Evidence-based Development coupling structured argumentation with requirements development.

Similar documents
Computer Science and Software Engineering University of Wisconsin - Platteville 9-Software Testing, Verification and Validation

Deriving safety requirements according to ISO for complex systems: How to avoid getting lost?

Simulink Verification and Validation

Process for the Evaluation and Acceptance of Building Products in the USA

A Model-Based Reference Workflow for the Development of Safety-Related Software

Chapter 8. Achmad Benny Mutiara

Quality Management System (QMS)

UK EPR GDA PROJECT. Name/Initials Date 30/06/2011 Name/Initials Date 30/06/2011. Resolution Plan Revision History

Standard Glossary of Terms used in Software Testing. Version 3.2. Foundation Extension - Usability Terms

TESTING SOFTWARE QUALITY CHARACTERISTICS

Verification and Validation in a Regulated Software Environment

Safety Argument based on GSN for Automotive Control Systems. Yutaka Matsubara Nagoya University

ELECTRIC POWER SYSTEM

ASSURANCE CONTINUITY: CCRA REQUIREMENTS

Using the Scaling Equations to Define Experimental Matrices for Software Validation

Software Verification and Validation (VIMMD052) Introduction. Istvan Majzik Budapest University of Technology and Economics

Lecture 5: Requirements Specifications

Fundamentals to Creating Architectures using ISO/IEC/IEEE Standards

ISO27001:2013 The New Standard Revised Edition

REQUIREMENTS ENGINEERING LECTURE 2017/2018. Dr. Jörg Dörr. Conceptual Modelling. Fraunhofer IESE

Unit 1 Introduction to Software Engineering

QUALITY ASSURANCE POLICY. Quality Assurance Policy. September 2016 Version 2.0 Policy authorised by Responsible Officer

The data quality trends report

This PDF was generated from the Evaluate section of

FIRE SAFETY GUIDELINES

Requirement Validation Model for Virtual Distributed System

Model-Based Design for High Integrity Software Development Mike Anthony Senior Application Engineer The MathWorks, Inc.

By V-cubed Solutions, Inc. Page1. All rights reserved by V-cubed Solutions, Inc.

Concepts of Usability. Usability Testing. Usability concept ISO/IS What is context? What is context? What is usability? How to measure it?

A Software Safety Argument Pattern Catalogue

Coding Standards in FACE Conformance. John Thomas, Chris Edwards, and Shan Bhattacharya

Theme 2 Program Design and Testing

Software Engineering Testing and Debugging Testing

Human Computer Interaction Lecture 14. HCI in Software Process. HCI in the software process

Part 5. Verification and Validation

Test and Evaluation of Autonomous Systems in a Model Based Engineering Context

Coding Standards in FACE Conformance. John Thomas, Chris Edwards, and Shan Bhattacharya

HCI in the software process

HCI in the software. chapter 6. HCI in the software process. The waterfall model. the software lifecycle

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING CS SOFTWARE ENGINEERING

Human Computer Interaction Lecture 06 [ HCI in Software Process ] HCI in the software process

Guidelines for deployment of MathWorks R2010a toolset within a DO-178B-compliant process

QA Best Practices: A training that cultivates skills for delivering quality systems

GUIDANCE ON THE SECURITY ASSESSMENT OF GENERIC NEW NUCLEAR REACTOR DESIGNS

Software Engineering - I

2/18/2009. Introducing Interactive Systems Design and Evaluation: Usability and Users First. Outlines. What is an interactive system

Role and Representation of System Requirements in Systems Engineering Using Cradle

AADL Requirements Annex Review

Verification of the Requirements Specification

PERSPECTIVE. End-to-end test automation A behaviordriven and tool-agnostic approach. Abstract

SE 2730 Final Review

User Centered Design (UCD)

Aerospace Software Engineering

Black-box Testing Techniques

Coding and Unit Testing! The Coding Phase! Coding vs. Code! Coding! Overall Coding Language Trends!

Verification and Validation. Assuring that a software system meets a user s needs. Verification vs Validation. The V & V Process

Software Architectures. Lecture 6 (part 1)

MARPA DOCUMENT MARPA Revision 1.1

Testing! Prof. Leon Osterweil! CS 520/620! Spring 2013!

