| 1. |
- Castellanos Ardila, Julieth Patricia, Doctoral student, 1976-
(författare)
-
A Safety-centered Planning-time Framework for Automated Process Compliance Checking
- 2021
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Safety-critical systems, whose failure could lead to catastrophic consequences, are everywhere. Not only environments with high-risk functions, e.g., nuclear power plants, are safety-critical systems. Our vehicles, medical devices that perform different kinds of treatments, airplanes, and industrial robots, are also safety-critical systems. The more harm the system can cause, the more careful the system has to be designed, implemented, and maintained. By following practices of reasonable care, typically collected within industry standards, manufacturers demonstrate that they aim at preventing safety-critical systems from failing or causing various types of damage. Thus, compliance with standards, especially safety standards, is a must-do for manufacturers of safety-critical systems.Industry standards often adopt a prescriptive approach, which focuses on process-related requirements. To comply with such standards, manufacturers have to carefully prepare process plans that properly address the applicable requirements. A compliant process plan should include the sequence of tasks mandated by applicable standards as well as the resources allocated to such tasks, e.g., personnel, work products, required tools, and methods, which are also framed with key properties. The planning task could be supported by checking that planned processes fulfill the properties set down by standards at given points.Compliance checking of process plans is rarely done for just one standard. In automotive, for instance, it is recommended that manufacturers follow at least standards for functional safety, cybersecurity, and software process improvements. Manufacturers also need to perform tailoring, i.e., select and modify requirements depending on the individual project. In safety standards, tailoring is often performed by taking into account existing safety criticality levels. Moreover, new versions of the standards, which are frequently released, demand recertification. In addition, compliance checking is not only done to one process plan. Companies commonly need to plan several processes simultaneously. Consequently, it is not easy to manually check that process plans comply with the requirements of standards.Automated compliance checking could help process engineers in such organizations to detect compliance violations and enforce compliance at planning time. Thus, the main goal of this dissertation is to facilitate automated compliance checking of the process plans used to engineer safety-critical systems against the standards mandated (or recommended) in the safety-critical context. To reach our goal, we adopt modern methods and tools, adapt them by mainly focusing on software and risk analysis process plans, and contribute to the state-of-the-art as follows:1. We identify aspects that make compliance checking of process plans demanding and formulate requirements for a technical solution to these problems. 2. We introduce ACCEPT (Automated Compliance Checking of Engineering Process plans against sTandards), an iterative and comprehensible framework for supporting process engineers to check and enforce process plan compliance. 3. We propose mechanisms for facilitating the creation and reuse of the specifications required to check process plan compliance.4. We investigate the significance of our proposed solutions by applying different validation mechanisms. As a result, our solutions show to be useful to support process engineers in the compliance checking tasks required during process planning.This dissertation's contributions aim at planting the seeds for the future development of tools that support process engineers moving towards automated compliance checking practices.
|
|
| 2. |
- Castellanos Ardila, Julieth Patricia, Doctoral student, 1976-, et al.
(författare)
-
Compliance checking of software processes : A systematic literature review
- 2022
-
Ingår i: Journal of Software. - : John Wiley & Sons. - 2047-7473 .- 2047-7481. ; 34:5
-
Tidskriftsartikel (refereegranskat)abstract
- The processes used to develop software need to comply with normative requirements (e.g., standards and regulations) to align with the market and the law. Manualcompliance checking is challenging because there are numerous requirements withchanging nature and different purposes. Despite the importance of automated techniques, there is not any systematic study in this field. This lack may hinder organizations from moving toward automated compliance checking practices. In this paper,we characterize the methods for automatic compliance checking of software processes, including used techniques, potential impacts, and challenges. For this, weundertake a systematic literature review (SLR) of studies reporting methods in thisfield. As a result, we identify solutions that use different techniques (e.g., anthologiesand metamodels) to represent processes and their artifacts (e.g., tasks and roles). Various languages, which have diverse capabilities for managing competing and changingnorms, and agile strategies, are also used to represent normative requirements. Mostsolutions require tool-support concretization and enhanced capabilities to handleprocesses and normative diversity. Our findings outline compelling areas for futureresearch. In particular, there is a need to select suitable languages for consolidating ageneric and normative-agnostic solution, increase automation levels, tool support,and boost the application in practice by improving usability aspects.
|
|
| 3. |
- Castellanos Ardila, Julieth Patricia, et al.
