short-paper

Compliance of agilized (software) development processes with safety standards: a vision

Authors:

Barbara Gallina,

Julieth Patricia Castellanos ArdilaAuthors Info & Claims

XP '18: Proceedings of the 19th International Conference on Agile Software Development: Companion

Article No.: 14, Pages 1 - 6

https://doi.org/10.1145/3234152.3234175

Published: 21 May 2018 Publication History

Abstract

Hybrid software development, meant as a combination of traditional and agile methods/practices, has become a reality in safety-critical systems engineering. The spreading of hybrid software development stems from the impossibility to face the manyfold challenges via the definition of a process by the book. In this context, compliance management becomes challenging and the role of existing means for compliance should be clarified/rethought. In this position paper, we discuss the challenges and we propose our compliance management vision, which is being implemented in the context of the EU ECSEL AMASS project.

References

[1]

BS EN 50126. 1999. Railway Applications: The Specification and Demonstration of Reliability. Availability, Maintainability and Safety (RAMS). (1999).

[2]

IEC 61508. 2010. Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems. (2010).

[3]

AMASS. 2016. Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems. http://www.amass-ecsel.eu/. (2016).

[4]

G. Antoniou, D. Billington, G. Governatori, and M. J. Maher. 2001. Representation Results for Defeasible Logic. ACM Transactions on Computational Logic 2, 2 (2001), 255--287.

Digital Library

[5]

A. Bärwald. 2014. ISO 26262 compliance-Addressing the compliance complexity of safety-relevant E/E systems. White Paper, Tüv Süd. (2014). Last accessed: 2018-06-02.

[6]

J. Castellanos Ardila and B. Gallina. 2017. Formal Contract Logic Based Patterns for Facilitating Compliance Checking against ISO 26262. In 1st Workshop on Technologies for Regulatory Compliance, CEUR Workshop Proceedings, Luxembourg, December 13, 2017. 65--72.

[7]

J. Castellanos Ardila and B. Gallina. 2017. Towards Efficiently Checking Compliance Against Automotive Security and Safety Standards. In 7th IEEE International Workshop on Software Certification (WoSoCer) satellite event of ISSRE, Toulouse, France, October 23--26, 2017. IEEE Computer Society, 317--324.

[8]

J. Castellanos Ardila and B. Gallina. 2017. Towards Increased Efficiency and Confidence in Process Compliance. In 24th European Conference on Systems, Software and Services Process Improvement (EuroSPI), Ostrava, Czech Republic, September 6--8, 2017. Springer, 162--174.

[9]

M. Conrad. 2012. Artifact-Centric Compliance Demonstration for ISO 26262 Projects Using Model-Based Design. In GI-Jahrestagung, Vol. 208. GI, 807--816.

[10]

ECSEL - AMASS. 2016. D2.2 AMASS reference architecture (a). (2016). Last accessed: 2018-03-09.

[11]

B. Fitzgerald, K. J. Stol, R. O'Sullivan, and D. O'Brien. 2013. Scaling Agile Methods to Regulated Environments: An Industry Case Study. In 35th International Conference on Software Engineering (ICSE), San Francisco, CA, USA, May 18--26, 2013. IEEE Computer Society, 863--872.

Digital Library

[12]

B. Gallina. 2014. A Model-driven Safety Certification Method for Process Compliance. In 2nd International Workshop on Assurance Cases for Software-intensive Systems, joint event of ISSRE, Naples, Italy, November 3--6, 2014. IEEE, 204--209.

Digital Library

[13]

B. Gallina, E. Gómez-Martínez, and C. Benac Earle. 2016. Deriving Safety Case Fragments for Assessing MBASafe's Compliance with EN 50128. In 16th International Conference on Software Process Improvement and Capability Determination (SPICE), Dublin, Ireland, June 9--10, 2016 (Communications in Computer and Information Science), Vol. 609. Springer, 3--16.

[14]

B. Gallina and M. Nyberg. 2015. Reconciling the ISO 26262-compliant and the Agile Documentation Management in the Swedish Context. In third Workshop on Critical Automotive applications: Robustness & Safety (CARS), Paris, France, September 7--11, 2015, M. Roy (Ed.). open-access eternal archive HAL. https://hal.archives-ouvertes.fr/hal-01192981

[15]

B. Gallina, I. Sljivo, and O. Jaradat. 2012. Towards a Safety-Oriented Process Line for Enabling Reuse in Safety Critical Systems Development and Certification. In 35th Annual IEEE Software Engineering Workshop (SEW), Heraclion, Crete, Greece, October 12--13, 2012. IEEE Computer Society, 148--157.

Digital Library

[16]

B. Gallina and Z. Szatmári. 2015. Ontology-based Identification of Commonalities and Variabilities among Safety Processes. In 16th International Conference on Product-Focused Software Process Improvement (PROFES), Bolzano, Italy, December 2--4, 2015. Springer, 182--189.

