An assurance case forms a framework for managing system assurance and communicating results of the assessment. Any changes of the system affect the assurance case, in particular the context of the argument and the evidence. We will present a mechanism in NOR-STA to process live data produced by the system and update the argument and the system assurance assessment.
Live data is any data produced automatically by a system, not by a process controlled by humans. In contrast to the documents used as evidence the live data is not subject to any human review nor approval. It may contain information about the system state or properties relevant for the assurance case and may be used as an evidence. Live data may evolve depending on changes of the system. The system assurance process should cover live data and its impact on system assurance level.
The idea is to transfer of live data produced by a system to the assurance case and then to update the assurance case. In NOR-STA We use webservices for data transfer and updating the the evidence to represent the current state of the system. The changes are propagated in the argument depending on the relations between argument elements. This process can be automated when precise rules are defined for each step. The whole process starts with the data provided by the system and goes up the argument structure from the evidence to the top claim.
The main steps are as follows:
1. System change. The live data of the system is produced or updated. The data should be identified and made available for transfer to the argument.
2. Data transfer. The content of assurance case evidence is updated. In our demonstration project we applied a service which connects to a source system webservices to extract the data and then update assurance case evidence.
3. Update of the evidence assessment. When there are specified rules for the assessment depending on the evidence data this process can be performed automatically.
4. Assessment propagation in assurance case. Depending on the assurance case structure the low level argument assessment is propagated to higher levels of the argument.
5. Results reported to the user. Any change can have impact on the high level claims or other modules of the argument. Changes of the assessment may be presented in reports and notifications for users.
The process is implemented in the demonstration project. The goal of the argumentation is to present a simplified assessment of safety from covid-19. Three safety indicator are assessed for each of selected countries. Once per day the evidence data for each indicator is updated. The current values are specified in descriptions of references in the argument. The value is used to calculate the assessment.
You are welcome to visit → demonstrator project to see how assurance monitoring can be implemented in NOR-STA. The evidence in the demonstration project is updated daily depending on the current values of live data provided by the source system.