An assurance case forms a framework for managing system assurance and communicating results of the assessment. Any changes of the system affect the assurance case, in particular the context of the argument and the evidence. We will present a mechanism in NOR-STA to process live data produced by the system and update the argument and the system assurance assessment.
Live data is any data produced automatically by a system, not by a process controlled by humans. Unlike the documents used as evidence the live data is not subject to any human review nor approval. It may contain information about the system state or properties relevant for the assurance case and may be used as the evidence. Life data may evolve depending on changes of the system and its environment. The system assurance process should take into account the live data and their impact on system assurance level.
The idea is to transfer of live data produced by a system to the assurance case and then to update the its assessment. NOR-STA uses webservices for data transfer and updating the evidence to represent the current state of the system. The changes are propagated up the argument depending on the relations between argument elements. This process can be automated when precise rules are defined for each step. The whole process starts with the data provided by the system and goes up the argument structure from the evidence to the top claim.
The main steps are as follows:
1. System change. The live data of the system is produced or updated. The data should be identified and made available for transfer to the argument.
2. Data transfer. The content of assurance case evidence is updated. In our demonstration project we applied a service which connects to a source system webservices to extract the data and then update assurance case evidence.
3. Update of the evidence assessment. When there are specified rules for the assessment depending on the evidence data this process can be performed automatically.
4. Assessment propagation in assurance case. Depending on the assurance case structure the low level argument assessment is propagated to higher levels of the argument.
5. Results reported to the user. Any change can have impact on the high level claims or other modules of the argument. Changes of the assessment may be presented in reports and notifications for users.
The process is implemented in the demo project presented in the video above. The goal of the argumentation is to present a simplified assessment of safety from covid-19. Three safety indicator have been specified for each country. Data for these indicators is provided by an external system and uploaded to the assurance case daily. Changes to the data affect the assessment of the argument.
You are invited to visit demo project to see how assurance monitoring can be implemented in NOR-STA. The evidence in the demonstration project is updated daily depending on the current values of live data provided by the source system.