Principled Safety Assurance Arguments

Researchers have been working towards systematizing the production of assurance cases with the objective of making them more sound, understandable and robust with respect to change. Our work on the Workflow+ framework shares this goal. In this paper, we present principles that guide how to structure information about a system (or its development) for use in an assurance argument. We discuss the impact this has on the understandability and reusability of an argument, as well as on how arguments are produced and used. We show that these principles are important for addressing two major factors standing in the way of achieving the listed objectives: the need for a viable systematic approach to generate understandable and sound assurance arguments, and a tendency to include unnecessary details of the system in the safety argument. This is presented in terms of Workflow+, but is relevant to assurance cases more generally.