Your search keyword '"Jose Luis de la Vara"' showing total 29 results

1. Towards an extensive set of criteria for safety and cyber-security evaluation of cyber-physical systems [version 1; peer review: 2 approved]

Author

Ugur Yayan, Behrooz Sangchoolie, Alper Kanak, Aleš Smrčka, Jose Luis de la Vara, Emanuele Mingozzi, Salih Ergun, Raul Barbosa, Marie Farrell, and Cem Baglum

Subjects

criteria, evaluation, verification, validation, safety, cybersecurity, eng, Science, Social Sciences

Abstract

Verification and validation (V&V) are complex processes combining different approaches and incorporating many different methods including many activities. System engineers regularly face the question if their V&V activities lead to better products, and having appropriate criteria at hand for evaluation of safety and cybersecurity of the systems would help to answer such a question. Additionally, when there is a demand to improve the quality of an already managed V&V process, there is a struggle over what criteria to use in order to measure the improvement. This paper presents an extensive set of criteria suitable for safety and cybersecurity evaluation of cyberphysical systems. The evaluation criteria are agreed upon by 60 researchers from 32 academic and industrial organizations jointly working in a large-scale European research project on 13 real-world use cases from the domains of automotive, railway, aerospace, agriculture, healthcare, and industrial robotics.

Published

2023

2. Feeling of Safety and Comfort towards a Socially Assistive Unmanned Aerial Vehicle That Monitors People in a Virtual Home

Author

Lidia M. Belmonte, Arturo S. García, Rafael Morales, Jose Luis de la Vara, Francisco López de la Rosa, and Antonio Fernández-Caballero

Subjects

unmanned aerial vehicle (uav), social robot, feeling of safety and comfort, trajectory planning, virtual reality, MATLAB/Simulink, Chemical technology, TP1-1185

Abstract

Unmanned aerial vehicles (UAVs) represent a new model of social robots for home care of dependent persons. In this regard, this article introduces a study on people’s feeling of safety and comfort while watching the monitoring trajectory of a quadrotor dedicated to determining their condition. Three main parameters are evaluated: the relative monitoring altitude, the monitoring velocity and the shape of the monitoring path around the person (ellipsoidal or circular). For this purpose, a new trajectory generator based on a state machine, which is successfully implemented and simulated in MATLAB/Simulink®, is described. The study is carried out with 37 participants using a virtual reality (VR) platform based on two modules, UAV simulator and VR Visualiser, both communicating through the MQTT protocol. The participants’ preferences have been a high relative monitoring altitude, a high monitoring velocity and a circular path. These choices are a starting point for the design of trustworthy socially assistive UAVs flying in real homes.

Published

2021

3. Feeling of Safety and Comfort towards a Socially Assistive Unmanned Aerial Vehicle That Monitors People in a Virtual Home

Author

Jose Luis de la Vara, Francisco López de la Rosa, Rafael Morales, Antonio Fernández-Caballero, Arturo S. García, and Lidia M. Belmonte

Subjects

Computer science, ComputerApplications_COMPUTERSINOTHERSYSTEMS, 02 engineering and technology, social robot, Virtual reality, lcsh:Chemical technology, Biochemistry, Article, MATLAB/Simulink, Analytical Chemistry, Human–computer interaction, 0202 electrical engineering, electronic engineering, information engineering, lcsh:TP1-1185, Electrical and Electronic Engineering, MQTT, Instrumentation, feeling of safety and comfort, Social robot, Point (typography), 020208 electrical & electronic engineering, Atomic and Molecular Physics, and Optics, Trajectory, virtual reality, 020201 artificial intelligence & image processing, unmanned aerial vehicle (uav), trajectory planning, PATH (variable)

Abstract

Unmanned aerial vehicles (UAVs) represent a new model of social robots for home care of dependent persons. In this regard, this article introduces a study on people’s feeling of safety and comfort while watching the monitoring trajectory of a quadrotor dedicated to determining their condition. Three main parameters are evaluated: the relative monitoring altitude, the monitoring velocity and the shape of the monitoring path around the person (ellipsoidal or circular). For this purpose, a new trajectory generator based on a state machine, which is successfully implemented and simulated in MATLAB/Simulink®, is described. The study is carried out with 37 participants using a virtual reality (VR) platform based on two modules, UAV simulator and VR Visualiser, both communicating through the MQTT protocol. The participants’ preferences have been a high relative monitoring altitude, a high monitoring velocity and a circular path. These choices are a starting point for the design of trustworthy socially assistive UAVs flying in real homes.

Published

2021

4. An empirical evaluation of the use of models to improve the understanding of safety compliance needs

Author

Jose Luis de la Vara, Beatriz Marín, Clara Ayora, and Giovanni Giachetti

Subjects

Structure (mathematical logic), Relation (database), business.industry, Computer science, 05 social sciences, Automotive industry, 020207 software engineering, 050109 social psychology, Context (language use), 02 engineering and technology, Safety standards, Computer Science Applications, Compliance (psychology), Comprehension, Risk analysis (engineering), Health care, 0202 electrical engineering, electronic engineering, information engineering, 0501 psychology and cognitive sciences, business, Software, Information Systems

Abstract

Context Critical systems in application domains such as automotive, railway, aerospace, and healthcare are required to comply with safety standards. The understanding of the safety compliance needs specified in these standards can be difficult from their text. A possible solution is to use models. Objective We aim to evaluate the use of models to understand safety compliance needs. Method We have studied the effectiveness, efficiency, and perceived benefits in understanding these needs, with models and with the text of safety standards, by means of an experiment. The standards considered are DO-178C and EN 50128. We use SPEM-like diagrams to graphically represent the models. Results The mean effectiveness of 20 undergraduate students in understanding the needs and the mean efficiency were higher with models (22% and 38%, respectively), and the difference is statistically significant (p-value ≤ 0.02). Most of the students agreed upon the ease of understanding the structure of safety compliance needs with models when compared to the text, but on average, the students were undecided about whether the models are easy to understand or easier to understand than the text. Conclusions The results allow us to claim that the use of models can improve the understanding of safety compliance needs. Nonetheless, there seems to be room for improvement in relation to the perceived benefits. It must be noted that our conclusions may differ if the subjects were experienced practitioners.

