Trusta: Reasoning about Assurance Cases with Formal Methods and Large Language Models

TL;DR

Trusta is a novel tool that combines formal methods and large language models to automate and improve the creation, reasoning, and validation of assurance cases in safety-critical engineering, demonstrating practical effectiveness.

Contribution

It introduces the first integration of large language models with formal reasoning tools for assurance case development, enhancing automation and human interaction.

Findings

Achieved 50%-80% similarity between machine-generated and human-created assurance cases.

Successfully extracted formal constraints from natural language texts for easier validation.

Proved effective in identifying subtle issues in industrial case studies.

Abstract

Assurance cases can be used to argue for the safety of products in safety engineering. In safety-critical areas, the construction of assurance cases is indispensable. Trustworthiness Derivation Trees (TDTs) enhance assurance cases by incorporating formal methods, rendering it possible for automatic reasoning about assurance cases. We present Trustworthiness Derivation Tree Analyzer (Trusta), a desktop application designed to automatically construct and verify TDTs. The tool has a built-in Prolog interpreter in its backend, and is supported by the constraint solvers Z3 and MONA. Therefore, it can solve constraints about logical formulas involving arithmetic, sets, Horn clauses etc. Trusta also utilizes large language models to make the creation and evaluation of assurance cases more convenient. It allows for interactive human examination and modification. We evaluated top language models like ChatGPT-3.5, ChatGPT-4, and PaLM 2 for generating assurance cases. Our tests showed a 50%-80% similarity between machine-generated and human-created cases. In addition, Trusta can extract formal constraints from text in natural languages, facilitating an easier interpretation and validation process. This extraction is subject to human review and correction, blending the best of automated efficiency with human insight. To our knowledge, this marks the first integration of large language models in automatic creating and reasoning about assurance cases, bringing a novel approach to a traditional challenge. Through several industrial case studies, Trusta has proven to quickly find some subtle issues that are typically missed in manual inspection, demonstrating its practical value in enhancing the assurance case development process.