240 likes | 359 Views
An Implementation of GSN Community Standard (Preliminary Version). The University of Electro-Communications Yutaka Matsuno matsuno@is.uec.ac.jp Nagoya University Shuichiro Yamamoto yamamotosui@icts.nagoya-u.ac.jp. ⓒ 2013 UEC Tokyo. Contents. DEOS and D-Case Editor Purposes
E N D
An Implementation of GSN Community Standard(Preliminary Version) The University of Electro-Communications Yutaka Matsuno matsuno@is.uec.ac.jp Nagoya University Shuichiro Yamamoto yamamotosui@icts.nagoya-u.ac.jp ⓒ 2013 UEC Tokyo.
Contents • DEOS and D-Case Editor • Purposes • D-Case Editor Implementation • Patterns and Modules • Concluding Remarks No.2 ⓒ 2013 UEC Tokyo.
DEOS and D-Case DEOS (Dependable Embedded Operating System) project funded by Japan Science and Technology Agency (2006.10 – 2014.3) • D-Case project, a sub project for assurance cases (2010.4-) • Tool Implementation: D-Case Editor, D-Case/Agda, etc, … • Lectures, meetings, assurance case experiments with Japanese industries No.3 ⓒ 2013 UEC Tokyo.
D-Case Meetings • 2012.9.14(Nagoya), 12.20(Nagoya), 2013.4.19(Tokyo) • Discussions • Introduction of assurance cases in industries • Use in ISO26262 • Visibility of GSN, etc • Participants • Toyota、Yokogawa Electronics、IBM、 • Ogis RI、NTT Data、Denso Create、 • Fuji Xerox, etc http://www.dcase.jp (sorry, only in Japanese) No.4 ⓒ 2013 UEC Tokyo.
D-Case Editor • A Free Eclipse based GSN editor (2010.4-) • http://www.dependable-os.net/tech/D-CaseEditor/D-Case_Editor.html ,or google “D-Case Editor” • Purposes • Writing, presenting, sharing GSN • A few hundred downloads, tested by D-Case meeting participants and researchers in world • Prototyping research outcomes, e.g., D-Case/Agda, parameterised GSN patterns, Monitoring, … No.5 ⓒ 2013 UEC Tokyo.
D-Case Editor Snapshot GSN nodes Eclipse Workspace Projects D-Case extensions Canvas No.6 ⓒ 2013 UEC Tokyo.
D-Case Editor Functions Today’s topic Already implemented Partly implemented No.7 ⓒ 2013 UEC Tokyo.
Contents • DEOS and D-Case Editor • Purposes • D-Case Editor Implementation • Modules and Patterns • Concluding Remarks No.8 ⓒ 2013 UEC Tokyo.
Purposes of this work • Compliant to standards is also important • OMG ARM, SACM at system assurance task force • GSN Community Standard v1.0 (2011) • When implementing GSN Community Standard, we have several design choices • By showing our design choices, we hope to contribute to facilitate assurance case tool implementation • There are not so much assurance case tools yet(before coming to ASSURE2013) No.9 ⓒ 2013 UEC Tokyo.
Contents • DEOS and D-Case Editor • Purposes • D-Case Editor Implementation • Patterns and Modules • Concluding Remarks No.10 ⓒ 2013 UEC Tokyo.
GSN Community Standard v1.0 • Part 0 Introduction and Concepts • Part 1 Definition of GSN • Annexes to Part 1 • Extension to GSN to support argument patterns • Modular extensions to GSN • Part 2 Guidance on the development and evaluation of goal structures • Annexes to Part 2 No.11 ⓒ 2013 UEC Tokyo.
GSN Modules B1.3.2.3 Contract modules can be used in the support relationship between modules to aid decoupling as shown in Figure 32. This de-coupling permits argument module construction in cases where the eventual source of support for an argument is unknown at the time of authoring or can be changed for example through re-use or planned product improvement or reconfiguration. (GSN Standard, p23) Current Implementation No.12 ⓒ 2013 UEC Tokyo.
GSN Patterns We focus on parameters No.13 ⓒ 2013 UEC Tokyo.
Design Choices for Modules(GSN Standard, p.17) • What is module? • Interpret module as “a GSN tree with one top goal” • Away goals, solutions, contexts, … “module” is not so clearly defined Argument = GSN? We do not want to introduce “away” nodes for each kind of GSN nodes (too many kinds of nodes) No.14 ⓒ 2013 UEC Tokyo.
Design Choices for Modules(GSN Standard p.17) • Away goals by color change Referring node as green Referred node as orange No.15 ⓒ 2013 UEC Tokyo.
Inter-Module notation • Automatically generate inter-module notation GSN Community Standard, P23 No.16 ⓒ 2013 UEC Tokyo.
Some issues in Parameters We focus on parameters How to define parameters? What is the scope of parameters? In {System X}, what is “System”? No.17 ⓒ 2013 UEC Tokyo.
Design Choices for Patterns • Use context nodes to define parameters • Scope is subtree of goal of the context • Introduce types for parameters • Currently Int, double, string, enum No.18 ⓒ 2013 UEC Tokyo.
A Snap Shot of Parameter Definition of Availability Definition of SIL Scope of SIL Scope of Availability No.19 ⓒ 2013 UEC Tokyo.
Further Issue Example Should Parameters and other information traverse across modules? If away goal is a reference to the source module, it should not. If source module is a local module, it should Source Module x: int Away Goal G1 …x… x: int Source Module No.20 ⓒ 2013 UEC Tokyo.
Publically available toolswe have tested Waiting for AdvoCATE to be released as open/free source! I will also try AutoFOCUS3 No.21 ⓒ 2013 UEC Tokyo.
Concluding Remarks • Prototype implementation of GSN community standard v1.0, to facilitate tool implementation Tool Implementation Standardization Use in industries No.22 ⓒ 2013 UEC Tokyo.
D-Case Server • Integration of D-Case Editor and Alfresco D-Case Editor D-Case Editor Users at Nagoya (Shuichiro and students) D-Case Server at Akihabara, Tokyo User at Tokyo (Yutaka) D-Case Editor Version Control, User Management, etc using Alfresco. open and free content management system http://www.alfresco.com …. If you are interested in using D-Case Editor, please let me know Users at Nara