ACCREDITATION COMMISSION FOR CONFORMITY ASSESSMENT BODIES

RECOMMENDATION FOR USE

NACC2016, June 5-7, 2016, San Antonio, TX

Software Testing Interview Question and Answer

Quality Assurance Procedure Use of Accreditation Body & FP Certification FZE Marks, Logos and Symbols

Automating Best Practices to Improve Design Quality

Prototype Report. Farm Worker Safety Application. Team 09. Life Cycle Planner Developer. Developer. Quality Focal Point. Developer.

Comply DAu Requirement engineering og projektstyring

UNIT II Requirements Analysis and Specification & Software Design

Testing is the process of evaluating a system or its component(s) with the intent to find whether it satisfies the specified requirements or not.

ECE-492 SENIOR ADVANCED DESIGN PROJECT

Standard Glossary of Terms used in Software Testing. Version 3.2. Advanced Test Automation - Engineer Terms

Lecture 5 Safety Analysis FHA, HAZOP

CERTIFICATION RULES - PORTABLE FIRE EXTINGUISHERS

Engineering Design Notes I Introduction. EE 498/499 Capstone Design Classes Klipsch School of Electrical & Computer Engineering

Requirements Reuse: Fantasy or Feasible?

The requirements engineering process

Automating Best Practices to Improve Design Quality

Scenario-Based Analysis. Scenario-Based Analysis (example) Form analysis

Requirements-driven Verification Methodology for Standards Compliance Serrie-justine Chapman (TVS)

A SEMI-FORMAL METHOD TO VERIFY CORRECTNESS OF FUNCTIONAL REQUIREMENTS SPECIFICATIONS OF COMPLEX EMBEDDED SYSTEM

On the Purpose of Object-Oriented Analysis

NIST Risk Assessment for Part 11 Compliance: Evaluation of a GXP Case Study

MeDUSA Method for Designing UML2-based Embedded System Software Architectures

Requirements Validation and Negotiation

Final Project Report

Network Certification Body

Fieldbus transmitter must also be calibrated Mr. Juha Salimaki

NUCLEAR DIRECTORATE GENERIC DESIGN ASSESSMENT NEW CIVIL REACTOR BUILD

FOUR INDEPENDENT TOOLS TO MANAGE COMPLEXITY INHERENT TO DEVELOPING STATE OF THE ART SYSTEMS. DEVELOPER SPECIFIER TESTER

Software architecture in ASPICE and Even-André Karlsson

Techniques for the unambiguous specification of software

Skill Category 6 - Summary Walkthroughs, Checkpoint Reviews and Inspections

WHITE PAPER. 10 Reasons to Use Static Analysis for Embedded Software Development

XIV. The Requirements Specification Document (RSD)

PRC Coordination of Protection Systems for Performance During Faults

Software Engineering (CSC 4350/6350) Rao Casturi

System Design and Modular Programming

PROTERRA CERTIFICATION PROTOCOL V2.2

Verification and Validation. Ian Sommerville 2004 Software Engineering, 7th edition. Chapter 22 Slide 1

DATA ITEM DESCRIPTION

Transcription:

Evidence-based Development coupling structured argumentation with requirements development Jeremy.Dick@integrate.biz integrate 2012

based on paper Paper: EVIDENCE-BASED DEVELOPMENT COUPLING STRUCTURED ARGUMENTATION WITH REQUIREMENTS DEVELOPMENT IET Safety Edinburgh, September 2012 Experience: application in large UK defence and civil nuclear projects

agenda requirements in brief overview a shift in thinking reviewing traceability traceability, rationale and evidence Evidence-based Development conclusion

requirements in brief manage requirements in layers Subsystem integrate 2014

requirements in brief manage requirements in layers express requirements as traceable statements in appropriate language Subsystem integrate 2014

requirements in brief manage requirements in layers express requirements as traceable statements in appropriate language systematically decompose requirements through the layers and record the relationships Subsystem integrate 2014

manage requirements in layers express requirements as traceable statements in appropriate language systematically decompose requirements through the layers and record the relationships requirements in brief record the rationale for the decomposition compliance information Subsystem integrate 2014

demonstrate compliance requirements in brief Standards and Regulations Standards and Regulations Standards and Regulations Subsystem integrate 2014

plan tests against requirements requirements in brief Standards and Regulations Standards and Regulations Standards and Regulations Subsystem verifies verifies verifies Validation, Verification, Test and Inspection Plan integrate 2014

