| 1. |
- Mukelabai, M., et al.
(författare)
-
Tackling combinatorial explosion : A study of industrial needs and practices for analyzing highly configurable systems
- 2019
-
Ingår i: Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI). - : Gesellschaft fur Informatik (GI). ; , s. 79-80
-
Konferensbidrag (refereegranskat)abstract
- Hundreds of dedicated analysis techniques for highly configurable systems have been conceived, many of them able to analyze properties for all possible system configurations. Unfortunately, it is largely unknown whether these techniques are adopted in practice, whether they address actual needs, or which strategies practitioners apply. We present a study [MNM+18] of analysis practices and needs in industry based on surveys and interviews. We confirm that properties considered in the literature (e.g., reliability) are relevant and that consistency between variability models and artifacts is critical, but that the majority of analyses for specifications of configuration options (a.k.a., variability model analysis) is not perceived as needed. We identified pragmatic analysis strategies, including practices to avoid the need for analysis. We discuss analyses that are missing and synthesize our insights into suggestions for future research.
|
|
| 2. |
- Mukelabai, Mukelabai, 1985, et al.
(författare)
-
Tackling Combinatorial Explosion: A Study of Industrial Needs and Practices for Analyzing Highly Configurable Systems
- 2018
-
Ingår i: Automated Software Engineering. - New York, NY, USA : ACM. - 1573-7535 .- 0928-8910. ; , s. 155-166
-
Konferensbidrag (refereegranskat)abstract
- Highly configurable systems are complex pieces of software. To tackle this complexity, hundreds of dedicated analysis techniques have been conceived, many of which able to analyze system properties for all possible system configurations, as opposed to traditional, single-system analyses. Unfortunately, it is largely unknown whether these techniques are adopted in practice, whether they address actual needs, or what strategies practitioners actually apply to analyze highly configurable systems. We present a study of analysis practices and needs in industry. It relied on a survey with 27 practitioners engineering highly configurable systems and follow-up interviews with 15 of them, covering 18 different companies from eight countries. We confirm that typical properties considered in the literature (e.g., reliability) are relevant, that consistency between variability models and artifacts is critical, but that the majority of analyses for specifications of configuration options (a.k.a., variability model analysis) is not perceived as needed. We identified rather pragmatic analysis strategies, including practices to avoid the need for analysis. For instance, testing with experience-based sampling is the most commonly applied strategy, while systematic sampling is rarely applicable. We discuss analyses that are missing and synthesize our insights into suggestions for future research.
|
|
| 3. |
- Nešić, Damir, 1988-
(författare)
-
A Probabilistic Model of Belief in Safety Cases
-
Annan publikation (övrigt vetenskapligt/konstnärligt)abstract
- A safety case is a hierarchical argument supported by evidence, whose scope is defined by contextual information. The goal is to show that the conclusion of such argument, typically "the system is acceptably safe", is true. However, because the knowledge about systems is always imperfect, the value true cannot be assigned with absolute certainty. Instead, researchers have proposed to assess the belief that a conclusion is true, which should be high for a safe system. Existing methods for belief calculations suffer from various limitations that lead to unrealistic belief values. This paper presents a novel method, underlined by formal definitions of concepts such as conclusion being true, or context defining the scope. Given these definitions, a general, probabilistic model for calculating the belief in a conclusion of an arbitrary argument is derived. Because the derived probabilistic model is independent of any safety-case notation, the elements of a commonly used notation are mapped to the formal definitions, and the corresponding probabilistic model is represented as a Bayesian Network to enable large-scale calculations. Finally, the method is applied to scenarios where previous methods produce unrealistic values, to show that the presented method produces belief values as expected.
|
|
| 4. |
- Nešić, Damir, 1988-, et al.
(författare)
-
A probabilistic model of belief in safety cases
- 2021
-
Ingår i: Safety Science. - : Elsevier BV. - 0925-7535 .- 1879-1042. ; 138
-
Tidskriftsartikel (refereegranskat)abstract
- A safety case is a hierarchical argument supported by evidence, whose scope is defined by contextual information. The goal is to show that the conclusion of such argument, typically "the system is acceptably safe", is true. However, because the knowledge about systems is always imperfect, the value true cannot be assigned with absolute certainty. Instead, researchers have proposed to assess the belief that a conclusion is true, which should be high for a safe system. Existing methods for belief calculations were shown to suffer from various limitations that lead to unrealistic belief values. This paper presents a novel method, underlined by formal definitions of concepts such as conclusion being true, or context defining the scope. Given these definitions, a general, probabilistic model for the calculation of belief in a conclusion of an arbitrary argument is derived. Because the derived probabilistic model is independent of any safety-case notation, the elements of a commonly used notation are mapped to the formal definitions, and the corresponding probabilistic model is represented as a Bayesian Network to enable large-scale calculations. Finally, the method is applied to scenarios where previous methods produce unrealistic values, and it is shown that the presented method produces belief values as expected.
|
|
| 5. |
- Nešić, Damir, 1988-, et al.
