An evidential reasoning approach for assessing confidence in safety evidence

Safety cases present the arguments and evidence that can be used to justify the acceptable safety of a system. Many secondary factors such as the tools used, the techniques applied, and the experience of the people who created the evidence, can affect an assessor's confidence in the evidence cited by a safety case. One means of reasoning about this confidence and its inherent uncertainties is to present a `confidence argument' that explicitly justifies the provenance of the evidence used. In this paper, we propose a novel approach to automatically construct these confidence arguments by enabling assessors to provide individual judgements concerning the trustworthiness and the appropriateness of the evidence. The approach is based on Evidential Reasoning and enables the derivation of a quantified aggregate of the overall confidence. The proposed approach is supported by a prototype tool (EviCA) and has been evaluated using the Technology Acceptance Model.

[1]  Xuan Li,et al.  Weapon System Capability Assessment under uncertainty based on the evidential reasoning approach , 2011, Expert Syst. Appl..

[2]  Jian-Bo Yang,et al.  Safety analysis and synthesis using fuzzy sets and evidential reasoning , 1995 .

[3]  Barbara Gallina,et al.  A Model-Driven Safety Certification Method for Process Compliance , 2014, 2014 IEEE International Symposium on Software Reliability Engineering Workshops.

[4]  Robert Andrew Weaver,et al.  The Safety of Software - Constructing and Assuring Arguments , 2003 .

[5]  Tim Kelly,et al.  Combining Bayesian Belief Networks and the Goal Structuring Notation to Support Architectural Reasoning About Safety , 2007, SAFECOMP.

[6]  Hoyt Lougee,et al.  SOFTWARE CONSIDERATIONS IN AIRBORNE SYSTEMS AND EQUIPMENT CERTIFICATION , 2001 .

[7]  Tim Kelly,et al.  Gaining Confidence in Goal-based Safety Cases , 2006, SSS.

[8]  Tim Kelly,et al.  Arguing Safety - A Systematic Approach to Managing Safety Cases , 1998 .

[9]  Mehrdad Sabetzadeh,et al.  Evidence management for compliance of critical systems with safety standards: A survey on the state of practice , 2015, Inf. Softw. Technol..

[10]  Tim Kelly,et al.  Software safety assurance - what is sufficient? , 2009, ICONS 2009.

[11]  Lukasz Cyra,et al.  Expert Assessment of Arguments: A Method and Its Experimental Evaluation , 2008, SAFECOMP.

[12]  Jian-Bo Yang,et al.  On the evidential reasoning algorithm for multiple attribute decision analysis under uncertainty , 2002, IEEE Trans. Syst. Man Cybern. Part A.

[13]  Ewen Denney,et al.  Towards Measurement of Confidence in Safety Cases , 2011, 2011 International Symposium on Empirical Software Engineering and Measurement.

[14]  Tim Kelly,et al.  Achieving Integrated Process and Product Safety Arguments , 2007, SSS.

[15]  Glenn Shafer,et al.  A Mathematical Theory of Evidence , 2020, A Mathematical Theory of Evidence.

[16]  John A. McDermid,et al.  Defence Standard 00-56 Issue 4: Towards Evidence-Based Safety Standards , 2009, SSS.

[17]  Jian-Bo Yang,et al.  Environmental impact assessment using the evidential reasoning approach , 2006, Eur. J. Oper. Res..

[18]  Richard Hawkins,et al.  A New Approach to creating Clear Safety Arguments , 2011, SSS.

[19]  Ewen Denney,et al.  A Lightweight Methodology for Safety Case Assembly , 2012, SAFECOMP.

[20]  Insup Lee,et al.  A Systematic Approach to Justifying Sufficient Confidence in Software Safety Arguments , 2012, SAFECOMP.

[21]  John A. McDermid,et al.  Safety Case Construction and Reuse Using Patterns , 1997, SAFECOMP.

[22]  Arthur P. Dempster,et al.  A Generalization of Bayesian Inference , 1968, Classic Works of the Dempster-Shafer Theory of Belief Functions.

[23]  Neil Walkinshaw Using evidential reasoning to make qualified predictions of software quality , 2013, PROMISE.

[24]  Pearl Brereton,et al.  Does the technology acceptance model predict actual use? A systematic literature review , 2010, Inf. Softw. Technol..

[25]  Fred D. Davis A technology acceptance model for empirically testing new end-user information systems : theory and results , 1985 .

[26]  David Wright,et al.  Confidence: Its Role in Dependability Cases for Risk Assessment , 2007, 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'07).