정보과학회 논문지 (Journal of KIISE)

  • 제44권9호
  • /
  • Pages.893-907
  • /
  • 2017
  • /
  • 2383-630X(pISSN)
  • /
  • 2383-6296(eISSN)
한국정보과학회 (Korean Institute of Information Scientists and Engineers)
권호 표지
DOI QR코드

DOI QR Code

안전 필수 시스템을 위한 요구사항 명세 및 검증 방법

A Method to Specify and Verify Requirements for Safety Critical System

  • 임혜선 (아주대학교 소프트웨어특성화학과) ;
  • 이석원 (아주대학교 소프트웨어학과)
  • 투고 : 2017.03.17
  • 심사 : 2017.07.14
  • 발행 : 2017.09.15
⟨ 이전 논문 다음 논문 ⟩

초록

안전 필수 시스템에서 소프트웨어 결함은 심각한 결과를 초래하므로, 개발의 첫 단계인 요구사항 명세부터 안전성을 고려해야한다. 자연어로 작성된 요구사항은 여러 이해관계자들에게서 도출되어 모호함과 부정확성에 의한 결함을 갖고 있어도 검출하기 어렵다. 이러한 문제를 해결하기 위해 표준문안과 GSN 모델을 이용한 요구사항 명세방법을 제안한다. 표준문안은 선 정의된 서식에 맞춰 요구사항을 작성하는 준-정형 언어로, 표준문안에 맞춰 요구사항을 작성하면 표현의 일관성을 갖기 때문에 이해관계자들이 요구사항이 의미하는 바에 대한 모호함을 방지하여 요구사항의 정확한 의미를 정의하는데 도움이 된다. GSN은 시스템이 안전하다는 것을 관련기관에 증명하기 위한 Safety Case 작성에서 적합성을 인정받고 있는 표기법으로 기능목표, Safety Evidence 등을 표현한다. 본 연구에서는 안전 필수 시스템의 요구사항을 명세하기에 적합하도록 설계된 표준문안과 GSN 모델을 이용하여 요구사항 명세단계에서부터 결함을 쉽게 식별하고, Safety Evidence와의 연결을 통해 안전적합성을 증명할 수 있다. 또한 이 과정에서 발견된 요구사항의 결함을 수정하여 안전성 있는 소프트웨어를 개발할 수 있다.

In safety-critical systems, software defects may have serious consequences. Therefore, defects should be considered during the requirements specification process, which is the first step of a software development lifecycle. Stakeholder requirements that are usually written in natural language are difficult to derived, and there may also be defects due to ambiguity and inaccuracy. To address these issues, we propose a requirement specification method using a standardized Boilerplate and a GSN Model. The Boilerplate is a semi-standard language that follows a predefined format. Due to its ability to provide a consistent representation of the requirements, boilerplate helps stakeholders avoid ambiguities about what they mean and to define the exact meaning of the requirement. Meanwhile, GSN is recognized notation to prepare a Safety Case to prove to authorities that a system is safe. It can be expressed as a functional goal, e.g., Safety Evidence, etc. The proposed study allows an analyst to easily identify a fault from the early stage of the software development lifecycle. The Boilerplate and GSN Model are designed to specify the requirements of safety critical systems and to prove safety conformity through a connection with Safety Evidence. In addition, the proposed approach is also useful to develop secure software by correcting deficiencies in the requirements found during this process.