Published

2020

5. The problem is not professional publishing, but the publish-or-perish culture

Author

Gonzalo Génova and Jose Luis de la Vara

Subjects

Publishing, Informática, Philosophy of science, Health (social science), business.industry, Health Policy, 05 social sciences, Media studies, Science publishing, 06 humanities and the arts, 050905 science studies, 0603 philosophy, ethics and religion, Publish-or-perish, Publish or perish, Research Personnel, Peer-review, Issues, ethics and legal aspects, Management of Technology and Innovation, Political science, Humans, 060301 applied ethics, 0509 other social sciences, business

Abstract

The publication of scientific papers has become increasingly problematic in the last decades. Even if we agree that a renewed model is needed for peer-reviewed scientific publication, we think the problem does not essentially lie in professional publishing-with economic incentives-but in the publish-or-perish culture that dominates the lives of researchers and academics.

Published

2019

6. Variability management in process families through change patterns

Author

Vicente Pelechano, Clara Ayora, Victoria Torres, and Jose Luis de la Vara

Subjects

Engineering, Business process modeling, Business process, Process (engineering), Business process variability, Context (language use), 02 engineering and technology, Change patterns, Business process discovery, Business process management, 0202 electrical engineering, electronic engineering, information engineering, business.industry, Artifact-centric business process model, Management science, 020207 software engineering, Work in process, Data science, Process family, Computer Science Applications, Process-aware information systems, 020201 artificial intelligence & image processing, business, LENGUAJES Y SISTEMAS INFORMATICOS, Software, Information Systems

Abstract

Context: The increasing adoption of process-aware information systems together with the high variability in business processes has resulted in collections of process families. These families correspond to a business process model and its variants, which can comprise hundreds or thousands of different ways of realizing this process. Managing process variability in this context can be very challenging, labor-intensive, and error-prone, and new approaches for managing process families are necessary. Objective: We aim to facilitate variability management in process families, ensure process family correctness, and reduce the effort needed for such purposes. Method: We have derived a set of change patterns for process families from variability-specific language constructs identified in the literature. For validation, we have conducted a case study with a safety standard in which we have measured the number of operations needed to model and evolve the variability of the standard with and without the patterns. Results: We present 10 change patterns for managing variability in process families and show how they can be implemented. The patterns support the modeling and evolution of process families and ensure process family correctness by automatically introducing and deleting modeling elements. The case study results show that the application of the defined change patterns can reduce the number of operations when modeling a process family by 34% and when evolving it by 40%. Conclusions: The application of the change patterns can help in effectively modeling and evolving large and highly-variable process families. Their application can also considerably reduce variability management effort. (C) 2016 Elsevier B.V. All rights reserved., This work has been developed with the financial support of Spanish Ministry of Economy and Competitiveness under the project SMART-ADAPT TIN2013-42981-P. We also want to thank Barbara Weber and Manfred Reichert for their valuable input and feedback on the design and development of the set of change patterns for process families.

Published

2016

7. Model-based specification of safety compliance needs for critical systems: A holistic generic metamodel

Author

Katrina Attwood, Jose Luis de la Vara, Rajwinder Kaur Panesar-Walawege, Tim Kelly, Ángel López, Huascar Espinoza, Idoya del Río, and Alejandra Ruiz

Subjects

Engineering, Automotive industry, Safety standard, Context (language use), 02 engineering and technology, Safety standards, Structuring, Reference assurance framework, Application domain, 0202 electrical engineering, electronic engineering, information engineering, business.industry, 020207 software engineering, Avionics, Safety compliance, Computer Science Applications, Metamodeling, Safety certification, Risk analysis (engineering), Safety assurance, 020201 artificial intelligence & image processing, Safety-critical system, business, Software engineering, Software, Information Systems

Abstract

We present a metamodel for the specification of safety compliance needs.The metamodel abstracts concepts and criteria from different safety standards.Its application results in models for structuring and managing compliance information.It can be used for most critical computer-based and software-intensive systems. Context: Many critical systems must comply with safety standards as a way of providing assurance that they do not pose undue risks to people, property, or the environment. Safety compliance is a very demanding activity, as the standards can consist of hundreds of pages and practitioners typically have to show the fulfilment of thousands of safety-related criteria. Furthermore, the text of the standards can be ambiguous, inconsistent, and hard to understand, making it difficult to determine how to effectively structure and manage safety compliance information. These issues become even more challenging when a system is intended to be reused in another application domain with different applicable standards.Objective: This paper aims to resolve these issues by providing a metamodel for the specification of safety compliance needs for critical systems.Method: The metamodel is holistic and generic, and abstracts common concepts for demonstrating safety compliance from different standards and application domains. Its application results in the specification of "reference assurance frameworks" for safety-critical systems, which correspond to a model of the safety criteria of a given standard. For validating the metamodel with safety standards, parts of several standards have been modelled by both academic and industry personnel, and other standards have been analysed. We further augment this with feedback from practitioners, including feedback during a workshop.Results: The results from the validation show that the metamodel can be used to specify safety compliance needs for aerospace, automotive, avionics, defence, healthcare, machinery, maritime, oil and gas, process industry, railway, and robotics. Practitioners consider that the metamodel can meet their needs and find benefits in its use.Conclusion: The metamodel supports the specification of safety compliance needs for most critical computer-based and software-intensive systems. The resulting models can provide an effective means of structuring and managing safety compliance information.

