How Do Practitioners Perceive Assurance Cases in Safety-Critical Software Systems?

TL;DR

This study explores practitioners' perceptions of safety assurance cases in safety-critical software, highlighting benefits, challenges, and suggestions for improving adoption and integration.

Contribution

It provides empirical insights into practitioners' views on SACs, identifying key challenges and proposing organizational and process improvements for better adoption.

Findings

Practitioners find SACs beneficial for safety communication and management.

Main challenges include lack of tool support, process integration issues, and limited experienced personnel.

Participants suggest creating direct safety arguments and organizational adjustments to enhance SAC adoption.

Abstract

Safety-critical software systems are those whose failure or malfunction could result in casualty and/or serious financial loss. In such systems, safety assurance cases (SACs) are an emerging approach that adopts a proactive strategy to produce structuralized safety justifications and arguments. While SACs are recommended in many software-intensive safety-critical domains, the lack of knowledge regarding the practitioners' perspectives on using SACs hinders effective adoption of this approach. To gain such knowledge, we interviewed nine practitioners and safety experts who focused on safety-critical software systems. In general, our participants found the SAC approach beneficial for communication of safety arguments and management of safety issues in a multidisciplinary setting. The challenges they faced when using SACs were primarily associated with (1) a lack of tool support, (2) insufficient process integration, and (3) scarcity of experienced personnel. To overcome those challenges, our participants suggested tactics that focused on creating direct safety arguments. Process and organizational adjustments are also needed to streamline SAC analysis and creation. Finally, our participants emphasized the importance of knowledge sharing about SACs across software-intensive safety-critical domains.