(författare)
-
Enabling Compliance Checking against Safety Standards from SPEM 2.0 Process Models
- 2018
-
Ingår i: The Euromicro Conference on Software Engineering and Advanced Applications SEAA 2018.
-
Konferensbidrag (refereegranskat)abstract
- Compliance with process-based safety standards may imply the provision of a safety plan and its corresponding compliance justification. The provision of this justification is time-consuming since it requires that the process engineer checks the fulfillment of hundred of requirements by taking into account the evidence provided by the process entities. Available methodologies and their implemented tools can be used to automate this checking and provide a compliance report that can be part of the justification to be scrutinized by the safety auditor. In this paper, we explain our compliance checking vision for supporting the process engineer, in which the interaction between SPEM 2.0 (Software & Systems Process Engineering Metamodel) and Regorous (a tool-supported methodology for compliance checking) is established. Then, we focus on SPEM 2.0 to identify mechanisms to provide the minimal set of elements required to be processed by Regorous and describe how to implement them in EPF Composer. We also illustrate these mechanisms by modeling a simple example from ISO 26262 and show how a compliance report can be used to trace unfulfilled requirements.
|
|
| 4. |
- Castellanos Ardila, Julieth Patricia, Doctoral student, 1976-
(författare)
-
Facilitating Automated Compliance Checking of Processes against Safety Standards
- 2019
-
Licentiatavhandling (övrigt vetenskapligt/konstnärligt)abstract
- A system is safety-critical if its malfunctioning could have catastrophic consequences for people, property or the environment, e.g., the failure in a car's braking system could be potentially tragic. To produce such type of systems, special procedures, and strategies, that permit their safer deployment into society, should be used. Therefore, manufacturers of safety-critical systems comply with domain-specific safety standards, which embody the public consensus of acceptably safe. Safety standards also contain a repository of expert knowledge and best practices that can, to some extent, facilitate the safety-critical system’s engineering. In some domains, the applicable safety standards establish the accepted procedures that regulate the development processes. For claiming compliance with such standards, companies should adapt their practices and provide convincing justifications regarding the processes used to produce their systems, from the initial steps of the production. In particular, the planning of the development process, in accordance with the prescribed process-related requirements specified in the standard, is an essential piece of evidence for compliance assessment. However, providing such evidence can be time-consuming and prone-to-error since it requires that process engineers check the fulfillment of hundreds of requirements based on their processes specifications. With access to suitable tool-supported methodologies, process engineers would be able to perform their job efficiently and accurately.Safety standards prescribe requirements in natural language by using notions that are subtly similar to the concepts used to describe laws. In particular, requirements in the standards introduce conditions that are obligatory for claiming compliance. Requirements also define tailoring rules, which are actions that permit to comply with the standard in an alternative way. Unfortunately, current approaches for software verification are not furnished with these notions, which could make their use in compliance checking difficult. However, existing tool-supported methodologies designed in the legal compliance context, which are also proved in the business domain, could be exploited for defining an adequate automated compliance checking approach that suits the conditions required in the safety-critical context.The goal of this Licentiate thesis is to propose a novel approach that combines: 1) process modeling capabilities for representing systems and software process specifications, 2) normative representation capabilities for interpreting the requirements of the safety standards in an adequate machine-readable form, and 3) compliance checking capabilities to provide the analysis required to conclude whether the model of a process corresponds to the model with the compliant states proposed by the standard's requirements. Our approach contributes to facilitating compliance checking by providing automatic reasoning from the requirements prescribed by the standards, and the description of the process they regulate. It also contributes to cross-fertilize two communities that were previously isolated, namely safety-critical and legal compliance contexts. Besides, we propose an approach for mastering the interplay between highly-related standards. This approach includes the reuse capabilities provided by SoPLE (Safety-oriented Process Line Engineering), which is a methodological approach aiming at systematizing the reuse of process-related information in the context of safety-critical systems. With the addition of SoPLE, we aim at planting the seeds for the future provision of systematic reuse of compliance proofs. Hitherto, our proposed methodology has been evaluated with academic examples that show the potential benefits of its use.