Published

2016

8. Status quo in requirements engineering: a theory and a global family of surveys

Author

Tomi Männistö, Antonio Vetro, Marie-Therese Christiansson, Rafael Prikladnicki, Tayana Conte, Sagar Sen, Birgit Penzenstadler, Stefan Wagner, Marcos Kalinowski, Markku Oivo, Daniel Méndez Fernández, Roel Wieringa, Michael Felderer, Rodrigo O. Spínola, Guenther Ruhe, André Schekelmann, Jose Luis de la Vara, Ahmed Tuzcu, Maleknaz Nayebi, Casper Lassenius, Desmond Greer, Dietmar Pfahl, Dietmar Winkler, Koziolek, Anne, Schaefer, Ina, Seidl, Christoph, Empirical Software Engineering research group, and Department of Computer Science

Subjects

FOS: Computer and information sciences, Requirements analysis, GENERAL-THEORY, Programvaruteknik, Computer science, 02 engineering and technology, SOFTWARE, Computer Science - Software Engineering, Empirical research, Software, survey research, 0202 electrical engineering, electronic engineering, information engineering, Theory, Survey, media_common, Requirements Engineering, Requirements Engineering, Requirement Specification, Point (typography), Replication, Requirements engineering, Survey research, Management science, 05 social sciences, 050301 education, PAIN, Computer Science Applications, Empirical studies, Survey Resear, replication, ORGANIZATIONS, Process (engineering), Status quo, media_common.quotation_subject, Context (language use), Quality (business), survey, theory, Bootstrapping, business.industry, 020207 software engineering, Software design document, 113 Computer and information sciences, n/a OA procedure, Software Engineering (cs.SE), business, 0503 education, software engineering

Abstract

Requirements Engineering (RE) has established itself as a software engineering discipline during the past decades. While researchers have been investigating the RE discipline with a plethora of empirical studies, attempts to systematically derive an empirically-based theory in context of the RE discipline have just recently been started. However, such a theory is needed if we are to define and motivate guidance in performing high quality RE research and practice. We aim at providing an empirical and valid foundation for a theory of RE, which helps software engineers establish effective and efficient RE processes. We designed a survey instrument and theory that has now been replicated in 10 countries world-wide. We evaluate the propositions of the theory with bootstrapped confidence intervals and derive potential explanations for the propositions. We report on the underlying theory and the full results obtained from the replication studies with participants from 228 organisations. Our results represent a substantial step forward towards developing an empirically-based theory of RE giving insights into current practices with RE processes. The results reveal, for example, that there are no strong differences between organisations in different countries and regions, that interviews, facilitated meetings and prototyping are the most used elicitation techniques, that requirements are often documented textually, that traces between requirements and code or design documents is common, requirements specifications themselves are rarely changed and that requirements engineering (process) improvement endeavours are mostly intrinsically motivated. Our study establishes a theory that can be used as starting point for many further studies for more detailed investigations. Practitioners can use the results as theory-supported guidance on selecting suitable RE methods and techniques., 47 pages, 19 figures, accepted for publication in ACM Transactions on Software Engineering and Methodology (TOSEM)

Published

2019

9. Analysis of requirements quality evolution

Author

Luis Alonso, Jose Luis de la Vara, and Eugenio Parra

Subjects

Informática, 060201 languages & linguistics, Quality analysis, Correctness, Requirements quality, Computer science, business.industry, media_common.quotation_subject, 06 humanities and the arts, 02 engineering and technology, Quality evolution, Consistency (database systems), 0602 languages and literature, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Quality (business), Software engineering, business, media_common

Abstract

Proceedings of: 40th International Conference on Software Engineering in Gothenburg, Sweden, May 27 - June 03, 2018 A fundamental aspect in the requirements engineering process is to know the quality of a specification, including how the quality evolves over time. This paper introduces an industrial approach for analysis of requirements quality evolution. The approach has been implemented in the System Quality Analyzer tool, exploits quality metrics for requirements correctness, consistency, and completeness, and is based on the storage of quality information in snapshots that are combined and displayed in charts. This can help practitioners to assess the progress and status of a requirements engineering process and to make decisions. The AMASS project (H2020-ECSEL grant agreement no 692474; Spain's MINECO ref. PCIN-2015-262) has funded this work.

Published

2018

10. Recent Advances towards the Industrial Application of Model-Driven Engineering for Assurance of Safety-Critical Systems

Author

Huascar Espinoza, Alejandra Ruiz, and Jose Luis de la Vara

Subjects

Informática, Certification, Computer science, Assurance, 020207 software engineering, Model-Driven Engineering, 02 engineering and technology, Safety-Critical Systems, Engineering management, Life-critical system, 0202 electrical engineering, electronic engineering, information engineering, Model-based Engineering, Model-driven architecture, Model based engineering, computer, computer.programming_language

Abstract

Proceedings of: 6th International Conference on Model-Driven Engineering and Software Development (MODELSWARD 2018) January 22-24, 2018, in Funchal, Madeira, Portugal Safety-critical systems are typically subject to assurance processes as way to ensure that they do not pose undue risks to people, property, or the environment, usually in compliance with assurance standards. The planning, execution, and management of assurance processes can be a complex activity in practice because of issues in the application of the standards, the large amount of information to handle, and the need for providing convincing justifications of assurance adequacy, among other difficulties. As a solution, many authors have argued that the use of Model-Driven Engineering principles and techniques can facilitate and improve assurance of safety-critical systems. This paper presents some of the latest advances that have been and are being made towards the use of these principles and techniques in industry. Although models have been used for assurance of safety-critical systems for many years, e.g. to specify safety cases, it has only been recently when the full potential of Model-Driven Engineering has started to be more widely exploited. This includes aspects such as the specification of metamodels and domain specific languages for assurance, the extension and application of UML, and the use of model transformations The research leading to this paper has received funding from the AMASS project (H2020-ECSEL no 692474; Spain’s MINECO ref. PCIN-2015-262).

Published

2018

11. Representation of safety standards with semantic technologies used in industrial environments

Author

Álvaro Gómez, Anabel Fraga, Gonzalo Génova, Jose Luis de la Vara, and Elena Gallego

Subjects

Knowledge management, Computer science, media_common.quotation_subject, Safety standard, 02 engineering and technology, Safety standards, Ontology (information science), Domain (software engineering), 0202 electrical engineering, electronic engineering, information engineering, Representation of safety standards, media_common, Knowledge Manager, Informática, business.industry, Ontology, Representation (systemics), 020207 software engineering, Ambiguity, Metamodeling, Semantic technology, Position paper, 020201 artificial intelligence & image processing, Software engineering, business, Safety-critical system, Model

Abstract

Proceedings of: 36th International Conference on Computer Safety, Reliability, and Security, (SAFECOMP 2017). Trento, Italy, September 13-15, 2017 Understanding and following safety standards with their text can be difficult. Ambiguity and inconsistency, among other issues, can easily arise. As a solution, several authors argue for the explicit representation of the standards with models, which can be created with semantic technologies such as ontologies. However, this possibility has received little attention. The few authors that have addressed it have also only dealt with a subset of safety standard aspects and have used technologies not usually applied for critical systems engineering. As a first step towards addressing these issues, this position paper presents our initial work on the representation of safety standards with Knowledge Manager, a tool used in industrial environments that exploits semantic technologies to manage domain information. The proposal also builds on prior work on the specification of safety compliance needs with a holistic generic metamodel. We describe how to use Knowledge Manager to specify the concepts and relationships of the metamodel for a given safety standard, and discuss the application and benefits of the corresponding representation. The research leading to this paper has received funding from the AMASS project (H2020-ECSEL no. 692474; Spain’s MINECO ref. PCIN-2015-262).

Published

2017

12. An analysis of safety evidence management with the Structured Assurance Case Metamodel

Author

Jose Luis de la Vara, Jose María Alvarez-Rodríguez, Juan Llorens, and Gonzalo Génova

Subjects

Process management, Computer science, 02 engineering and technology, computer.software_genre, Structured assurance case metamodel, Argumentation theory, 0202 electrical engineering, electronic engineering, information engineering, Safety case, Informática, Scope (project management), Database, Assertion, 020206 networking & telecommunications, 020207 software engineering, Metamodeling, Safety certification, Work (electrical), Hardware and Architecture, Safety assurance, SACM, Safety evidence, Law, computer, Software, Evidence management

Abstract

SACM (Structured Assurance Case Metamodel) is a standard for assurance case specification and exchange. It consists of an argumentation metamodel and an evidence metamodel for justifying that a system satisfies certain requirements. For assurance of safety-critical systems, SACM can be used to manage safety evidence and to specify safety cases. The standard is a promising initiative towards harmonizing and improving system assurance practices, but its suitability for safety evidence management needs to be further studied. To this end, this paper studies how SACM 1.1 supports this activity according to requirements from industry and from prior work. We have analysed the notion of evidence in SACM, its evidence lifecycle, the classes and associations of the evidence metamodel, and the link of this metamodel with the argumentation one. As a result, we have identified several improvement opportunities and extension possibilities in SACM. The notions of evidence and evidence assertion should be clarified, the overlaps between metamodel elements should be reduced, and a wider support to the lifecycle of the artefacts used as safety evidence could be provided. Addressing these aspects will allow SACM to better fit safety evidence management needs and practices, especially beyond the scope of a safety case. The results and the conclusions drawn are especially valuable for practitioners interested in SACM adoption and vendors interested in developing tool support for SACM-based safety evidence management. We present an analysis of how SACM supports safety evidence management.The analysis is based on requirements from industry and from prior work.We have identified nine improvement areas and four extension possibilities.Addressing these aspects will allow SACM to better fit safety evidence management.

