1 / 7

Block, OSL and MSL Safety Argument Modules

Block, OSL and MSL Safety Argument Modules. Overview. Block, OSL and MSL Modules provide the same top-level goal “{Guarantee X} is sufficiently assured” Saw how Block must guarantee certain behaviour to support the SR module

eshe
Download Presentation

Block, OSL and MSL Safety Argument Modules

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Block, OSL and MSL Safety Argument Modules 19/04/07

  2. Overview • Block, OSL and MSL Modules provide the same top-level goal • “{Guarantee X} is sufficiently assured” • Saw how Block must guarantee certain behaviour to support the SR module • OSL, and MSL must similarly guarantee certain behaviour to support other modules • Note that these Modules don’t need to argue these guarantees are safe, onlythat they are provided • Again there are two main claims supported in these Modules: • Each Guarantee is assured • Product Argument • The process used in implementing the guarantees is adequate • Process Argument 19/04/07

  3. Block/OSL/MSL Module Interface • Module is again split into two with the process argument contained within the product argument • Product argument provides the following public goal to other argument modules • This goal would be referenced when another module requires the guaranteed service • The following goal requires support from other Modules • Note that dependencies may be identified at many different development levels 19/04/07

  4. Guarantee is assured • The argument can be made by mapping the Guarantee down through each level of development • Once down to code level can appeal directly to test and verification evidence • At each level new dependencies may be identified which must be satisfied • Dependencies for each Guarantee are identified in DGRs 19/04/07

  5. Guarantee is assured • Each dependency at each level must be satisfied • This is done by the Guarantees of other modules 19/04/07

  6. Guarantee is assured • A SC contract must be formed with each of the Modules whose guaranteed behaviour is required to support a dependency • The Blocks may, for example, have dependencies supported by the OSL, the OSL by the MSL and so on... 19/04/07

  7. Process Argument • The process argument must cover all aspects of the development process • Including the DGR process • For each aspect of the process it must be shown that it is adequate and followed 19/04/07

More Related