키워드

과제정보

연구 과제 주관 기관 : 한국연구재단

참고문헌

  1. JungKi Kim, (2016, Jul. 02) [Online]. Available: http://news.sbs.co.kr/news/endPage.do?news_id=N1003657708, (Accessed 2017 Jan 05).
  2. UiSik Jung, (2016, Sep. 12) [Online]. Available: http://m.moneys.news/view.html?no=2016091218288051374&mtype=economy&msubtype=industry#cb, (Accessed 2017 Jan 05).
  3. Cigniti Technologies, "3 Excellent Reasons Why To Invest In A TCoE," [Online]. Available: http://www.cigniti.com/ blog/test-center-of-excellence/, Accessed 05 01 2017.
  4. Steave Gandy, "Safety Requirements Specifications (SRS): The Good and the Bad," [Online]. Available: http://www.exida.com/Blog/safety-requirements-specifications-srs-the-good-and-the-bad, Accessed 05 01 2017.
  5. Berry, Daniel M., "Ambiguity in natural language requirements documents," Monterey Workshop, Springer Berlin Heidelberg, pp. 1-7, 2007.
  6. Wing, Jeannette M., "A specifier's introduction to formal methods," Computer, Vol. 23, No. 9, pp. 8-22, 1990. https://doi.org/10.1109/2.58215
  7. Firesmith, Donald G., "A taxonomy of safety-related requirements," International Workshop on High Assurance Systems (RHAS'05), 2005.
  8. Hansen, Kirsten M., Anders P. Ravn, and Victoria Stavridou, "From safety analysis to software requirements," IEEE Transactions on Software Engineering, Vol. 24, No. 7, pp. 573-584, 1998. https://doi.org/10.1109/32.708570
  9. "ISO 26262-9:2011," [Online]. Available: http://www.iso.org/iso/catalogue_detail?csnumber=51365, Accesssed 05 01 2017.
  10. Seoungike Yang, Namhee Lee, "The Case Study of ISO26262 Product Requirements Analysis Applying Requirements Engineering," KSAE, Vol. 2012, No. 11, pp. 2609-2615, 2012.
  11. Firesmith, Donald, "Engineering Safety and Security Related Requirements for Software Intensive Systems," ICSE Companion, pp. 169, 2007.
  12. Withall, Stephen, Software requirement patterns, Pearson Education, 2007.
  13. Tommila, Teemu, and Antti Pakonen, "Controlled natural language requirements in the design and analysis of safety critical I&C Systems," SAFIR 2014 Reference group 2, 2014.
  14. Yang, Hui, et al., "Analysing anaphoric ambiguity in natural language requirements," Requirements engineering, Vol. 16, No. 3, pp. 163-189, 2011. https://doi.org/10.1007/s00766-011-0119-y
  15. KOF, Leonid, et al., "Ontology and model alignment as a means for requirements validation, In: Semantic Computing (ICSC)," 2010 IEEE Fourth International Conference on. IEEE, pp. 46-51, 2010.
  16. Harel, David, and Amnon Naamad, "The STATEMATE semantics of statecharts," ACM Transactions on Software Engineering and Methodology (TOSEM), Vol, 5. No. 4, pp. 293-333, 1996. https://doi.org/10.1145/235321.235322
  17. Spivey, J. Michael, "The Z notation: a reference manual, International Series in Computer Science," 1992.
  18. A. Mavin, "Using EARS+ (Easy Approach to Requirements Syntax Plus) to vary the level of detail in Natural Language requirements," Tutorial sessions at Requirement Engineering Conference, 2012.
  19. SunYoung Cho, SangHun Cho, "Requirements Based Testing Technology for Developement of Automotive E/E," KSAE, Vol. 2012, No. 11, pp. 1484-1490, 2012.
  20. V. Johannessen, "CESAR - text vs. boilerplates," [Online]. Available: http://www.diva-portal.org/smash/get/diva2:566314/FULLTEXT01.pdf, Accessed 02 09 2016.
  21. Attwood, Katrina, et al., "GSN community standard version 1," Origin Consulting Limited, York, Nov. 2011.
  22. DNV, "DNV-Underwater Deployment and Recovery Systems," [Online]. Available: https://rules.dnvgl.com/docs/pdf/DNV/codes/docs/2012-10/Os-E407.pdf., Accessed 15 11 2016.
  23. Kelly, Tim, and Rob Weaver, "The goal structuring notation-a safety argument notation," Proc. of the dependable systems and networks 2004 workshop on assurance cases, 2004.
  24. DXLine, "Driverless System," [Online]. Available: http://www.shinbundang.co.kr/index.jsp., Accessed 26 11 2016.
  25. Hyesun Lim, SeokWon Lee, "Proposal for Requirement verification and integration specification in the Safety Critical System," KCSE, Vol. 18, No. 1, 2016.
  26. About Hyundai, "#58, BSD," [Online]. Available:http://blog.hyundai.com/1793, Accessed 11 11 2016.
  27. Lee, S. W., & Rine, D. C. (2004). Case Study Methodology Designed Research in Software Engineering Methodology Validation, In SEKE, pp. 117-122, 2004.
  28. M. Shuttleworth, "EXPLORABLE-Counterbalanced Measures Design," [Online]. Available: https://explorable.com/counterbalanced-measures-design., Accessed 11 12 2016.
  29. Renault Samsung, "Better & Different," [Online]. Available: http://blog.renaultsamsungm.com/category/Motors/Better%20%26%20Different, Accessed 11 12 2016.
  30. Energyplanet, "Energyplanet," [Online]. Available: http://blog.naver.com/energyplanet., Accessed: 30 09 2016.
  31. CNSC, "Canadian Nuclear Safety Commission," Available: https://www.cnsc-ccsn.gc.ca/eng/reactors/power-plants/nuclear-power-plant-safety-systems/index.cfm., Accessed 30 09 2016.
  32. I. S. Standard, "Safety of Nuclear Power Plants: Design," IAEA, 2012.