|
|
| 5. |
- Castellanos Ardila, Julieth Patricia, Doctoral student, 1976-, et al.
(författare)
-
Facilitating automated compliance checking of processes in the safety-critical context
- 2019
-
Ingår i: Electronic Communications of the EASST. - : Universitatsbibliothek TU Berlin. - 1863-2122. ; 78, s. 1-21
-
Tidskriftsartikel (refereegranskat)abstract
- In some domains, the applicable safety standards prescribe processrelated requirements. Essential pieces of evidence for compliance assessment with such standard are the compliance justifications of the process plans used to engineer systems. These justifications should show that the process plans are produced in accordance with the prescribed requirements. However, providing the required evidence may be time-consuming and error-prone since safety standards are large, natural language-based documents with hundreds of requirements. Besides, a company may have many safety-critical-related processes to be examined. In this paper, we propose a novel approach that combines process modeling and compliance checking capabilities. Our approach aims at facilitating the analysis required to conclude whether the model of a process plan corresponds to a model with compliant states. Hitherto, our proposed methodology has been evaluated with academic examples that show the potential benefits of its use.
|
|
| 6. |
- Castellanos Ardila, Julieth Patricia, Doctoral student, 1976-, et al.
(författare)
-
Systematic Literature Review of Compliance Checking Approaches for Software Processes
- 2021
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- Context: Software processes have increased demands coming from normative requirements. Organizations developing software comply with such demands to be in line with the market and the law. The state-of-the-art provides means to automatically check whether a software process complies with a set of normative requirements. However, no comprehensive and systematic review has been conducted to characterize such works. Objective: We characterize the current research on this topic, including an account of the used techniques, their potential impacts, and challenges. Method: We undertake a Systematic Literature Review (SLR) of primary studies reporting techniques for automated compliance checking of software processes. Results: We identified 41 papers reporting solutions focused on limited normative frameworks. Such solutions use specific languages for the processes and normative representation. Thus, the artifacts represented vary from one solution to the other. The level of automation, which in most methods requires tool-support concretization, focuses mostly on the reasoning process and requires human intervention, e.g., for creating the inputs for such reasoning. In addition, only a few contemplate agile environments and standards evolution. Conclusions: Our findings outline compelling areas for future research. In particular, there is a need to consolidate existing languages for process and normative representation, compile efforts in a generic and normative-agnostic solution, increase automation and tool support, and incorporate a layer of trust to guarantee that rules are correctly derived from the normative requirements.
|
|
| 7. |
- Castellanos Ardila, Julieth Patricia, et al.
(författare)
-
Transforming SPEM 2.0-compatible process models into models checkable for compliance
- 2018
-
Ingår i: Communications in Computer and Information Science. - Cham : Springer Verlag. - 9783030006228 ; , s. 233-247
-
Konferensbidrag (refereegranskat)abstract
- Manual compliance with process-based standards is time-consuming and prone-to-error. No ready-to-use solution is currently available for increasing efficiency and confidence. In our previous work, we have presented our automated compliance checking vision to support the process engineer’s work. This vision includes the creation of a process model, given by using a SPEM 2.0 (Systems & Software Process Engineering Metamodel)-reference implementation, to be checked by Regorous, a compliance checker used in the business context. In this paper, we move a step further for the concretization of our vision by defining the transformation, necessary to automatically generate the models required by Regorous. Then, we apply our transformation to a small portion of the design phase recommended in the rail sector. Finally, we discuss our findings, and present conclusions and future work.
|
|
| 8. |
- Gallina, Barbara, et al.
