TY - GEN
T1 - Automatic Deduction of the Impact of Context Variability on System Safety Goals
AU - Kreutz, Andreas
AU - Weiss, Gereon
AU - Trapp, Mario
N1 - Publisher Copyright:
© 2024 IEEE.
PY - 2024
Y1 - 2024
N2 - Autonomous systems, such as trains with a high grade of automation, need to function safely in their operational context. One hindrance to the development of such systems is the high degree of variability of this context: Different context variants can have a substantial impact on the safety goals the system must fulfill to function with sufficiently low residual risk.In this paper, we propose a method for modeling and reasoning about the context variability of an autonomous system and its impact on the system's safety. We build upon contextual goal models to model the refinement of safety goals and their dependence on the environment. By introducing an explicit model of the context variability to be expected, we transform the challenge of safety in variable environments to a satisfaction modulo theories problem. This allows us to find inconsistencies and check whether a concrete context variant would allow for safe operation of the system. We demonstrate our approach with a use case from the railway domain and show its applicability to an automatic train operation system in different contexts based on map data.
AB - Autonomous systems, such as trains with a high grade of automation, need to function safely in their operational context. One hindrance to the development of such systems is the high degree of variability of this context: Different context variants can have a substantial impact on the safety goals the system must fulfill to function with sufficiently low residual risk.In this paper, we propose a method for modeling and reasoning about the context variability of an autonomous system and its impact on the system's safety. We build upon contextual goal models to model the refinement of safety goals and their dependence on the environment. By introducing an explicit model of the context variability to be expected, we transform the challenge of safety in variable environments to a satisfaction modulo theories problem. This allows us to find inconsistencies and check whether a concrete context variant would allow for safe operation of the system. We demonstrate our approach with a use case from the railway domain and show its applicability to an automatic train operation system in different contexts based on map data.
KW - context variability
KW - operational design domain
KW - safety goals fulfillment
KW - satisfaction modulo theories
UR - http://www.scopus.com/inward/record.url?scp=85194887763&partnerID=8YFLogxK
U2 - 10.1109/EDCC61798.2024.00015
DO - 10.1109/EDCC61798.2024.00015
M3 - Conference contribution
AN - SCOPUS:85194887763
T3 - Proceedings - 2024 19th European Dependable Computing Conference, EDCC 2024
SP - 1
EP - 8
BT - Proceedings - 2024 19th European Dependable Computing Conference, EDCC 2024
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 19th European Dependable Computing Conference, EDCC 2024
Y2 - 8 April 2024 through 11 April 2024
ER -