Model-based assurance evidence management for safety-critical systems

Most safety-critical systems are subject to rigorous assurance processes to justify that the systems satisfy given requirements and are dependable. These processes are typically conducted in compliance with standards and require the provision of assurance evidence in the form of system artifacts, such as system specifications and testing results. The management of assurance evidence is usually a complex process because of the large number of artifacts to deal with, the amount of information to gather about the artifacts, and the need to guarantee evidence quality, among other issues. Our aim is to facilitate assurance evidence management by means of a model-based approach. The approach is based on a metamodel that defines the information to be collected about evidence artifacts during their lifecycle. A process for assurance evidence management and usage guidance are also presented. The approach has been developed in the scope of several industry-academia projects, implemented in the OpenCert tool, and validated by practitioners in 10 industrial case studies. Based on the results of the validation, we argue that the approach is an effective means for assurance evidence management and that it could improve the state of the practice.