(författare)
-
Compliance of agilized (Software) development processes with safety standards : A vision
- 2018
-
Ingår i: ACM International Conference Proceeding Series. - New York, NY, USA : Association for Computing Machinery.
-
Konferensbidrag (refereegranskat)abstract
- Hybrid software development, meant as a combination of traditional and agile methods/practices, has become a reality in safety-critical systems engineering. The spreading of hybrid software development stems from the impossibility to face the manyfold challenges via the definition of a process by the book. In this context, compliance management becomes challenging and the role of existing means for compliance should be clarified/rethought. In this position paper, we discuss the challenges and we propose our compliance management vision, which is being implemented in the context of the EU ECSEL AMASS project.
|
|
| 9. |
- Gallina, Barbara, et al.
(författare)
-
Model-driven Dependability Analysis Method for Component-based Architectures
- 2012
-
Ingår i: Proceedings - 38th EUROMICRO Conference on Software Engineering and Advanced Applications, SEAA 2012. - 9780769547909 ; , s. 233-240
-
Konferensbidrag (refereegranskat)abstract
- Critical distributed real-time embedded component-based systems must be dependable and thus be able to avoid unacceptable failures. To efficiently evaluate the dependability of the assembly obtained by selecting and composing components, well-integrated and tool-supported techniques are needed. Currently, no satisfying tool-supported technique fully integrated in the development life-cycle exists. To overcome this limitation, we propose CHESS-FLA, which is a model-driven failure logic analysis method. CHESS-FLA allows designers to: model the nominal as well as the failure behaviour of their architectures, automatically perform dependability analysis through a model transformation, and, finally, ease the interpretation of the analysis results through back-propagation onto the original architectural model. CHESS-FLA is part of an industrial quality tool-set for the functional and extra-functional development of high integrity embedded component-based systems, developed within the EU-ARTEMIS funded CHESS project. Finally, we present a case study taken from the telecommunication domain to illustrate and assess the proposed method.
|
|
| 10. |
- Javed, Muhammad Atif, et al.
(författare)
-
Enforcing geofences for managing automated transportation risks in production sites
- 2020
-
Ingår i: Communications in Computer and Information Science. - Cham : Springer Science and Business Media Deutschland GmbH. - 9783030584610 ; , s. 113-126
-
Konferensbidrag (refereegranskat)abstract
- The key to system safety is the identification and elimination/mitigation of potential hazards and documentation of evidences for safety cases. This is generally done during the system design and development phase. However, for automated systems, there is also a need to deal with unknowns and uncertainties during operational phase. This paper focuses on virtual boundaries around geographic zones (i.e., geofences) that can serve as an active countermeasure for dynamic management of risks in automated transportation/production contexts. At first, hazard analysis is performed using the Hazard and Operability (HAZOP) and Fault Tree Analysis (FTA) techniques. Based on the hazard analysis, appropriate measures, such as geofences for elimination/mitigation of hazards are defined. Subsequently, they are translated into the safety requirements. We leverage on simulation based digital twins to perform verification and validation of production site by incorporating safety requirements in them. Finally, to manage risks in a dynamic manner, the operational data is gathered, deviations from specified behaviours are tracked, possible implications of control actions are evaluated and necessary adaptations are performed. The risk management is assured in situations, such as communication loss, subsystem failures and unsafe paths. This approach provides a basis to fill the gaps between the safety cases and the actual system safety emanating from system/environment evolution as well as obsolescence of evidences. The applicability of the proposed framework is exemplified in the context of a semi-automated quarry production scenario.
|
|
