From Natural Language to Semi-Formal Notation Requirements for Automotive Safety 2015-01-0265

The standard ISO 26262 stipulates a “top-down” approach based on the process “V” model, by conducting a hazard analysis and risk assessment to determine the safety goals, and subsequently derives the safety requirements down to the appropriate element level. The specification of safety goals is targeted towards identified hazardous events, whereas the classification of safety requirements does not always turn out non-ambiguous. While requirement formalization turns out to be advantageous, the translation from natural language to semi-formal requirements, especially in context of ISO 26262, poses a problem. In this publication, a new approach for the formalization of safety requirements is introduced, targeting the demands of safety standard ISO 26262. Its part 8, clause 6 (“Specification and management of safety requirements”) has no dedicated work product to accomplish this challenging task. The five levels of requirements for writing safety requirements are distributed throughout the standard, increasing the probability of misapplication. For these reasons, a dedicated requirement template is proposed. It is applicable for writing new or checking existing requirements, independent of any tool. By reviewing a number of industrial relevant use cases the applicability of the new template is verified and its effectiveness is demonstrated. Furthermore, a semi-formal notation technique is shown to express these formalized requirements, including their associated attributes and resulting relationships. By following the proposed approach, we meet the obligations of ISO 26262 to write e.g. unambiguous, consistent, verifiable, and complete requirements. In the end, this has the potential to dramatically reduce the probability of systematic failures during development of automotive embedded systems.