Digital Library

[17]

G. Governatori. 2005. Representing Business Contracts in RuleML. International Journal of Cooperative Information Systems. 14, 2--3 (2005), 181--216.

[18]

G. Governatori. 2015. The Regorous Approach to Process Compliance. In IEEE 19th International Enterprise Distributed Object Computing Workshop (EDOCW), Adelaide, Australia, September 21--25, 2015. IEEE, 33--40.

Digital Library

[19]

ISO26262. 2011. Road vehicles Ð Functional safety. International Standard, November. (2011).

[20]

G. Koliadis and A. Ghose. 2007. Verifying Semantic Business Process Models in Verifying Semantic Business Process Models in Inter-operation. In IEEE International Conference on Service-Oriented Computing (SCC), Salt Lake City, Utah, USA, July 9--13, 2007. IEEE Computer Society, 731--738.

[21]

M. Kuhrmann, P. Diebold, J. Münch, P. Tell, V. Garousi, M. Felderer, K. Trektere, F. McCaffery, O. Linssen, E. Hanser, and C. R. Prause. 2017. Hybrid Software and System Development in Practice: Waterfall, Scrum, and Beyond. In International Conference on Software and System Process (ICSSP), Paris, France, July 5--7, 2017. ACM, New York, NY, USA, 30--39.

Digital Library

[22]

M. Kuhrmann, P. Diebold, J. Münch, P. Tell, K. Trektere, F. Mc Caffery, V. Garousi, M. Felderer, O. Linssen, E. Hanser, and C. R. Prause. 2018. Hybrid Software Development Approaches in Practice: A European Perspective. IEEE Software (2018).

[23]

R. Maguire. 2006. Safety Cases and Safety Reports: Meaning, Motivation and Management. CRC Press.

Digital Library

[24]

The Agile Manifesto. 2001. Manifesto for Agile Software Development. http://agilemanifesto.org/. (2001). Last accessed: 2018-03-01.

[25]

J. Marsden, A. Windisch, R. Mayo, J. Grossi, J. Villermin, L. Fabre, and C. Aventini. 2018. ED-12C/DO-178C vs. Agile Manifesto: A Solution to Agile Development of Certifiable Avionics. In 9th European Congress Embedded Real Time Software and Systems (ERTS), Toulouse, France, January 30-February 2, 2018.

[26]

F. McCaffery, M. Lepmets, K. Trektere, Ö. Özcan-Top, and M. Pikkarainen. 2016. Agile Medical Device Software Development. International Journal on Advances in Life Sciences (2016), 181--216.

[27]

B. McIsaac. 2015. IBM Rational Method Composer: Standards Mapping. Technical Report. IBM Developer Works. 1--19 pages.

[28]

F. UL Muram, B. Gallina, and L. Gomez Rodriguez. 2018. Preventing Omission of Key Evidence Fallacy in Process-based Argumentations. In 11th International Conference on the Quality of Information and Communications Technology (QUATIC), Coimbra, Portugal, September 4--7, 2018. (in press).

[29]

Object Management Group (OMG). 2008. Software & Systems Process Engineering Metamodel Specification (SPEM), Version 2.0. http://www.omg.org/spec/SPEM/2.0/. (2008). Last accessed: 2018-03-01.

[30]

Object Management Group (OMG). 2013. Structured Assurance Case Metamodel Specification, Version 1.0. https://www.omg.org/spec/SACM/1.0/About-SACM/. (2013). Last accessed: 2018-03-01.

[31]

RTCA Inc. 2013. Software Considerations in Airborne Systems and Equipment Certification, RTCA DO-178C (EUROCAE ED-12C). Washington DC.

[32]

J. M. Rushby. 2007. Just-in-Time Certification. In 12th International Conference on Engineering of Complex Computer Systems (ICECCS), Auckland, New Zealand, July 10--14 2007. IEEE Computer Society, 15--24.

Digital Library

[33]

T. Stålhane, T. Myklebust, and G. Hanssen. 2012. The application of safe scrum to IEC 61508 certifiable software. In 11th International Probabilistic Safety Assessment and Management Conference and the Annual European Safety and Reliability Conference (PSAM ESREL), Helsinki, Finland, June 25--29, 2012, Vol. 8. 6052--6061.