requirements in brief collect results/evidence against test plans Standards and Regulations Standards and Regulations Standards and Regulations Subsystem verifies verifies Validation, Verification, Test and Inspection Plan EVIDENCE verifies integrate 2014

manage change through impact analysis requirements in brief Standards and Regulations Standards and Regulations Standards and Regulations Subsystem verifies verifies Validation, Verification, Test and Inspection Plan EVIDENCE verifies integrate 2014

assurance case for requirement verifies verifies EVIDENCE verifies integrate 2014

assurance-based development or evidence-based development Standards and Regulations Standards and Regulations Standards and Regulations Subsystem verifies verifies Validation, Verification, Test and Inspection Plan EVIDENCE verifies integrate 2014

a shift in thinking Stakeholder Subsystem Subsystem integrate 2014

a shift in thinking Stakeholder from reviewing requirements in isolation: review one requirements document at a time Subsystem Subsystem integrate 2014

integrate 2014 Stakeholder Subsystem Subsystem a shift in thinking from reviewing requirements in isolation: review one requirements document at a time to reviewing in context: review relationship between requirements at multiple levels because most of the meaning is captured in the relationships, not just in the requirements

traceability documenting how high-level requirements are transformed into low-level requirements understanding how requirements are satisfied, validated and verified explaining compliance against regulations connecting evidence to design integrate 2014 17

tracing: satisfaction relationship User Requirement The operator shall be able to select a new operating mode only if it represents a valid transition from the current operating mode.. The HCI will present a button for each of the possible operating modes. The HCI will indicate which of the operating modes are reachable by valid transition from the current mode. The HCI will indicate which is the current operating mode. The HCI will switch operating modes when a button for a new reachable mode is pressed.

User Requirement satisfaction argument The operator shall be able to select a new operating mode only if it represents a valid transition from the current operating mode. Why do you believe that this traceability is sufficient and necessary?. The HCI will present a button for each of the possible operating modes. The HCI will indicate which of the operating modes are reachable by valid transition from the current mode. The HCI will indicate which is the current operating mode. The HCI will switch operating modes when a button for a new reachable mode is pressed.

User Requirement satisfaction argument The operator shall be able to select a new operating mode only if it represents a valid transition from the current operating mode. Satisfaction Argument???? Prototyping shows that the user experience is improved by showing all possible states, indicating the current state and indicating the next possible states, so long as there are no more. than 15 possible states. The HCI will present a button for each of the possible operating modes. The HCI will indicate which of the operating modes are reachable by valid transition from the current mode. The HCI will indicate which is the current operating mode. The HCI will switch operating modes when a button for a new reachable mode is pressed.

structured argumentation User Requirement The operator shall be able to select a new operating mode only if it represents a valid transition from the current operating mode. Assume that there are fewer than 15 states Satisfaction Argument???? Prototyping shows that the user experience is improved by showing all possible states, indicating the current state and indicating the next possible states, so long as there are no more. than 15 possible states. HCI prototype ref H56a v1 The HCI will present a button for each of the possible operating modes. The HCI will indicate which of the operating modes are reachable by valid transition from the current mode. The HCI will indicate which is the current operating mode. The HCI will switch operating modes when a button for a new reachable mode is pressed.

Goal Structuring Notation? User Requirement The operator shall be able to select a new operating mode only if it represents a valid transition from the current operating mode. Assume that there are fewer than 15 states Satisfaction Argument???? Prototyping shows that the user experience is improved by showing all possible states, indicating the current state and indicating the next possible states, so long as there are no more. than 15 possible states. HCI prototype ref H56a v1 The HCI will present a button for each of the possible operating modes. The HCI will indicate which of the operating modes are reachable by valid transition from the current mode. The HCI will indicate which is the current operating mode. The HCI will switch operating modes when a button for a new reachable mode is pressed.

claim / argument / evidence User Requirement The operator shall be able to select a new operating mode only if it represents a valid transition from the current operating mode. Assume that there are fewer than 15 states Satisfaction Argument???? Prototyping shows that the user experience is improved by showing all possible states, you indicating believe the current state and indicating the next possible states, so long as there are no more. than 15 possible states. the claim The HCI will present a button for each of the possible operating modes. argument: explains why The HCI will indicate which of the operating modes are reachable by valid transition from the current mode. HCI prototype ref H56a v1 analysis models experiments prototypes The HCI will indicate which is the current operating mode. The HCI will switch operating modes when a button for a new reachable mode is pressed.

