|Authors||J. L. de la Vara, M. Borg, K. Wnuk and L. Moonen|
|Title||Safety Evidence Change Impact Analysis in Practice|
|Project(s)||evolveIT: Evidence-Based Recommendations to Guide the Evolution of Component-Based Product Families, The Certus Centre (SFI)|
|Publication Type||Talks, contributed|
|Year of Publication||2017|
|Location of Talk||International Conference on Software Engineering, Buenos Aires, Argentina|
|Keywords||Maintenance process, Methods for SQA and V&V, Software and System Safety, Standards|
In many application domains, critical systems must comply with safety standards. This involves gathering safety evidence in the form of artefacts such as safety analyses, system specifications, and testing results. These artefacts can evolve during a system's lifecycle, creating a need for impact analysis to guarantee that system safety and compliance are not jeopardised. Although extensive research has been conducted on change impact analysis and on safety evidence management, the knowledge about how safety evidence change impact analysis is addressed in practice is limited. This paper reports on a survey targeted at filling this gap by analysing the circumstances under which safety evidence change impact analysis is addressed, the tool support used, and the challenges faced. We obtained 97 valid responses representing 16 application domains, 28 countries, and 47 safety standards. The results suggest that most practitioners deal with safety evidence change impact analysis during system development and mainly from system specifications. Furthermore, the level of automation in the process is low and insufficient tool support is the most frequent challenge. Other notable findings include that the different artefact types used as safety evidence seem to co-evolve, the evolution of safety case should probably be better managed, and no commercial impact analysis tool has been reported as used for all artefact types. Finally, we identified over 20 areas where the state of the practice in safety evidence change impact analysis can be improved.