Cited By

Baron CLouis V(2023)Framework and tooling proposals for Agile certification of safety-critical embedded software in avionic systemsComputers in Industry10.1016/j.compind.2023.103887148(103887)Online publication date: Jun-2023
https://doi.org/10.1016/j.compind.2023.103887
Castellanos Ardila JGallina BUl Muram F(2022)Compliance checking of software processes: A systematic literature reviewJournal of Software: Evolution and Process10.1002/smr.244034:5Online publication date: 14-Mar-2022
https://doi.org/10.1002/smr.2440
Cleland-Huang JAgrawal AVierhauser MMayr-Dorn C(2021)Visualizing Change in Agile Safety-Critical SystemsIEEE Software10.1109/MS.2020.300010438:3(43-51)Online publication date: May-2021
https://doi.org/10.1109/MS.2020.3000104
Show More Cited By

Index Terms

Compliance of agilized (software) development processes with safety standards: a vision
1. Software and its engineering
  1. Software creation and management
    1. Software development process management
      1. Software development methods
        Agile software development
    2. Software verification and validation
      1. Process validation
  2. Software organization and properties
    1. Extra-functional properties
      1. Software safety

Recommendations

Introducing agile practices into development processes of safety critical software
XP '18: Proceedings of the 19th International Conference on Agile Software Development: Companion

In this paper we present AgileSafe - a method which supports introduction of agile practices into safety-critical software development processes. To represent safety assurance constraints resulting from the regulatory context, AgileSafe uses assurance ...
Best managerial practices in agile development
ACMSE '14: Proceedings of the 2014 ACM Southeast Conference

Agile development has been gaining momentum over the year. It practices are perceived by some to be the best for software development. This work investigates agile best development and managerial practices, specially the benefits for optimizing the ...
Entropy Metrics for Agile Development Processes
ISSREW '12: Proceedings of the 2012 IEEE 23rd International Symposium on Software Reliability Engineering Workshops

Agile development processes are preferred by most of the software industry over plan-driven processes in recent years. The transition from plan-driven to agile processes has surfaced a problem: How to adopt metrics that will provide information about ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

XP '18: Proceedings of the 19th International Conference on Agile Software Development: Companion

May 2018

111 pages

ISBN:9781450364225

DOI:10.1145/3234152

Conference Chair:
Ademar Aguiar
Universidade do Porto, Portugal

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 May 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Conference

XP '18 Companion

XP '18 Companion: 19th International Conference on Agile Software Development

May 21 - 25, 2018

Porto, Portugal

Acceptance Rates

Overall Acceptance Rate 11 of 15 submissions, 73%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
252
Total Downloads

Downloads (Last 12 months)24
Downloads (Last 6 weeks)2

Reflects downloads up to 26 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Baron CLouis V(2023)Framework and tooling proposals for Agile certification of safety-critical embedded software in avionic systemsComputers in Industry10.1016/j.compind.2023.103887148(103887)Online publication date: Jun-2023
https://doi.org/10.1016/j.compind.2023.103887
Castellanos Ardila JGallina BUl Muram F(2022)Compliance checking of software processes: A systematic literature reviewJournal of Software: Evolution and Process10.1002/smr.244034:5Online publication date: 14-Mar-2022
https://doi.org/10.1002/smr.2440
Cleland-Huang JAgrawal AVierhauser MMayr-Dorn C(2021)Visualizing Change in Agile Safety-Critical SystemsIEEE Software10.1109/MS.2020.300010438:3(43-51)Online publication date: May-2021
https://doi.org/10.1109/MS.2020.3000104
Castellanos-Ardila JGallina BGovernatori G(2021)Compliance-aware engineering process plans: the case of space software engineering processesArtificial Intelligence and Law10.1007/s10506-021-09285-5Online publication date: 20-Mar-2021
https://doi.org/10.1007/s10506-021-09285-5
Carlan CPetriSor DGallina BSchoenhaar H(2020)Checkable Safety Cases: Enabling Automated Consistency Checks between Safety Work Products2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)10.1109/ISSREW51248.2020.00088(295-302)Online publication date: Oct-2020
https://doi.org/10.1109/ISSREW51248.2020.00088
Gallina B(2020)A Barbell Strategy-oriented Regulatory Framework and Compliance ManagementSystems, Software and Services Process Improvement10.1007/978-3-030-56441-4_52(696-705)Online publication date: 10-Aug-2020
https://doi.org/10.1007/978-3-030-56441-4_52
Castellanos Ardila JGallina B(2020)Separation of Concerns in Process Compliance Checking: Divide-and-ConquerSystems, Software and Services Process Improvement10.1007/978-3-030-56441-4_10(135-147)Online publication date: 10-Aug-2020
https://doi.org/10.1007/978-3-030-56441-4_10
Castellanos Ardila JGallina BUl Muram F(2018)Transforming SPEM 2.0-Compatible Process Models into Models Checkable for ComplianceSoftware Process Improvement and Capability Determination10.1007/978-3-030-00623-5_16(233-247)Online publication date: 16-Sep-2018
https://doi.org/10.1007/978-3-030-00623-5_16

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten