Proving compliance of implementation models to safety specifications

Abstract

Current safety standards like the ISO 26262 require a continuous safety argumentation starting from the initial hazard and risk assessment, down to the implementation of hardware and software. To enable re-use of components and ease handling of changes in the system, modular safety cases are addressed by many research projects. Current approaches are focusing on hierarchical safety specifications describing the relevant fault propagation behavior. Nevertheless, it needs to be ensured that the final implementation meets the safety specification. Currently, this is at most a manual and error prone process of matching fault trees or test results to the specification. In this paper, we present an automated approach based on fault-injection and model checking for proving the compliance of an implementation to a safety specification. In our multi-aspect analysis, (safety and functional aspect) we rely on the popular specification mechanism of safety contracts and implementations modeled in Matlab/Stateflow. © 2014 Springer International Publishing.