(författare)
-
Applying Multi-Level Modeling to DataIntegration in Product Line Engineering
- 2017
-
Ingår i: CEUR Workshop Proceedings. - : CEUR Workshop Proceedings. ; , s. 235-242
-
Konferensbidrag (refereegranskat)abstract
- Developing systems according to the Product Line Engineer-ing (PLE) paradigm is a process in which dierent types of engineeringartifacts are created with the aim of reusing them in dierent congurationsof the same system. Ensuring that dierent system congurationssatisfy various functional and non-functional properties is ensured byanalyzing dierent artifacts but because they are maintained by dierenttools, sometimes even manually, achieving and especially automatingsuch analyses is a challenging task. Overcoming this issue can beachieved through data integration of existing data which implies creatingan information model that species how will the existing data fragmentsbe related, captures relevant domain constraints, and most importantlycaptures the fact that some data objects are classes in one tool and instancesin another. This paper reports on the experiences from applyingthe Multi-Level conceptual Theory (MLT), to the problem of informationmodeling for data integration in the PLE context. Being a Multi-LevelModeling, powertype-based framework, MLT allows separation of the classand instance facet of modeled entities while keeping them explicit. Someof the MLT modeling constructs are particularly useful for capturing therenement levels of the modeled artifacts and for succinctly capturingconstraints like disjointess or completeness among them. We also reportthat there were certain aspects of the studied case that could not be expressedusing MLT. The studied case comes from a real data-integrationproject from the heavy vehicle manufacturer, Scania CV AB.
|
|
| 6. |
- Nešić, Damir, 1988-
(författare)
-
Automated Creation of Safety Cases for Highly Configurable Systems
- 2020
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Regardless of the domain, the size and complexity of software-intensive systems is constantly increasing. At the same time, to satisfy the needs of different customers, systems are more frequently being engineered as configurable, where individual customers can select the configuration that suits them best. Effectively, this means that instead of single systems, more frequently families of similar systems are being engineered. Furthermore, given that the majority of novel functionality is coming from software, whose development is increasingly agile and automated, the lead times between the releases of new features and improvements is reducing. These trends have not bypassed safety-critical domains, and as a consequence, safety-assurance activities must be performed in shorter time, while dealing with families of systems whose size and complexity keeps increasing. Given that any type of assurance is notorious for being laborious, documentation-heavy, and often manual, the conjencture of this thesis is that automation is necessary to enable timely execution of assurance activities for increasingly complex, and configurable systems.This thesis presents a method for automated creation and assessment of safety cases, which are structured, evidence-supported arguments that a system is sufficiently safe for the intended application. Given the focus on highly configurable systems, the presented method yields safety-case argumentation for all possible configurations of a system. This is achieved by developing a general, and formal model of configurable-systems which supports sound, compositional reasoning, and which allows avoiding per-configuration analysis. The conditions that enable such compositional analysis are used to define a method to create modular safety-case argumentation. Its modular structure allows independent creation of smaller safety-case modules, and under certain conditions, their composition into larger parts of a safety case. A benefit of the formal foundation is the fact that the method is amenable to automation. Consequently, tool-support for the creation of evidence-supported safety-case argumentation for all possible configurations of a system is presented. Because safety-cases are always constructed in a concrete engineering process, the tool is designed by identifying the constraints of a typical, industrial, engineering process. As a consequence, the presented tool focuses on information-modeling of arbitrary, yet engineering-process-specific artifacts, their subsequent automated analysis that results in safety-case evidence, and finally the creation of the safety-case argumentation. The method for safety-case creation, and the developed tool-support, are evaluated on two real, configurable systems from the heavy-vehicle manufacturer \textsc{Scania}, where the feasibility of industrial adoption has been confirmed, but also where suggestions for further improvements have been identified.Given that a complete safety-case will always encode some degree of uncertainty, a semi-automated method to asses the degree of the encoded uncertainty is also presented. More precisely, for cases when it is unclear if the overall claim of a safety case is true, typically that "a system is sufficiently safe", a probabilistic method to calculate the belief in such claim is presented. The developed method is it is safety-case-notation independent, it is underlined by a deterministic interpretation of arbitrary safety-case arguments, and it is encoded as a Bayesian Network that can be analyzed with off-the-shelf tool support. The method is evaluated against a benchmark from the literature and it is shown that unlike previous methods, the presented method behaves according to the intuition, i.e. depending on the content of a safety case the calculated belief values are as expected.
|
|
| 7. |
- Nešić, Damir, 1988-, et al.
