On the Synthesis and Validation of Safety Assessment Models 2011-01-2549

Safety is one of the most important aspects of which we are concerned with in the field of aerospace-systems development. There are a variety of safety assessment activities that are performed throughout a system's lifecycle. Multiple interrelated safety analysis artifacts are generated from the process. However, requirements and guidance for the synthesis and validation of the results of this analysis are insufficient and are not explicit. In traditional system development processes, certification coordination, safety assessment, requirements validation, and implementation verification are generally treated as supporting processes, which are concurrent and interactively dependent throughout the iterative development of a system. In SAE ARP4754A, these processes are stressed as integral processes with traceability between safety requirements and the dependencies between safety assessment activities highlighted as an important concern. In this paper, we review the current practice on the synthesis and validation of safety assessment models in the civil aerospace sector and investigate the role of safety arguments in these two aspects. In particular, we examine the interrelationship between safety arguments and safety requirements capture and validation activities, which leads to the primary safety argument integrating safety analysis results. We also examine the concerns of safety assessment model validity and address these explicitly using backing arguments for the justification of the adequacy of safety assessment models. The synthesis and justification of safety assessment models are illustrated with examples from MISSA (More Integrated Systems Safety Assessment), an EU FP7 project in the transportation sector. Finally, the supporting tool platform that has been created on this project is presented. This platform facilitates organization of the data from, and communication between, safety modeling activities, and enables data sharing and tracing between safety arguments and models.