Published

2017

13. An Experimental Evaluation of the Understanding of Safety Compliance Needs with Models

Author

Giovanni Giachetti, Jose Luis de la Vara, Clara Ayora, and Beatriz Marín

Subjects

understanding, Informática, model, Process management, experiment, Computer science, media_common.quotation_subject, safety-critical system, 020207 software engineering, Context (language use), 02 engineering and technology, Safety standards, Bachelor, Object (computer science), safety compliance needs, Compliance (psychology), Comprehension, Unified Modeling Language, safety standard, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, comprehension, computer, computer.programming_language, media_common

Abstract

Proceedings of: 36th International Conference on Conceptual Modeling, ER 2017, Valencia, Spain, November 6–9, 2017 Context: Most safety-critical systems have to fulfil compliance needs specified in safety standards. These needs can be difficult to understand from the text of the standards, and the use of conceptual models has been proposed as a solution. Goal: We aim to evaluate the understanding of safety compliance needs with models. Method: We have conducted an experiment to study the effectiveness, efficiency, and perceived benefits in understanding these needs, with text of safety standards and with UML object diagrams. Results: Sixteen Bachelor students participated in the experiment. Their average effectiveness in understanding compliance needs and their average efficiency were higher with models (17% and 15%, respectively). However, the difference is not statistically significant. The students found benefits in using models, but on average they are undecided about their ease of understanding. Conclusions: Although the results are not conclusive enough, they suggest that the use of models could improve the understanding of safety compliance needs. The research leading to this paper has received funding from the AMASS project (H2020-ECSEL grant agreement no 692474; Spain’s MINECO ref. PCIN-2015-262) and the AMoDDI project (Ref. 11130583). We also thank the subjects that participated in the experiment.

Published

2017

14. An Industrial Survey of Safety Evidence Change Impact Analysis Practice

Author

Leon Moonen, Jose Luis de la Vara, Krzysztof Wnuk, and Markus Borg

Subjects

Computer and Information Sciences, Survey Research, Computer science, business.industry, Safety Evidence, Change Impact Analysis, Data- och informationsvetenskap, 020207 software engineering, System safety, Context (language use), 02 engineering and technology, Safety standards, Change impact analysis, Automation, Risk analysis (engineering), 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Systems engineering, Safety-critical System, State of the Practice, business, Software

Abstract

Context. In many application domains, critical systems must comply with safety standards. This involves gathering safety evidence in the form of artefacts such as safety analyses, system specifications, and testing results. These artefacts can evolve during a system's lifecycle, creating a need for change impact analysis to guarantee that system safety and compliance are not jeopardised. Objective. We aim to provide new insights into how safety evidence change impact analysis is addressed in practice. The knowledge about this activity is limited despite the extensive research that has been conducted on change impact analysis and on safety evidence management. Method. We conducted an industrial survey on the circumstances under which safety evidence change impact analysis is addressed, the tool support used, and the challenges faced. Results. We obtained 97 valid responses representing 16 application domains, 28 countries, and 47 safety standards. The respondents had most often performed safety evidence change impact analysis during system development, from system specifications, and fully manually. No commercial change impact analysis tool was reported as used for all artefact types and insufficient tool support was the most frequent challenge. Conclusion. The results suggest that the different artefact types used as safety evidence co-evolve. In addition, the evolution of safety cases should probably be better managed, the level of automation in safety evidence change impact analysis is low, and the state of the practice can benefit from over 20 improvement areas.

Published

2016

15. Do Models Improve the Understanding of Safety Compliance Needs?

Author

Beatriz Marín, Giovanni Giachetti, Jose Luis de la Vara, and Clara Ayora

Subjects

Informática, Understanding, Engineering, Safety compliance needs, Pilot experiment, business.industry, Management science, Safety standard, 020207 software engineering, Context (language use), 02 engineering and technology, Safety standards, Compliance (psychology), Unified Modeling Language, Risk analysis (engineering), Research community, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Safety-critical system, business, computer, Model, computer.programming_language

Abstract

Context. Many critical systems must meet safety compliance needs from safety standards. These standards are usually large textual documents whose compliance needs can be hard to understand. As a solution, the use of models has been proposed. Goal. We aim to provide evidence of the extent to which models improve the understanding of safety compliance needs. Method. We designed an experiment and ran a pilot to study the effectiveness, efficiency, and perceived benefits of understanding these needs, with the text of standards and with models in the form of UML object diagrams. Results. The overall results from 15 Bachelor students show that the effectiveness of understanding safety compliance needs increases very little with models (2%), and the efficiency even decreases (24%). Nonetheless, the results improve when the potential complexity in navigating the models is taken into account (15% effectiveness increase). The students find benefits in using the models but most consider that the models are hard to understand. Conclusions. The extent to which models improve the understanding of safety compliance needs seems to be lower than what the research community expects. New studies are necessary to confirm our initial insights. European Commission The research leading to this paper has received funding from the AMASS project (H2020-ECSEL grant agreement no 692474; Spain’s MINECO ref. PCIN-2015-262) and the AMoDDI project (Ref. 11130583).

Published

2016

16. Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems

Author

Silvia Mazzini, Jose Luis de la Vara, Barbara Gallina, Huascar Espinoza, and Alejandra Ruiz

Subjects

Certification, Computer science, business.industry, Interoperability, Assurance, Cyber-physical system, 020207 software engineering, Harmonization, 02 engineering and technology, Reuse, Automation, Engineering management, AUTOSAR, 0202 electrical engineering, electronic engineering, information engineering, Systems architecture, Security, 020201 artificial intelligence & image processing, Safety, business, System architecture, Seamless interoperability

Abstract

Unlike practices in electrical and mechanical equipment engineering, Cyber-Physical Systems (CPS) do not have a set of standardized and harmonized practices for assurance and certification that ensures safe, secure and reliable operation with typical software and hardware architectures. This paper presents a recent initiative called AMASS (Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems) to promote harmonization, reuse and automation of labour-intensive certification-oriented activities via using model-based approaches and incremental techniques. AMASS will develop an integrated and holistic approach, a supporting tool ecosystem and a self-sustainable community for assurance and certification of CPS. The approach will be driven by architectural decisions (fully compatible with standards, e.g. AUTOSAR and IMA), including multiple assurance concerns such as safety, security and reliability. AMASS will support seamless interoperability between assurance/certification and engineering activities along with third-party activities (external assessments, supplier assurance). The ultimate aim is to lower certification costs in face of rapidly changing product features and market needs. This project has received funding from the Electronic Component Systems for European Leadership Joint Undertaking under grant agreement No 692474. This Joint Undertaking receives support from the European Union’s Horizon 2020 research and innovation programme and Spain, Czech Republic, Germany, Sweden, Austria, Italy, United Kingdom, France

