Expressing Best Practices in (Risk) Analysis and Testing of Safety-Critical Systems Using Patterns

Herzner, Wolfgang; Sieverding, Sven; Kacimi, Omar; Böde, Eckard; Bauer, Thomas W.; Nielsen, Brian

doi:10.1109/issrew.2014.24

Cited by 3 publications

(4 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Some research work on risk analysis and MBDA has implicated the use of BPMN, but only for visualisation purposes that is, methodological process modeling, not executable behavior modeling. 10,11 We then turn to Finite State Machines (FSMs) -otherwise called Finite State Automata (FSA). FSMs consist the simplest modeling description of Discrete Event Systems, by providing a graphical representation of finite relations between the constituting system states.…”

Section: First We Tackle the Business Process Model And Notation (Bpmn)mentioning

confidence: 99%

“…The same goes for hierarchy: sub‐processes can be modeled inside other processes, but sub‐activities cannot be decomposed into sub‐activities. Some research work on risk analysis and MBDA has implicated the use of BPMN, but only for visualisation purposes that is, methodological process modeling, not executable behavior modeling 10,11 …”

Section: Choosing the Odm Semanticsmentioning

confidence: 99%

See 1 more Smart Citation

How to early integrate operational diagnosis objectives in model‐driven engineering processes: A methodological proposal based on fault and behavior trees

Christofi,

Baron,

Pucel

et al. 2023

Systems Engineering

View full text Add to dashboard Cite

To help operators perform their diagnosis tasks more efficiently, the authors put forward a novel methodology introducing a new type of model, dedicated to operations, co‐created in parallel with the design models, in the preliminary stages of system development, using the language semantics of behavior trees. In this paper, the authors present the need for this new model type as expressed by the industry and justify their choice for adopting behavior trees, while illustrating in detail the proposed methodology.

show abstract

Section: First We Tackle the Business Process Model And Notation (Bpmn)mentioning

confidence: 99%

Section: Choosing the Odm Semanticsmentioning

confidence: 99%

How to early integrate operational diagnosis objectives in model‐driven engineering processes: A methodological proposal based on fault and behavior trees

Christofi,

Baron,

Pucel

et al. 2023

Systems Engineering

View full text Add to dashboard Cite

show abstract

“…We then decided to find contributions that cite the work of Feudjio [48]. Herzner et al [55] present an approach for capturing best practices in integrating risk and safety analysis and testing by means of analysis and testing (A&T) patterns. Each A&T pattern encompasses a dedicated workflow starting from analysis down to test steps for achieving certain qualities of the system.…”

Section: Related Workmentioning

confidence: 99%

Security Requirements as Code: Example from VeriDevOps Project

Ismaeel

Naumchev

Sadovykh

et al. 2021

2021 IEEE 29th International Requirements Engineering Conference Workshops (REW)

View full text Add to dashboard Cite

This position paper presents and illustrates the concept of security requirements as code -a novel approach to security requirements specification. The aspiration to minimize code duplication and maximize its reuse has always been driving the evolution of software development approaches. Objectoriented programming (OOP) takes these approaches to the state in which the resulting code conceptually maps to the problem that the code is supposed to solve. People nowadays start learning to program in the primary school. On the other hand, requirements engineers still heavily rely on natural language based techniques to specify requirements. The key idea of this paper is: artifacts produced by the requirements process should be treated as input to the regular object-oriented analysis. Therefore, the contribution of this paper is the presentation of the major concepts for the security requirements as the code method that is illustrated with a real industry example from the VeriDevOps project.

show abstract

“…According to a bottom-up strategy, use-case-specific solutions were generalized towards a set of best practices for the model-based QA of software-intensive technical systems. A set of patterns for the usage and instantiation of the combined QA approaches was developed, representing appropriate solutions for defined application domains, quality properties, and process stages [14]. One concrete instantiation is the integrated quality assurance framework (InQA), which enables the stepwise optimization of QA planning and control, taking into account heterogeneous quality objectives such as the coverage of requirements and architectural models and the detection of the most critical and frequent defects [11].…”

Section: Study Backgroundmentioning

confidence: 99%

A Large-Scale Technology Evaluation Study: Effects of Model-based Analysis and Testing

Kläs

Bauer

Dereani

et al. 2015

2015 IEEE/ACM 37th IEEE International Conference on Software Engineering

Self Cite

View full text Add to dashboard Cite

Besides model-based development, model-based quality assurance and the tighter integration of static and dynamic quality assurance activities are becoming increasingly relevant in the development of software-intensive systems. Thus, this paper reports on an empirical study aimed at investigating the promises regarding quality improvements and cost savings. The evaluation comprises data from 13 industry case studies conducted during a three-year large-scale research project in the transportation domain (automotive, avionics, rail system). During the evaluation, we identified major goals and strategies associated with (integrated) model-based analysis and testing and evaluated the improvements achieved. The aggregated results indicate an average cost reduction of between 29% and 34% for verification and validation and of between 22% and 32% for defect removal. Compared with these cost savings, improvements regarding test coverage (~8%), number of remaining defects (~13%), and time to market (~8%) appear less noticeable.

show abstract

Expressing Best Practices in (Risk) Analysis and Testing of Safety-Critical Systems Using Patterns

Cited by 3 publications

References 6 publications

How to early integrate operational diagnosis objectives in model‐driven engineering processes: A methodological proposal based on fault and behavior trees

How to early integrate operational diagnosis objectives in model‐driven engineering processes: A methodological proposal based on fault and behavior trees

Security Requirements as Code: Example from VeriDevOps Project

A Large-Scale Technology Evaluation Study: Effects of Model-based Analysis and Testing

Contact Info

Product

Resources

About