Integrating STPA with Safety Requirements Modeling

Moniky Ribeiro; Jaelson Castro; Ricardo Argenton

doi:10.5753/sbes.2024.3529

Moniky Ribeiro UFPE
Jaelson Castro UFPE
Ricardo Argenton UNIVASF

DOI: https://doi.org/10.5753/sbes.2024.3529

Resumo

Context: Requirements modeling is essential for Safety-Critical Systems because accidents are often due to inaccurate, incomplete or inconsistent requirements. The main reason of bad requirements is poor communication between safety engineers and requirements engineers. Objective: Our goal is to propose an approach that enable safety requirements to reflect the findings of the initial safety analysis phase. Method: We integrate two techniques 1) iStar4Safety, a goal-oriented requirements modeling language tailored for safety requirements and 2) STPA (System Theoretic Process Analysis), a well-recognized and accepted safety analysis technique. Results: Through this integration, our framework promises a more systematic and comprehensive approach to modeling early safety requirements. It supports the elicitation and analysis of safety concerns, fosters stakeholder communication, and underpins the development of inherently safer and more reliable critical systems. Conclusions: A real project, related to development of a low-cost Insulin Infusion Pump System - IIP, serves as example to illustrate the effectiveness of the proposed approach. Preliminary results indicates that the approach contributes to improving the visualization of the safety related information generated in the safety analysis such as the accidents, system level hazards, hazard causes, hazard mitigations, and safety requirements.

Palavras-chave: safety requirements, safety critical systems, iStar4Safety, STPA

Referências

Esra Bas. 2020. STPA methodology in a socio-technical system of monitoring and tracking diabetes mellitus. Applied Ergonomics 89 (2020), 103190. DOI: 10.1016/j.apergo.2020.103190

Sana Debbech, Philippe Bon, and Simon Collart-Dutilleul. 2019. Conceptual Modelling of the Dynamic Goal-oriented Safety Management for Safety Critical Systems. In Proceedings of the 14th International Conference on Software Technologies (Prague, Czech Republic) (ICSOFT 2019). SCITEPRESS - Science and Technology Publications, Lda, Setubal, PRT, 287–297. DOI: 10.5220/0007932502870297

S. Fugivara, A.V.D. Merladet, and C.H.N Lahoz. 2021. STPA Analysis of Brazilian Sounding Rockets Launching Operations. Microgravity Sci. Technol. 33, 43 (jun 2021). DOI: 10.1007/s12217-021-09871-x.

Enyo Gonçalves, Marcos Antônio de Oliveira, Ingrid Monteiro, Jaelson Castro, and João Araújo. 2018. Understanding what is important in iStar extension proposals: the viewpoint of researchers. Requirements Engineering (20 Jul 2018). DOI: 10.1007/s00766-018-0302-5

John C. Knight. 2002. Safety Critical Systems: Challenges and Directions. In Proceedings of the 24th International Conference on Software Engineering (Orlando, Florida) (ICSE ’02). ACM, New York, NY, USA, 547–550. DOI: 10.1145/581339.581406

Nancy G. Leveson. 2011. Engineering a Safer World: Systems Thinking Applied to Safety. Mit Press, Massachusetts, London, England.

Nancy G Leveson and John P. Thomas. 2018. STPA Handbook (first ed.).

Aldo Martinazzo. 2022. Gerenciamento de risco de uma bomba de infusão de insulina de baixo custo (in English: Risk management of a low-cost insulin infusion pump).

Luiz Eduardo G. Martins, Hanniere de Faria, Lucas Vecchete, Tatiana Cunha, Tiago de Oliveira, Dulce E. Casarini, and Juliana Almada Colucci. 2015. Development of a Low-Cost Insulin Infusion Pump: Lessons Learned from an Industry Case. In Proceedings of the 2015 IEEE 28th International Symposium on Computer-Based Medical Systems (CBMS ’15). IEEE Computer Society, Washington, DC, USA, 338–343. DOI: 10.1109/CBMS.2015.14

Luiz Eduardo G. Martins and Tony Gorschek. 2017. Requirements Engineering for Safety-Critical Systems: Overview and Challenges. IEEE Software 34, 4 (2017), 49–57. DOI: 10.1109/MS.2017.94

Luiz E. G Martins and Tony Gorschek. 2022. Requirements Engineering for Safety-Critical Systems. River, Denmark.

