Structuring Safety Requirements in ISO 26262 Using Contract Theory

Westman, Jonas; Nyberg, Mattias; Törngren, Martin

doi:10.1007/978-3-642-40793-2_16

Cited by 17 publications

(17 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…1b, the assumption Lmeter can rather be seen as a requirement that is allocated to the potentiometer pot . This was also observed in [72,78] where, in the context of an architecture, assumptions are in fact references to other guarantees. Therefore, in the definition of a contract structure for a specific architecture in Sect.…”

Section: Contracts As Requirement Relationssupporting

confidence: 66%

“…Formulated differently, the guarantee lMeter is a requirement that is allocated to lMeter with the intent that lMeter is fulfilled if the assumption lMeter is fulfilled. This view is in accordance with [78] where guarantees are used to express safety requirements on elements.…”

Section: Contracts As Requirement Relationsmentioning

confidence: 94%

“…The behavior of a non-leaf element (X, ) is the assertion that is the projection [73,75,78] of the intersection of the behaviors of its children (X i , i ) N i=1 onto the interface X; syntactically, is represented by the constraints, representing ⋂ N i=1 i , limited to be only over X. Formally, this is represented as =proj X ( ⋂ N i=1 i ) where p roj X denotes extended projection [73,74].…”

Section: Vmentioning

confidence: 99%

See 2 more Smart Citations

Providing tool support for specifying safety-critical systems by enforcing syntactic contract conditions

Westman

Nyberg

2017

Requirements Eng

Self Cite

View full text Add to dashboard Cite

Functional safety standards such as IEC 61508 and ISO 26262 advocate a particularly stringent requirements engineering where safety requirements must be structured in a hierarchical manner and specified in accordance with the system architecture. In contrast to the stringent requirements engineering in functional safety standards, according to previous studies, requirements engineering in industry is in general of poor quality. Contracts theory has been previously shown to be suitable for supporting such a stringent requirements engineering effort; this support has also been implemented in tools. However, to use these contract-based tools, requirements must be formalized, which is a major challenge in industry. Therefore, to support current industrial requirements engineering practice and the stringent requirements engineering in functional safety standards, it is shown how tool support can be provided even when requirements, and also architectures, are not formalized. This is achieved by enforcing syntactic, yet formal, conditions in contracts theory. Despite the need for further validation, initial findings in an industrial case study indicate high potential in realizing the proposed support in an industrial setting.

show abstract

Section: Contracts As Requirement Relationssupporting

confidence: 66%

Section: Contracts As Requirement Relationsmentioning

confidence: 94%

Section: Vmentioning

confidence: 99%

See 1 more Smart Citation

Providing tool support for specifying safety-critical systems by enforcing syntactic contract conditions

Westman

Nyberg

2017

Requirements Eng

Self Cite

View full text Add to dashboard Cite

show abstract

“…Given a set of variables X , an assertion W over X is a possibly empty set of runs for X . This notion corresponds to similar definitions in [6,7,31]. Note that, in the following, assertions will be specified by equations.…”

Section: Assertions and Runsmentioning

confidence: 99%

“…a system, are formulated in order to prevent or mitigate hazards, where the hazards "shall be defined in terms of the conditions or behaviour that can be observed at the vehicle level" [29]. This can be observed in the industrial examples [30,31], where requirements that are not limited to the interface of components are necessarily used in order to properly express safety requirements on the components.…”

Section: Introductionmentioning

confidence: 99%

Environment-Centric Contracts for Design of Cyber-Physical Systems

Westman

Nyberg

2014

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. A contract splits the responsibilities between a component and its environment into a guarantee that expresses an intended property under the responsibility of the component, given that the environment fulfills the assumptions. Although current contract theories are limited to express contracts over interfaces of components, specifications that are not limited to interfaces are used in practice and are needed in order to properly express safety requirements. A framework is therefore presented, generalizing current contract theory to environment-centric contracts -contracts that are not limited to the interface of components. The framework includes revised definitions of properties of contracts, as well as theorems that specifies exact conditions for when the properties hold. Furthermore, constraints are introduced, limiting the ports over which an environment-centric contract is expressed where the constraints constitute necessary conditions for the guarantee of the contract to hold in an architecture.

show abstract