This paper presents a methodology called Rigorous Analysis Template Process (RATP) for analysing the behaviours and interactions of multiple components in a Self-Driving Vehicle (SDV) to ensure its system safety, especially when a human driver is involved as a fallback option for handling hazardous events. RATP uses Systems-Theoretic Processes Analysis (STPA) and Event-B formal method to gradually identify safety requirements and build their rigours models. The output of RATP is a set of safety requirements that guide the development of a rigorous model to maintain the system safety against identified hazardous states at different levels of abstraction. The main advantage of RATP is to allow the behaviours of a system to be analysed from a high-abstraction layer to a more detailed concrete layer.
In the design of critical systems, it is important to ensure a degree of formality so that we reason about safety and security at early stages of analysis and design, rather than detect problems later. Influenced by ideas from STPA we present a hierarchical analysis process that aims to justify the design and flow-down of derived critical requirements arising from safety hazards and security vulnerabilities identified at the system level. At each level, we verify that the design achieves the safety/security requirements by backing the analysis with formal modelling and proof using Event-B refinement. The formal model helps to identify hazards/vulnerabilities arising from the design and how they relate to the safety accidents/security losses being considered at this level. We then re-apply the same process to each component of the design in a hierarchical manner. Thus we use ideas from STPA, backed by Event-B models, to drive the design, replacing the system level requirements with component requirements. In doing so, we decompose critical requirements down to components, transforming them from abstract system level requirements, towards concrete solutions that we can implement correctly so that the hazards/vulnerabilities are eliminated.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.