John Mylopoulos, Lawrence Chung, and Eric Yu. 1999. From Object-oriented to Goal-oriented Requirements Analysis. Commun. ACM 42, 1 (Jan. 1999), 31–37. DOI: 10.1145/291469.293165

Moniky Ribeiro. 2019. Desenvolvimento de uma extensão da linguagem de modelagem iStar para Sistemas Críticos de Segurança - iStar4Safety. (in English: Development of an extension of the iStar modeling language for Safety Critical Systems - iStar4Safety).

Moniky Ribeiro, Jaelson Castro, and João Pimentel. 2019. iStar for Safety-Critical Systems. In Proceedings of the 12th International i* Workshop co-located with 38th International Conference on Conceptual Modeling (ER 2019), Salvador, Brazil, November 4th, 2019 (CEUR Workshop Proceedings, Vol. 2490), João Pimentel, Juan Pablo Carvallo, and Lidia López (Eds.). CEUR-WS.org. [link]

Moniky Ribeiro, Jaelson Castro, Ricardo Argenton Ramos, Maria Lencastre, Abimael Santos, and Oscar Pastor. 2023. Integrating Goal Oriented Requirements Modeling and Safety Analysis with Requirements4Safety. In Proceedings of the 16th International iStar Workshop (iStar 2023) co-located with 31st IEEE International Requirements Engineering 2023 Conference (RE 2023), Hannover, Germany, September 03-04, 2023 (CEUR Workshop Proceedings, Vol. 3533), Sotirios Liaskos, Roxana L. Q. Portugal, and Alejandro Maté (Eds.). CEUR-WS.org, 40–46. [link]

Jeremiah(Jeremiah Robertson. 2019. Systems theoretic process analysis Applied to manned-unmanned teaming. Ph.D. Dissertation.

Sepehr Sharifi, Daniel Amyot, John Mylopoulos, Patrick McLaughlin, and Ray Feodoroff. 2022. Towards Improved Certification of Complex FinTech Systems – A Requirements-based Approach. In 2022 IEEE 30th International Requirements Engineering Conference Workshops (REW). 205–214. DOI: 10.1109/REW56159.2022.00046

Sepehr Sharifi, Patrick McLaughlin, Daniel Amyot, and John Mylopoulos. 2020. Goal Modeling for FinTech Certification. In Proceedings of the Thirteenth International iStar Workshop co-located with 28th IEEE International Requirements Engineering Conference (RE 2020) (CEUR Workshop Proceedings, Vol. 2641), Renata S. S. Guizzardi and Gunter Mussbacher (Eds.). CEUR-WS.org, 73–78. [link]

Jéssyka Vilela, Jaelson Castro, Luiz Eduardo G. Martins, and Tony Gorschek. 2018. Safe-RE: A Safety Requirements Metamodel Based on Industry Safety Standards. In Proceedings of the XXXII Brazilian Symposium on Software Engineering (Sao Carlos, Brazil) (SBES ’18). ACM, New York, NY, USA, 196–201. DOI: 10.1145/3266237.3266242

Jéssyka Vilela, Jaelson Castro, Luiz Eduardo G. Martins, Tony Gorschek, and Carla Silva. 2017. Specifying Safety Requirements with GORE Languages. In Proceedings of the 31st Brazilian Symposium on Software Engineering (Fortaleza, CE, Brazil) (SBES’17). ACM, New York, NY, USA, 154–163. DOI: 10.1145/3131151.3131175

Jéssyka Vilela, Carla Silva, Jaelson Castro, Luiz Eduardo G. Martins, and Tony Gorschek. 2019. SARSSi*: a Safety Requirements Specification Method based on STAMP/STPA and i* language. In Anais do I Brazilian Workshop on Largescale Critical Systems (Salvador). SBC, Porto Alegre, RS, Brasil, 17–24. DOI: 10.5753/bware.2019.7504

Yi Zhang, Raoul Jetley, Paul L. Jones, and Arnab Ray. 2011. Generic Safety Requirements for Developing Safe Insulin Pump Software. Journal of Diabetes Science and Technology 5, 6 (2011), 1403–1419. DOI: 10.1177/193229681100500612 arXiv: [link] PMID: 22226258.

Yi Zhang, Paul L. Jones, and Raoul Jetley. 2010. A Hazard Analysis for a Generic Insulin Infusion Pump. Journal of Diabetes Science and Technology 4, 2 (2010), 263–283. DOI: 10.1177/193229681000400207 arXiv: [link] PMID: 20307387.