(författare)
-
Building a web-based federated toolchain : Lessons learned from a four-year industrial project
- 2019
-
Ingår i: ACM International Conference Proceeding Series. - New York, NY, USA : Association for Computing Machinery. - 9781450371797
-
Konferensbidrag (refereegranskat)abstract
- Big companies use many tools, jointly referred to as the toolchain, to manage vast amounts of engineering data being generated across an application lifecycle. Individual tools are typically designed to perform specific engineering tasks, and rely on specific data formats. This leads to problems when attempting to automate engineering tasks that are not supported by a particular tool, and which require data from multiple tools. This paper presents the experiences and lessons learned from an industrial research-project within the heavy vehicle manufacturer Scania, where the project goal was to identify and industrialize technologies and principles that solve the above problem. The presented lessons cover architectural, technological, and organizational aspects of a toolchain development-process. In addition, as a consequence of the lessons learned, the toolchain architecture and tool-interface architecture is also presented.
|
|
| 8. |
- Nešić, Damir, 1988-, et al.
(författare)
-
Constructing product-line safety cases from contract-based specifications
- 2019
-
Ingår i: Proceedings of the ACM Symposium on Applied Computing. - New York, NY, USA : Association for Computing Machinery. ; , s. 2022-2031
-
Konferensbidrag (refereegranskat)abstract
- Safety cases are used to argue that safety-critical systems satisfy the requirements that are determined to mitigate the potential hazards in the systems operating environment. Although typically a manual task, safety cases have been successfully created for systems without many configuration options. However, in highly configurable systems, typically developed as a Product Line (PL), arguing about each possible configuration, and ensuring the completeness of the safety case are still open research problems. This paper presents a novel and general approach, based on Contract-Based Specification (CBS), for the construction of a safety case for an arbitrary PL. Starting from a general CBS framework, we present a PL extensions that allows expressing configurable systems and preserves the properties of the original CBS framework. Then, we define the transformation from arbitrary PL models, created using extended CBS framework, to a safety case argumentation-structure, expressed using the Goal Structuring Notation. Finally, the approach is exemplified on a simplified, but real, and currently produced system by Scania CV AB.
|
|
| 9. |
- Nešić, Damir, 1988-, et al.
(författare)
-
Contract-based Specification and Description-Logic-Based Validation of Product Lines
- 2018
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- The complexity of critical systems is constantly increasing. Consequently, assuring properties like safety or security of such systems is increasingly difficult. The difficulties are only intensified in the Product-Line Engineering (PLE) context, where properties of a complete family of systems, i.e. a Product Line (PL), must be assured. Contract-Based Specification and Design (CBSD) paradigm is a promising approach for alleviating these difficulties because it is a general-purpose, formal paradigm, developed purposely to support structured development of complex systems which are correct-by-design. Starting from a general CBSD framework, we present an extension that supports using CBSD in PLE, and prove that the extension preserves the properties of the original framework. Then, as a step towards providing tool-support for CBSD specification of PLs, we define the encoding of an arbitrary CBSD model of a PL, together with the constraints which define a proper CBSD model, as a Tbox of a description logic knowledge base. Finally, we show how verification of these constraints can be reduced to satisfiability verification of the corresponding knowledge base. In order to validate the presented approach, a CBSD specification of a small, but real, industrial PL is created, implemented as an OWL ontology, and an off-the-shelf reasoner was used to verify if the provided CBSD model is proper.
|
|
| 10. |
- Nešić, Damir, 1988-, et al.
(författare)
-
Modular Safety Cases for Product Lines Based on Assume-Guarantee Contracts
- 2019
-
Ingår i: Computer Safety, Reliability, and Security. SAFECOMP 2019.. - Cham : Springer International Publishing. - 9783030262495 ; , s. 28-40
-
Konferensbidrag (refereegranskat)abstract
- Safety cases are recommended, and in some cases required, by a number of standards. In the product line context, unlike for single systems, safety cases are inherently complex because they must argue about the safety of a family of products that share various types of engineering assets. Safety case modularization has been proposed to reduce safety case complexity by separating concerns, modularizing tightly coupled arguments, and localizing effects of changes to particular modules. Existing modular safety-case approaches for product lines propose a feature-based modularization, which is too coarse to modularize the claims of different types, at different levels of abstraction. To overcome these limitation, a novel, modular safety-case architecture is presented. The modularization is based on a contract-based specification product-line model, which jointly captures the component-based architecture of systems and corresponding safety requirements as assume-guarantee contracts. The proposed safety-case architecture is analyzed against possible product-line changes and it is shown that it is robust both with respect to fine and coarse-grained, and also product and implementation-level changes. The proposed modular safety case is exemplified on a simplified, but real automotive system.
|
|
