Towards an Argument Pattern for the Use of Safety Performance Indicators

TL;DR

This paper proposes an explicit argument pattern for Safety Performance Indicators (SPIs) in autonomous systems, aiming to clarify their rationale and ensure ongoing validity of safety cases through continuous monitoring.

Contribution

It introduces an initial framework to make the implicit rationale for using SPIs explicit and analyzes potential confidence undermining situations, with a focus on continuous performance monitoring.

Findings

Developed an argument pattern for SPIs in safety cases

Analyzed situations that can undermine confidence in SPIs

Proposed use of meta-SPIs for ongoing performance monitoring

Abstract

UL 4600, the safety standard for autonomous products, mandates the use of Safety Performance Indicators (SPIs) to continuously ensure the validity of safety cases by monitoring and taking action when violations are identified. Despite numerous examples of concrete SPIs available in the standard and companion literature, their contribution rationale for achieving safety is often left implicit. In this paper, we present our initial work towards an argument pattern for the use of SPIs to ensure validity of safety cases throughout the entire lifecycle of the system. Our aim is to make the implicit argument behind using SPIs explicit, and based on this, to analyze the situations that can undermine confidence in the chosen set of SPIs. To maintain the confidence in SPIs' effectiveness, we propose an approach to continuously monitor their expected performance by using meta-SPIs.