DAF 1.0 FTF Avatar
  1. OMG Issue

DAF — section 8.3 (Dependability Allocation Argument) needs rephrasing

  • Key: DAF-16
  • Status: closed  
  • Source: Object Management Group ( Andrew Watson)
  • Summary:

    In sysa/14-11-01, section 8.3 (Dependability Allocation Argument), the example is very dense and poorly-formatted. Please re-phrase & re-format to be clearer.

  • Reported: DAF 1.0b1 — Thu, 5 Feb 2015 17:40 GMT
  • Disposition: Resolved — DAF 1.0
  • Disposition Summary:

    Section to be re-phrased

    All the sentences in 8-3 are to be shrunk for visibility.

    We will rewrite the sentences so that the sentences are definition of dependability allocation argument, and reduce the size of the sentences as possible

    Old
    Figure 8-1 depicts DAC templates for Dependability Allocation Argument. The DAC template for Dependability Allocation Argument represents that the allocation of dependability requirements of the target architecture is adequate. This template is recursively used for each sub-architecture. The term architecture is used for represents either “System of systems”, “System”, “Component”, or “Implementation” (see Architectural Concept in Clause 7.1). For example, if a system S consists of sub systems S1 and S2, and the threat and environmental list for S is derived as h1,…, hn, and the dependability requirement is D (derived from Dependability Requirements Analysis), then the top claim “C1: Dependability allocation of System S for each system/component/implementation is adequate” is decomposed into the following three sub claims: “C3: Dependability allocation of System S1 for each sub architecture is adequate”, “C4: Dependability allocation of System S2 for each sub architecture is adequate”, and “C2: Allocation of D1 to S1, Allocation of D2 to S2 are adequate.” In this argument, the dependability requirement D is divided into D1 and D2, and they are allocated to S1 and S2, respectively. C3 and C4 are then decomposed into sub claims using this DAC template, according to the structure of S1 and S2, respectively. The adequacy of the decomposition of D into D1 and D2 is assured in the argument of sub claim C2. Threat and environment list for S: T=h1,…,hn is divided into T1 and T2. This division is derived as the result of Dependability Analysis of DPM. Note that the sum of T1 and T2 is not necessarily equals to T: the sum may be less than T.
    The XMI file for the DAC template for Dependability Allocation Argument is DependabilityAllocationArgument.xmi (normative).

    New
    Change points: remove ":" in sentences and figure 8-1
    Change all figures into PDF.


    Figure 8-1 depicts DAC templates for Dependability Allocation Argument. The DAC template for Dependability Allocation Argument represents that the allocation of dependability requirements of the target architecture is adequate. This template is recursively used for each sub-architecture. The term architecture is used for represents either “System of systems”, “System”, “Component”, or “Implementation” (see Architectural Concept in Clause 7.1). System S consists of sub systems S1 and S2 (this template assume two sub systems, but the number can be modified according to the target system), and the threat and environmental list for S is derived as h1,…, hn, and the dependability requirement is D (derived from Dependability Requirements Analysis), then the top claim “C1 Dependability allocation of System S for each system/component/implementation is adequate” is decomposed into the following three sub claims: “C3 Dependability allocation of System S1 for each sub architecture is adequate”, “C4 Dependability allocation of System S2 for each sub architecture is adequate”, and “C2 Allocation of D1 to S1, Allocation of D2 to S2 are adequate.” In this argument, the dependability requirement D is divided into D1 and D2, and they are allocated to S1 and S2, respectively. C3 and C4 are then decomposed into sub claims using this DAC template, according to the structure of S1 and S2, respectively. The adequacy of the decomposition of D into D1 and D2 is assured in the argument of sub claim C2. Threat and environment list for S: T=h1,…,hn is divided into T1 and T2. This division is derived as the result of Dependability Analysis of DPM. Note that the sum of T1 and T2 is not necessarily equals to T: the sum may be less than T.
    The XMI file for the DAC template for Dependability Allocation Argument is DependabilityAllocationArgument.xmi (normative).

  • Updated: Tue, 22 Dec 2015 15:04 GMT
  • Attachments: