CyberGSN: A Semi-formal Language for Specifying Safety Cases

Tewodros Beyene and Carmen Cârlan

Proceedings of the 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W),

June 2021 · doi: 10.1109/DSN-W52860.2021.00021

abstract

The use of safety cases to explicitly present safety considerations and decisions is a common practice in the safety-critical domain. A safety case can be used to scrutinize the safety assessment approach used by practitioners internally, or as an input for the certification process for an external certifying authority. However, safety cases are still created manually to explicate the followed safety assessment and assurance measures. In addition, although safety cases may be created in a modular way by multiple entities, and it may be critical for each entity to digitally sign its part of the assurance for accountability, the common notations are not expressive enough to include the notion of entity. Especially in cyber-security applications, the notion of entity is very critical. In this paper, we propose a formal logic based language called CyberGSN, with an explicit notion of entity, that can be used for specifying safety cases and safety case patterns, enabling the automated creation and maintenance of safety cases.

subject terms: Safety Case, Pattern, Entity, Decentralization, Model-based Systems Engineering, MbSE