visibility of GSN, etc Participants Toyota、Yokogawa Electronics、Japan IBM、 Ogis RI、NTT Data、Denso Create、 Fuji Xerox, etc More than 60 participants http://www.dcase.jp (English page soon to be open) ⓒ 2013 UEC Tokyo.
  • 13. D-Case Editor • An Open, Eclipse based GSN editor (2010.4-) – http://www.dependable-os.net/tech/DCaseEditor/index-e.html – GitHub https://github.com/d-case/d-case_editor • From Oct 2013, Eclipse Public Lisence • Purposes – Writing, presenting, sharing GSN • A few hundred downloads, tested by D-Case meeting participants and researchers in world – Prototyping for research ⓒ 2013 UEC Tokyo.
  • 15. Feedbacks from Industries • Comments from Adelard, U York, Thales, OSADL, NASA, Denso Create (and many Japanese companies), … ⓒ 2013 UEC Tokyo.
  • 16. D-Case Editor Functions Requirements from Industry Functions Editing and Viewing Graphical Editing Focusing Automatic Sub tee constructions Maintenance Module/Pattern, Word dictionary Change management Consistency Checking Simple type check on parameters D-Case/Agda (Proof Assistant Tool) Conversion to other formats Excel/PowerPoint OMG SACM Sharing among stakeholders D-Case Server (using Alfresco) Tool Chains Benchmark tools (DSN2012) SysML/UML Tools Experimental chain with Reqtify, Redmine, … ⓒ 2013 UEC Tokyo. Today’s topic Already implemented Partly implemented
  • 17. Contents • Assurance Cases • DEOS and D-Case Editor • D-Case Editor Implementation – Compliance to Assurance Cases Standards – Modules and Patterns • Concluding Remarks ⓒ 2013 UEC Tokyo.
  • 18. Compliance to Assurance Cases Standards • Compliance to standards is important – OMG SACM at OMG system assurance task force • SACM = Structured Assurance Case Metamodel • Harmonizing CAE and GSN – GSN Community Standard v1.0 (2011) • When implementing GSN Community Standard, we have several design choices • By showing our design choices, we hope to facilitate assurance case tool implementation ⓒ 2013 UEC Tokyo.
  • 19. GSN Community Standard v1.0 • Part 0 Introduction and Concepts • Part 1 Definition of GSN • Annexes to Part 1 – Extension to GSN to support argument patterns – Modular extensions to GSN • Part 2 Guidance on the development and evaluation of goal structures • Annexes to Part 2 ⓒ 2013 UEC Tokyo.
  • 20. GSN Modules B1.3.2.3 Contract modules can be used in the support relationship between modules to aid decoupling as shown in Figure 32. This de-coupling permits argument module construction in cases where the eventual source of support for an argument is unknown at the time of authoring or can be changed for example through re-use or planned product improvement or reconfiguration. (GSN Standard, p23) Current Implementation ⓒ 2013 UEC Tokyo.
  • 21. GSN Patterns We focus on parameters ⓒ 2013 UEC Tokyo.
  • 22. Design Choices for Modules (GSN Standard, p.17) • What is module? “module” is not so clearly defined – Interpret module as “a GSN tree with one top goal” Argument = GSN? • Away goals, solutions, contexts, … We do not want to introduce “away” nodes for each kind of GSN nodes (too many kinds of nodes) ⓒ 2013 UEC Tokyo.
  • 23. Design Choices for Modules (GSN Standard p.17) • Away goals by color change Referring node as green Referred node as orange ⓒ 2013 UEC Tokyo.
  • 24. Inter-Module notation • Automatically generate inter-module notation GSN Community Standard, P23 ⓒ 2013 UEC Tokyo.
  • 25. Snapshot of GSN modules for LAN device management system Architecture ⓒ 2013 UEC Tokyo.
  • 26. Some issues in Parameters We focus on parameters How to define parameters? What is the scope of parameters? In {System X}, what is “System”? ⓒ 2013 UEC Tokyo.
  • 27. Design Choices for Patterns • Use context nodes to define parameters • Scope is subtree of goal of the context • Introduce types for parameters – Currently Int, double, string, enum ⓒ 2013 UEC Tokyo.
  • 28. A Snap Shot of Parameter Definition of Availability Definition of SIL Scope of SIL Scope of Availability ⓒ 2013 UEC Tokyo.
  • 29. Publically available tools we have tested Tool Name Platform Notations GSN Modules GSN Patterns ASCE (Adelard) None (Windows XP or later) GSN, CAE Partly? Not yet? Visio Plug-in (York) Visio GSN Not yet? Not yet? NASA CertWare (Open Source) Eclipse GSN, CAE, etc Not yet Not yet GSN Editor Web browser GSN Not yet Not yet Eclipse GSN Partly (Contract nodes are not done) Partly (Only Parameters) (Dependable Computing LLC) D-Case Editor (DEOS) Others: AdvoCATE(NASA, will be open source), AutoFOCUS3, acedit(York, not tested) E-Safety Case(Praxis), GSN CaseMaker(ERA), ISCADE, ISIS High ⓒ 2013 UEC Tokyo. Integrity Solution, TACE,…
  • 30. Concluding Remarks • D-Case Editor, an open source assurance case editor • Tool Implementation, Use in Industries, Standardization should be co-developed Tool Implementation Open Source Development Standardization Use in industries ⓒ 2013 UEC Tokyo.