Georgios Despotou

Combining software evidence: arguments and assurance

Argumentation is an approach which can be used for describing how evidence satisfies requirements and objectives. A structured argumentation notation allows developers to determine the need for individual items of evidence and allows reviewers to determine whether a complete set of evidence satisfies the requirements. This paper introduces an established argumentation notation from the safety critical domain, as well as new research into dependability arguments and assurance of arguments. These techniques and concepts have been applied to the development and certification of safety critical software and it is believed they are both applicable to and beneficial for the wider field of evidence-based software engineering.

Introducing safety cases for health IT

Introduction of IT in the health domain can potentially benefit the quality of the delivered healthcare, also contributing to increase safety. However health IT systems themselves can have safety implications and can result in accidents. Creating a safety case has been in practice in numerous domains and is starting to be adopted in the health IT domain with the most notable example, that of the UK National Health Service (NHS), Information Standards Board for Health and Social Care (ISB) standards (formerly DSCN 14/2009 & DSCN 18/2009). Safety cases can be thought of as a defensible, comprehensible and clear argument, supported by evidence that a system is acceptably safe in its operational context. This paper presents the main areas of safety case practice and its implication for the health IT development and stakeholders.

Distinguishing Fact from Fiction in a System of Systems Safety Case

Based on our recent experience, ‘distinguishing fact from fiction’ in relation to System of Systems (SoS) safety has emerged as a pertinent topic in a number of senses. From an analytical perspective, we recognise that it would be a mistake to treat a SoS as ‘just another complex system’. The defining properties of a SoS mean that traditional analysis methods may fall short if applied without additional support. On the other hand, we also argue that the structured and comprehensive analysis of a SoS need not be so complex as to be impractical.

Towards Using Simulation to Evaluate Safety Policy for Systems of Systems

The increasing role of Systems of Systems (SoS) in safety-critical applications establishes the need for methods to ensure their safe behaviour. One approach to ensuring this is by means of safety policy -- a set of rules that all the system entities must abide by. This paper proposes simulation as a means to evaluate the effectiveness of such a policy. The requirements for simulation models are identified, and a means for decomposing high-level policy goals into machine-interpretable policy rules is described. It is then shown how the enforcement of policy could be integrated into a simple agent architecture based around a blackboard. Finally, an approach to evaluating the safety of a system based using simulation techniques is outlined.

Evaluation and Integration of COTS in Evidence based Assurance Frameworks

COTS have increasingly been used by industrial practice as a means of maintaining low development costs of a product, whilst offering significant capability upgrades. COTS are multipurpose products driven by commonly used functionality. However, being general purpose products raises certain challenges regarding their ability to be certified. Previously used (process-based) standards stipulated a process that the product needed to adhere to. This involved production of a generic set of evidence known as the certification pack (CertPack). Being the product of a generic test process, the available (CertPack) COTS evidence may not be sufficient or suitable to support the developers’ safety claims. The challenges raised by use of COTS in such assurance frameworks can have ramifications on a project both from a managerial and safety assurance perspective. The paper presents an analysis of the challenges from the use of CertPack and their impact on assurance and project management. Moreover a process is presented that assists de-risking the integration of evidence, as early as possible during system development or upgrade.

Eliciting safety policy and balancing with operational fitness in systems of systems

Systems of systems (SoS) demonstrate a number of distinguishing characteristics, such as the autonomy of their constituent systems and the resulting emergent behaviour. The elements of SoS are united by a common purpose but, in order to operate in a manner that does not lead to accidents, must also comply with a consistent set of rules. Policy is just such a set of rules that provides an effective means for constraining the behaviour of the elements in a SoS within the boundaries of acceptably safe behaviour. However, addressing safety as the utmost objective can affect, and potentially compromise, other operational characteristics of the SoS, such as performance, mission effectiveness and availability. This can have an adverse effect on the SoS achieving operational objectives, consequently leading to unacceptable operation. In this paper we present and demonstrate how we can balance safety with other operational characteristics. This is achieved by assessing the operational consequences of policy implementation decisions and by making justified trade-offs. This is illustrated using a network centric warfare (NCW) example

Key Issues on Assuring the Safe Operation of Heath IT Systems.

The paper discusses the motivation behind the safety assurance of health IT, lists pertinent standards and regulation, as well as discussing prominent challenges in the field of health I safety.

Deviation based Safety Analysis and Justification of Clinical Services.

The paper describes safety analysis and justification of a clinical service (accidents and emergencies), using a deviation based approaches.