Published

2016

17. Practitioners’ Perspectives on Change Impact Analysis for Safety-Critical Software – A Preliminary Analysis

Author

Jose Luis de la Vara, Markus Borg, and Krzysztof Wnuk

Subjects

FOS: Computer and information sciences, Computer and Information Sciences, Engineering, 0208 environmental biotechnology, Context (language use), 02 engineering and technology, Safety standards, Change impact analysis, Computer Science - Software Engineering, Software, Empirical research, 0202 electrical engineering, electronic engineering, information engineering, Software system, safety-critical systems, business.industry, Data- och informationsvetenskap, 020207 software engineering, case study research, Public relations, 020801 environmental engineering, Management, Software Engineering (cs.SE), Life-critical system, Work (electrical), business, change impact analysis

Abstract

Safety standards prescribe change impact analysis (CIA) during evolution of safety-critical software systems. Although CIA is a fundamental activity, there is a lack of empirical studies about how it is performed in practice. We present a case study on CIA in the context of an evolving automation system, based on 14 interviews in Sweden and India. Our analysis suggests that engineers on average spend 50-100 hours on CIA per year, but the effort varies considerably with the phases of projects. Also, the respondents presented different connotations to CIA and perceived the importance of CIA differently. We report the most pressing CIA challenges, and several ideas on how to support future CIA. However, we show that measuring the effect of such improvement solutions is non-trivial, as CIA is intertwined with other development activities. While this paper only reports preliminary results, our work contributes empirical insights into practical CIA. ORION

Published

2016

18. Development of Safety-Critical Software Systems Using Open Source Software -- A Systematic Map

Author

Martin Höst, Jose Luis de la Vara, Markus Borg, Alma Orucevic-Alagic, Krzysztof Wnuk, and Sardar Muhammad Sulaman

Subjects

Engineering, business.industry, Software development, System safety, Open source, mapping study, safety critical, Software, Computer Science, Software construction, Systems engineering, Domain engineering, Domain analysis, Software system, Software engineering, business

Abstract

The popularity of Open Source Software (OSS) has increased the interest in using it in safety critical applications. The aim of this study is to review research carried out on usage of open source code in development of safety-critical software and systems. We conducted a systematic mapping study through searches in library databases and manual identification of articles from open source conferences.We have identified 22 studies about using open source software, mainly in automotive, aerospace, medical and nuclear domains. Moreover, only a few studies present complete safety systems that are released as OSS in full. The most commonly used OSS functionalities are operating systems, imaging, control and data management. Finally most of the integrated OSS have mature code bases and a commit history of more than five years.

Published

2014

19. An Extended Systematic Literature Review on Provision of Evidence for Safety Certification

Author

Mehrdad Sabetzadeh, Jose Luis de la Vara, Sunil Nair, and Lionel C. Briand

Subjects

Computer science [C05] [Engineering, computing & technology], Engineering, business.industry, 020207 software engineering, System safety, Context (language use), 02 engineering and technology, Certification, Safety standards, Sciences informatiques [C05] [Ingénierie, informatique & technologie], Computer Science Applications, Body of knowledge, Systematic review, Empirical research, Risk analysis (engineering), Life-critical system, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Software engineering, business, Software, Information Systems

Abstract

Context Critical systems in domains such as aviation, railway, and automotive are often subject to a formal process of safety certification. The goal of this process is to ensure that these systems will operate safely without posing undue risks to the user, the public, or the environment. Safety is typically ensured via complying with safety standards. Demonstrating compliance to these standards involves providing evidence to show that the safety criteria of the standards are met. Objective In order to cope with the complexity of large critical systems and subsequently the plethora of evidence information required for achieving compliance, safety professionals need in-depth knowledge to assist them in classifying different types of evidence, and in structuring and assessing the evidence. This paper is a step towards developing such a body of knowledge that is derived from a large-scale empirically rigorous literature review. Method We use a Systematic Literature Review (SLR) as the basis for our work. The SLR builds on 218 peer-reviewed studies, selected through a multi-stage process, from 4963 studies published between 1990 and 2012. Results We develop a taxonomy that classifies the information and artefacts considered as evidence for safety. We review the existing techniques for safety evidence structuring and assessment, and further study the relevant challenges that have been the target of investigation in the academic literature. We analyse commonalities in the results among different application domains and discuss implications of the results for both research and practice. Conclusion The paper is, to our knowledge, the largest existing study on the topic of safety evidence. The results are particularly relevant to practitioners seeking a better grasp on evidence requirements as well as to researchers in the area of system safety. As a major finding of the review, the results strongly suggest the need for more practitioner-oriented and industry-driven empirical studies in the area of safety certification.

Published

2014

20. Optimization of an invention based on a force multiplier mechanism for wave power generation

Author

Bernabé Hernandis, Javier Aparisi, and Jose Luis De la Vara González

Subjects

Engineering, EXPRESION GRAFICA EN LA INGENIERIA, business.industry, Fossil fuel, Electrical engineering, General Medicine, Clean Energies, Force Transformation, Wave Energy, Reciprocating motion, Energy Equipments, Circular motion, Alternative Energies, Linear motion, Wave height, Alternative energy, Motion Conversion, Multiplier (economics), Invention, business, Wave Energy Converter

Abstract

The development and exploitation of new sources of clean energy that do not depend on traditional sources based on the use of fossil fuels, is the focus of this research, which starts with the optimization of an invention capable of transforming a reciprocating rectilinear motion into continuous circular motion in a very efficient way, to be used in the development of a Wave Energy Converter (WEC), capable of operating with low wave height and taking advantage of the oscillating movement of the waves both when rising, and when lowering, unlike other similar devices that harness it only in one way.

Published

2014

21. GDPRValidator: a tool to enable companies using cloud services to be GDPR compliant

Author

M. Emilia Cambronero, Miguel A. Martínez, José Luis de la Vara, David Cebrián, and Valentín Valero

Subjects

Data privacy, GDPR, GDPR compliance, Cloud services, SMEs, Data privacy recommendations, Electronic computers. Computer science, QA75.5-76.95

Abstract

This article presents a tool called GDPRValidator that aims to assist small and medium-sized enterprises (SMEs) that have migrated their services, or a part of them, to the cloud to be General Data Protection Regulation (GDPR) compliant when they manage and store employees’ or customers’ data in the cloud. As these companies have a limited budget to hire legal experts to guide them in complying with GDPR, the main objective of this tool is to help SMEs to be more competitive by saving a considerable amount of money. By using GDPRValidator, these companies can learn and begin the GDPR compliance process by themselves and decide whether it will be necessary to hire GDPR legal experts in the end. GDPRValidator implements a process that aids companies in compliance analysis and validation and generates a series of documents with recommendations. These documents do not guarantee full GDPR compliance, but they can help the company better understand the regulation and improve its data management strategies. In order to validate the efficiency and efficacy of the tool, two SMEs have used it and provided feedback about its perceived ease of use and its perceived usefulness for understanding and complying with GDPR. The results of the validation showed that, for both companies, the degree of perceived usefulness and ease of use of GDPRValidator is quite good. All the scores expressed agreement.

Published

2022

22. Modelling data interaction requirements: A position paper

Author

Arnab Sarkar, Sagar Sen, Arnaud Gotlieb, and Jose Luis de la Vara

Subjects

Data model, Computer science, Database schema, Information system, IDEF1X, Data science, Field (computer science), Data administration, Data modeling, Domain (software engineering)

Abstract

Data-intensive information systems constitute the backbone of e-commerce and e-governance services running worldwide. Structured data is a central artefact in these information systems. Requirements for structure in data are typically modelled in a database schema. However, information system behaviour is often a function of interactions that cross-cut database features such as field values in different tables. For instance, consultants at the Norwegian Customs and Excise reveal that taxation rules are triggered due to data interactions between 10,000 items, 88 country groups, and 934 tax codes. There are about 12.9 trillion possible three-wise interactions of which only about 220,000 interactions are used in reality as customs rules. Therefore, we ask, how can we model data interaction requirements to further bound the input domain of an information system? In this position paper, we address this question by modelling data interaction requirements using classification tree models. We also present different applications of data interaction requirements in the development of information systems.

Published

2013

23. Message from the QUAMES Workshop Chairs

Author

Alain Abran, JOSE LUIS DE LA VARA, and Beatriz Marin

Published

2013

24. COMPRO: A methodological approach for business process contextualisation

Author

Fabiano Dalpiaz, Raian Ali, Paolo Giorgini, Juan Sánchez, and Jose Luis de la Vara

Subjects

Process management, Knowledge management, business.industry, Artifact-centric business process model, Business rule, Business process, Computer science, 020207 software engineering, 02 engineering and technology, Business process modeling, Business domain, Business process management, Business Process Model and Notation, Business process discovery, 020204 information systems, csi, 0202 electrical engineering, electronic engineering, information engineering, business

Abstract

Context-awareness has emerged as a new perspective for business process modelling. Business processes are strongly influenced by context, the environment where they are executed, and thus context should not be ignored when modelling them. This calls for new approaches that facilitate contextualisation, i.e. identification and representation of the way context influences a business process. In addition, detailed methodological guidance for correct business process contextualisation should be provided. However, existing works on context-aware business process modelling do not deal with these challenges. This paper addresses them by presenting COMPRO, a methodological approach for business process contextualisation. Starting from an initial business process model, context is analysed in order to discover its relevant variations and specify their effect on a business process. Our approach helps process designers to adequately specify context variants and business process variants that accommodate them. Our ultimate goal is to guarantee the correct design of business processes that fit their context. In addition, we report initial results about COMPRO application and evaluation.

Published

2010

25. Business Processes Contextualisation via Context Analysis

Author

Jose Luis de la Vara, Raian Ali, Fabiano Dalpiaz, Juan Sánchez, and Paolo Giorgini

Published

2010

26. Assessment of the Quality of Safety Cases: A Research Preview

Author

Gabriel Jiménez, Roy Mendieta, Jose Luis de la Vara, and Eugenio Parra

Subjects

050101 languages & linguistics, business.industry, Computer science, media_common.quotation_subject, 05 social sciences, Principal (computer security), Automotive industry, Context (language use), 02 engineering and technology, Work (electrical), Risk analysis (engineering), Health care, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, 0501 psychology and cognitive sciences, Safety case, Quality (business), business, Aerospace, media_common

Abstract

[Context and motivation] Safety-critical systems in application domains such as aerospace, automotive, healthcare, and railway are subject to assurance processes to provide confidence that the systems do not pose undue risks to people, property, or the environment. The development of safety cases is usually part of these processes to justify that a system satisfies its safety requirements and thus is dependable. [Question/problem] Although safety cases have been used in industry for over two decades, their management still requires improvement. Important weaknesses have been identified and means to assess the quality of safety cases are limited. [Principal ideas/results] This paper presents a research preview on the assessment of the quality of safety cases. We explain how the area should develop and present our preliminary work towards enabling the assessment with Verification Studio, an industrial tool for system artefact quality analysis. [Contribution] The insights provided allow researchers and practitioners to gain an understanding of why safety case quality requires further investigation, what aspects must be considered, and how quality assessment could be performed in practice.

27. AMASS: A Large-Scale European Project to Improve the Assurance and Certification of Cyber-Physical Systems

Author

Barbara Gallina, Jose Luis de la Vara, Eugenio Parra, and Alejandra Ruiz

Subjects

050101 languages & linguistics, Certification, Computer science, 05 social sciences, Interoperability, Assurance, Cyber-physical system, 02 engineering and technology, AMASS, Reuse, Engineering management, Scale (social sciences), 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, 0501 psychology and cognitive sciences, CPS

Abstract

Most safety-critical systems must undergo assurance and certification processes. The associated activities can be complex and labour-intensive, thus practitioners need suitable means to execute them. The activities are further becoming more challenging as a result of the evolution of the systems towards cyber-physical ones, as these systems have new assurance and certification needs. The AMASS project (Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems) tackled these issues by creating and consolidating the de-facto European-wide open tool platform, ecosystem, and self-sustainable community for assurance and certification of cyber-physical systems. The project defined a novel holistic approach for architecture-driven assurance, multi-concern assurance, seamless interoperability, and cross- and intra-domain reuse of assurance assets. AMASS results were applied in 11 industrial case studies to demonstrate the reduction of effort in assurance and certification, the reduction of (re)certification cost, the reduction of assurance and certification risks, and the increase in technology harmonisation and interoperability. The research leading to this paper has received funding from the AMASS project (H2020-ECSEL grant agreement no 692474; Spain’s MINECO ref. PCIN-2015-262; Sweden’s Vinnova) and the Ramon y Cajal Program (Spain’s MICINN ref. RYC-2017-22836; EC’s European Social Fund). We are also grateful to all the AMASS partners. Their work and results are summarised in this paper.

28. Towards effective SysML model reuse

Author

Jose Luis de la Vara, Juan Llorens, Jose María Alvarez-Rodríguez, and Roy Mendieta

Subjects

Informática, Computer science, RSHP, 0102 computer and information sciences, 02 engineering and technology, Reuse, Model Reuse, 01 natural sciences, CAKE, 010201 computation theory & mathematics, Systems Modeling Language, 0202 electrical engineering, electronic engineering, information engineering, Systems engineering, 020201 artificial intelligence & image processing, SysML, Knowledge Reuse

Abstract

The Systems Modeling Language (SysML) is spreading very fast. Most modelling tool vendors support it and practitioners have adopted it for Systems Engineering. The number of SysML models is growing, increasing the need for and the potential benefit from platforms that allow a user to reuse the knowledge represented in the models. However, SysML model reuse remains challenging. Each tool has its own implementation of SysML, hindering reuse between tools. The search capabilities of most tools are also very limited and finding reusable models can be difficult. This paper presents our vision and initial work towards enabling an effective reuse of the knowledge contained in SysML models. The proposed solution is based on a universal information representation model called RSHP and on existing technology for indexing and retrieval. The solution has been used to index models of all SysML diagram types and preliminary validated with requirements diagrams. The results from the validation show that the solution has very high precision and recall. This makes us confident that the solution can be a suitable means for effective SysML model reuse. European Commission The research leading to this paper has received funding from the AMASS project (H2020-ECSEL grant agreement no 692474; Spain's MINECO ref. PCIN-2015-262).

29. Assurance and certification of cyber–physical systems: The AMASS open source ecosystem

Author

Gaël Blondelle, Jose Luis de la Vara, and Alejandra Ruiz

Subjects

Process (engineering), business.industry, Computer science, 05 social sciences, Interoperability, Cyber-physical system, 020207 software engineering, Usability, 02 engineering and technology, Certification, Engineering management, Open source, Hardware and Architecture, 0502 economics and business, 0202 electrical engineering, electronic engineering, information engineering, business, 050203 business & management, Software, Information Systems

Abstract

Many cyber–physical systems (CPS) are subject to rigorous assurance and certification processes to provide confidence that undue risks are not posed and thus the systems are trustworthy. These processes are complex and time-consuming and tool support can greatly aid in their execution. In line with other trends for systems and software engineering, the need for and interest in open source tools for assurance and certification is growing and different initiatives have been launched. As a concrete example, we report on our experience in developing the AMASS open source ecosystem. This ecosystem includes (1) an open source tool platform that supports the main CPS assurance and certification activities, (2) external tools with added-value features, and (3) an open community of developers and users. The platform integrates existing solutions for system modelling, process engineering, and compliance and argumentation management. We also present the application of the AMASS tool platform in 11 industrial case studies from five different application domains. The results show that the platform is a feasible means for CPS assurance and certification and that practitioners find benefits in assurance-oriented system modelling and in integrated system assurance information, among other areas. Nonetheless, improvement opportunities also exist, most notably regarding tool interoperability and usability.