Modelling confidence in railway safety case

Abstract Railway standard EN50129 clarifies the safety acceptance conditions of safety-related electronic systems for signalling. It requires using a structured argumentation, named Safety Case, to present the fulfilment of these conditions. As guidance for building the Safety Case, this standard provides the structure of high-level safety objectives and the recommendations of development techniques according to different Safety Integrity Levels (SIL). Nevertheless, the rationale connecting these techniques to the high-level safety objectives is not explicit. The proposed techniques stem from experts belief in the effectiveness and efficiency of these techniques to achieve the underlying safety objectives. So, how should one formalize and assess this belief? And as a result how much confidence can we have in the safety of railway systems when these standards are used? To deal with these questions, the paper successively addresses two aspects: (1) making explicit the safety assurance rationale by modelling the Safety Case with GSN (Goal Structuring Notation) according to EN5012x standards; (2) proposing a quantitative framework based on Dempster-Shafer theory to formalize and assessing the confidence in the Safety Case. A survey amongst safety experts is carried out to estimate the confidence parameters. With these results, an application guidance of this framework is provided based on the Wheel Slide Protection (WSP) system.

[1]  T. Govier A practical study of argument , 1985 .

[2]  Monica Malvezzi,et al.  HIL simulation of WSP systems on MI-6 test rig , 2006 .

[3]  R. Bell,et al.  IEC 61508: functional safety of electrical/electronic/ programme electronic safety-related systems: overview , 1999 .

[4]  Audun Jøsang,et al.  A Logic for Uncertain Probabilities , 2001, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[5]  Peter G. Bishop,et al.  A Methodology for Safety Case Development , 2000, SSS.

[6]  Lukasz Cyra,et al.  Support for argument structures review and assessment , 2011, Reliab. Eng. Syst. Saf..

[7]  Barbara Gallina,et al.  Deriving Safety Case Fragments for Assessing MBASafe's Compliance with EN 50128 , 2016, SPICE.

[8]  Lukasz Cyra,et al.  Supporting Compliance with Security Standards by Trust Case Templates , 2007, 2nd International Conference on Dependability of Computer Systems (DepCoS-RELCOMEX '07).

[9]  Jérémie Guiochet,et al.  A Model for Safety Case Confidence Assessment , 2015, SAFECOMP.

[10]  Didier Dubois,et al.  Formal Representations of Uncertainty , 2010, Decision-making Process.

[11]  Patrick Graydon,et al.  An investigation of proposed techniques for quantifying confidence in assurance arguments , 2017 .

[12]  David Wright,et al.  Confidence: Its Role in Dependability Cases for Risk Assessment , 2007, 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'07).

[13]  Ewen Denney,et al.  Towards Measurement of Confidence in Safety Cases , 2011, 2011 International Symposium on Empirical Software Engineering and Measurement.

[14]  Peter Jesty,et al.  Safety Cases and Their Role in ISO 26262 Functional Safety Assessment , 2013, SAFECOMP.

[15]  Richard Hawkins,et al.  A New Approach to creating Clear Safety Arguments , 2011, SSS.

[16]  Neil Walkinshaw,et al.  An evidential reasoning approach for assessing confidence in safety evidence , 2015, 2015 IEEE 26th International Symposium on Software Reliability Engineering (ISSRE).

[17]  Benedetto Allotta,et al.  Development of a HIL railway roller rig model for the traction and braking testing activities under degraded adhesion conditions , 2013 .

[18]  Rui Wang,et al.  A Framework for Assessing Safety Argumentation Confidence , 2016, SERENE.

[19]  Jérémie Guiochet,et al.  Confidence Assessment Framework for Safety Arguments , 2017, SAFECOMP.

[20]  Tim Kelly,et al.  The Goal Structuring Notation – A Safety Argument Notation , 2004 .

[21]  C. Michael Holloway Making the Implicit Explicit: Towards an Assurance Case for DO-178C , 2013 .

[22]  Philippe Smets,et al.  The Nature of the Unnormalized Beliefs Encountered in the Transferable Belief Model , 1992, UAI.

[23]  Eckehard Schnieder,et al.  The Improvement of the Safety-Case Process in Practice: From Problems and a Promising Approach to Highly Automated Safety Case Guidance , 2010 .

[24]  C. Michael Holloway Explicate '78: Uncovering the Implicit Assurance Case in DO-178C , 2015 .

[25]  John C. Knight,et al.  The Indispensable Role of Rationale in Safety Standards , 2016, SAFECOMP.

[26]  Insup Lee,et al.  A Systematic Approach to Justifying Sufficient Confidence in Software Safety Arguments , 2012, SAFECOMP.

[27]  John Rushby,et al.  The Interpretation and Evaluation of Assurance Cases , 2015 .

[28]  Insup Lee,et al.  Assessing the Overall Suffic iency of Safety Arguments , 2013 .

[29]  Glenn Shafer,et al.  A Mathematical Theory of Evidence , 2020, A Mathematical Theory of Evidence.

[30]  John A. McDermid,et al.  Safety Case Construction and Reuse Using Patterns , 1997, SAFECOMP.

[31]  Tim Kelly A Systematic Approach to Safety Case Management , 2004 .