Trace Queries for Safety Requirements in High Assurance Systems

[Context and motivation] Safety critical software systems pervade almost every facet of our lives. We rely on them for safe air and automative travel, healthcare diagnosis and treatment, power generation and distribution, factory robotics, and advanced assistance systems for special-needs consumers. [Question/Problem] Delivering demonstrably safe systems is di cult, so certification and regulatory agencies routinely require full life-cycle traceability to assist in evaluating them. In practice, however, the traceability links provided by software producers are often incomplete, inaccurate, and ine↵ective for demonstrating software safety. Also, there has been insu cient integration of formal method artifacts into such traceability. [Principal ideas/results] To address these weaknesses we propose a family of reusable traceability queries that serve as a blueprint for traceability in safety critical systems. In particular we present queries that consider formal artifacts, designed to help demonstrate that: 1) identified hazards are addressed in the safetyrelated requirements, and 2) the safety-related requirements are realized in the implemented system. We model these traceability queries using the Visual Trace Modeling Language, which has been shown to be more intuitive than the defacto SQL standard. [Contribution] Practitioners building safety critical systems can use these trace queries to make their traceability e↵orts more complete, accurate and e↵ective. This, in turn, can assist in building safer software systems and in demonstrating their adequate handling of hazards.