tracing: verification relationship User Requirement The operator shall be able to select a new operating mode only if it represents a valid transition from the current operating mode.. Acceptance Test Put the facility into a valid operating state, and attempt to select a new valid operating state. Acceptance Test Put the facility into a valid operating state, and attempt to select a new invalid operating state.

verification argument Acceptance Test User Requirement The operator shall be able to select a new operating mode only if it represents a valid transition from the current operating mode. Verification Argument This requirement is verified by considering a positive and a negative attempt at updating software. Put the facility into a valid operating state, and attempt to select a new valid operating state. Acceptance Test Put the facility into a valid operating state, and attempt to select a new invalid operating state.

structured argumentation User Requirement The operator shall be able to select a new operating mode only if it represents a valid transition from the current operating mode. Verification Argument This requirement is verified by considering a positive and a negative attempt at updating software models similarities experience argument: explains why you believe the claim. Acceptance Test Put the facility into a valid operating state, and attempt to select a new valid operating state. Acceptance Test Put the facility into a valid operating state, and attempt to select a new invalid operating state.

structured argumentation User Requirement The operator shall be able to select a new operating mode only if it represents a valid transition from the current operating mode. Verification Argument This requirement is verified by considering a positive and a negative attempt at updating software Acceptance Test Put the facility into a valid operating state, and attempt to select a new valid operating state. Acceptance Test Put the facility into a valid operating state, and attempt to select a new invalid operating state. argument: explains why you believe the claim Test Argument This test objectives was fulfilled because. test results

Evidence-based Development What is it? framework for collecting evidence for the correctness of a system as you design the system uses requirements traceability as the structure for establishing arguments and supporting evidence extends the structured argument paradigm to cover all kinds of requirement not just safety gives ownership of assurance to every engineer

objectives of EbD connect the assurance case connected to the design the assurance case should not be an after-thought develop the assurance case early in time to influence the design in time to save costly rework late in the day apply a uniform approach to all aspects of assurance address all kinds of requirements: function, performance, ease-of-use, reliability, safety,... have a single point of reference for structured argumentation

relationships in the W model Statement of need Operational use Stakeholder requirements validates Acceptance test plan fulfils Acceptance test results requirements test plan test results Subsystem requirements Integration test plan Integration test results requirements test plan test results

progressive assurance Statement of need Operational use Stakeholder requirements Acceptance test plan Acceptance test results requirements test plan test results Subsystem requirements Integration test plan Integration test results requirements test plan test results

single requirement assurance case

testing mantra test early, test often because the sooner you find defects, the cheaper it is to fix

testing (V&V) covers early: design analysis design modelling design reviews middle: component tests factory tests integration tests late: systems tests operational tests acceptance tests all of these actions collect evidence for the correctness of the design w.r.t. requirements (verification)

V&V as request for evidence User Requirement The operator shall be able to select a new operating mode only if it represents a valid transition from the current operating mode. V&V Methods Evidence This requirement is verified by Analysis Analogy Inspection results results results early supports design intent Satisfaction Argument This requirement is met by... The HCI will present a button for each of the possible operating modes. The HCI will indicate which of the operating modes are reachable... Test Demonstration results results late supports design fulfilment

progressive assurance Statement of need Operational use Stakeholder requirements Acceptance test plan Acceptance test results requirements test plan test results Subsystem requirements Integration test plan Integration test results requirements test plan test results

progressive provision of evidence Statement of need Operational use Stakeholder requirements validates Acceptance test plan Operational product requirements test plan Subsystem requirements Integration test plan Subsystems requirements test plan s Analysis results Analysis results test results Integration test results test results Acceptance test results

the principles of EbD seem sound in practice, a cultural shift is required have to communicate benefits more effectively mentoring in how to write arguments engineers have new emphasis on owning V&V effective tool support is vital in visualising data focussed views of local argument structures navigation of large-scale argument structures going forward we will: start earlier know better how to write arguments place more emphasis on mentoring summary

using structured arguments within requirements development seems sound in practice, a cultural shift is required have to communicate benefits more effectively mentoring in how to write arguments engineers have new emphasis on owning V&V effective tool support is vital in visualising data focussed views of local argument structures navigation of large-scale argument structures next time we will: start earlier know better how to write arguments place even more emphasis on mentoring summary

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback