Assurance Cases & Safety Case Diagrams

The concept of assurance cases has long been established in the assurance domain where for many industries the development, review and acceptance of an assurance case forms a key element of safety assurance processes.

An assurance case can be defined as:

  • A reasoned and compelling argument, supported by a body of evidence, that a system, service or organization will operate as intended for a defined application in a defined environment.
  • In practice, an assurance case will have a particular focus. For example, a safety case will demonstrate that a given system is acceptably safe in a given context, while a security case will justify the security properties of a system.
  • In order that assurance cases can be developed, discussed, challenged, presented and reviewed amongst stakeholders, and maintained throughout the product lifecycle, it is necessary for them to be documented clearly.   It should also be clear how the evidence is being asserted to support the argument.

What is an Argument?

In the sense used in assurance cases, an argument is defined as a connected series of claims intended to establish an overall claim.  In attempting to persuade others of the truth of an overall claim, supporting claims are used.  These claims may themselves need further support.  Ultimately, claims should be supported by reference to evidence. This gives rise to a hierarchy of claims (representing a logical chain of reasoning supported by evidence) by which an argument is established.

(Extracted from GSN Community Standard Version 3 – SCSC Assurance Working Group)

Goal Structuring Notation (GSN)

GSN is a graphical notation for representing complex arguments linked to evidence.  Explicitly it represents the individual elements of any safety argument (requirements, claims, evidence and context) and more significantly the relationships that exist between these elements.

Diametric Software recommend that DSM users should consult the ‘The Assurance Case Working Group (ACWG) publication - Goal Structuring Notation Community Standard Version 3 ‘ for further understanding of how the GSN is used.

The Diametric Safety Case Manager (DSM) is first and foremost a modelling tool and the GSN has been built into the DSM's Metamodel.   Most work in the DSM is done using diagrams, but these diagrams are just a representation of an underlying model. An entity such as a Goal or a Hazard can appear on several diagrams, but these are all views of a single entity; if it is changed then all the diagrams where it appears will be updated.

You can extract tables from the model using Matrices, and create documents using Reports. These models can also show the extension data attached to each entity

GSN Example in the DSM