Deriving verification-related means of compliance for a model-based testing process

Abstract

DO-331 is the supplement of DO-178C for model-based development. DO-331 is an objective-based guidance, which defines a set of objectives that have to be achieved for the model-based development of aeronautical software. The guidance also recommends the evidence in terms of activities and work products that should respectively be carried out and produced to meet the objectives. To explain why the evidence collected supports the claims concerning objectives achievement, manufacturers could adopt a safety case-based approach. Fail-SafeMBT is an academic, recently proposed, and potentially innovative model-based testing process, which needs compelling arguments to be adopted for the development of aeronautical software. To reduce the gap between industrial settings and academic settings, in this paper, we adopt the safety case-based approach and we explain how to semi-automatically derive means for compliance, aimed at arguing Fail-SafeMBT's compliance. Our focus is limited to the Verification Planning Process and we contribute to partially justify the adequacy of Fail-SafeMBT to act as process evidence by creating fragments of compelling arguments. To do that, we first manually check if Fail-SafeMBT includes DO-178C/DO-331-compliant process elements, then we model Fail-SafeMBT in compliance with Software Process Engineering Meta-model 2.0, then, we derive process-based arguments from the Fail-SafeMBT process model by using MDSafeCer, the recently introduced Model Driven Safety Certification method. By doing so, we provide a threefold contribution: we pioneer the interpretation of DO-331 in academic settings, we validate MDSafeCer in the avionics domain and we strengthen Fail-SafeMBT by providing suggestions aimed at increasing its maturity level.