{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,17]],"date-time":"2026-04-17T20:30:34Z","timestamp":1776457834339,"version":"3.51.2"},"reference-count":39,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2024,9,13]],"date-time":"2024-09-13T00:00:00Z","timestamp":1726185600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2024,9,13]],"date-time":"2024-09-13T00:00:00Z","timestamp":1726185600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/100010668","name":"H2020 Leadership in Enabling and Industrial Technologies","doi-asserted-by":"publisher","award":["957210"],"award-info":[{"award-number":["957210"]}],"id":[{"id":"10.13039\/100010668","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100002946","name":"Deutsches Zentrum f\u00fcr Luft- und Raumfahrt","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100002946","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Softw Syst Model"],"published-print":{"date-parts":[[2025,2]]},"abstract":"<jats:title>Abstract<\/jats:title>\n          <jats:p>The complexity of safety-critical systems is continuously increasing. To create safe systems despite the complexity, the system development requires a strong integration of system design and safety activities. A promising choice for integrating system design and safety activities are model-based approaches. They can help to handle complexity through abstraction, automation, and reuse and are applied to design, analyze, and assure systems. In practice, however, there is often a disconnect between the model-based design and safety activities. At the same time, there is often a delay until recent approaches are available in model-based frameworks. As a result, the advantages of the models are often not fully utilized. Therefore, this article proposes a framework that integrates recent approaches for system design (model-based systems engineering), safety analysis (system-theoretic process analysis), and safety assurance (goal structuring notation). The framework is implemented in the systems modeling language (SysML), and the focus is placed on the connection between the safety analysis and safety assurance activities. It is shown how the model-based integration enables tool assistance for the systematic creation, analysis, and maintenance of safety artifacts. The framework is demonstrated with the system design, safety analysis, and safety assurance of a collision avoidance system for aircraft. The model-based nature of the design and safety activities is utilized to support the systematic generation, analysis, and maintenance of safety artifacts.\n<\/jats:p>","DOI":"10.1007\/s10270-024-01209-6","type":"journal-article","created":{"date-parts":[[2024,9,13]],"date-time":"2024-09-13T07:02:45Z","timestamp":1726210965000},"page":"253-270","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":8,"title":["A system-theoretic assurance framework for safety-driven systems engineering"],"prefix":"10.1007","volume":"24","author":[{"ORCID":"https:\/\/orcid.org\/0009-0004-6646-776X","authenticated-orcid":false,"given":"Alexander","family":"Ahlbrecht","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0005-5725-0726","authenticated-orcid":false,"given":"Jasper","family":"Sprockhoff","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2928-1710","authenticated-orcid":false,"given":"Umut","family":"Durak","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,9,13]]},"reference":[{"issue":"10","key":"1209_CR1","doi-asserted-by":"publisher","first-page":"22","DOI":"10.1145\/3615860","volume":"66","author":"NG Leveson","year":"2023","unstructured":"Leveson, N.G., Thomas, J.P.: Certification of safety-critical systems. Commun. ACM 66(10), 22\u201326 (2023). https:\/\/doi.org\/10.1145\/3615860","journal-title":"Commun. ACM"},{"key":"1209_CR2","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/978-3-031-15842-1_3","volume-title":"Model-Based Safety and Assessment","author":"C Frazza","year":"2022","unstructured":"Frazza, C., Darfeuil, P., Gauthier, J.: MBSA in aeronautics: a way to support safety activities. In: Seguin, C., Zeller, M., Prosvirnova, T. (eds.) Model-Based Safety and Assessment, pp. 31\u201342. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-15842-1_3"},{"key":"1209_CR3","unstructured":"Fogarty, D., De Salvo, P., Edward, D.: Model-based systems engineering and model-based safety analysis: final report. Federal Aviation Administration, Tech. Rep. DOT\/FAA\/TC-20\/42 (2021)"},{"key":"1209_CR4","doi-asserted-by":"publisher","first-page":"146483","DOI":"10.1109\/ACCESS.2020.3015151","volume":"8","author":"R Krishnan","year":"2020","unstructured":"Krishnan, R., Bhada, S.V.: An integrated system design and safety framework for model-based safety analysis. IEEE Access 8, 146483\u2013146497 (2020). https:\/\/doi.org\/10.1109\/ACCESS.2020.3015151","journal-title":"IEEE Access"},{"key":"1209_CR5","doi-asserted-by":"publisher","first-page":"8","DOI":"10.1007\/978-3-642-33675-1_2","volume-title":"Computer Safety, Reliability, and Security","author":"E Denney","year":"2012","unstructured":"Denney, E., Pai, G., Pohl, J.: AdvoCATE: an assurance case automation toolset. In: Ortmeier, F., Daniel, P. (eds.) Computer Safety, Reliability, and Security, pp. 8\u201321. Springer, Berlin (2012). https:\/\/doi.org\/10.1007\/978-3-642-33675-1_2"},{"key":"1209_CR6","volume-title":"Systems Engineering Handbook, A Guide for System Life Cycle Processes and Activities","author":"DD Walden","year":"2015","unstructured":"Walden, D.D., Roedler, G.J., Forsberg, K.J., Hamelin, R.D., Shortwell, T.M.: Systems Engineering Handbook, A Guide for System Life Cycle Processes and Activities. WILEY, San Diego (2015)"},{"key":"1209_CR7","unstructured":"International Council on Systems Engineering (INCOSE). Systems engineering vision 2020. INCOSE, Tech. Rep. INCOSE-TP-2004-004-02 (2007)"},{"key":"1209_CR8","unstructured":"Leveson, N. G., Thomas, J. P.: STPA Handbook (2018)"},{"key":"1209_CR9","volume-title":"Engineering a Safer World, Systems Thinking Applied to Safety","author":"NG Leveson","year":"2016","unstructured":"Leveson, N.G.: Engineering a Safer World, Systems Thinking Applied to Safety. The MIT Press, Cambridge (2016)"},{"key":"1209_CR10","unstructured":"The Assurance Case Working Group (ACWG). Goal Structuring Notation Community Standard Version 3 (2021)"},{"key":"1209_CR11","doi-asserted-by":"publisher","unstructured":"de Souza, F.G.R., de Melo Bezerra, J., Hirata, C.M., de Saqui-Sannes, P., Apvrille, L.: Combining STPA with SysML modeling. In: 2020 IEEE International Systems Conference (SysCon) (2020). pp.\u00a01\u20138. https:\/\/doi.org\/10.1109\/SysCon47679.2020.9275867","DOI":"10.1109\/SysCon47679.2020.9275867"},{"key":"1209_CR12","doi-asserted-by":"publisher","first-page":"319","DOI":"10.1007\/978-3-031-14835-4_21","volume-title":"Computer Safety, Reliability, and Security","author":"E Acar Celik","year":"2022","unstructured":"Acar Celik, E., C\u00e2rlan, C., Abdulkhaleq, A., Bauer, F., Schels, M., Putzer, H.J.: Application of STPA for the elicitation of safety requirements for a machine learning-based perception component in automotive. In: Trapp, M., Saglietti, F., Spisl\u00e4nder, M., Bitsch, F. (eds.) Computer Safety, Reliability, and Security, pp. 319\u2013332. Springer, Cham (2022)"},{"key":"1209_CR13","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1007\/978-3-030-26250-1_1","volume-title":"Computer Safety, Reliability, and Security","author":"C Hirata","year":"2019","unstructured":"Hirata, C., Nadjm-Tehrani, S.: Combining GSN and STPA for safety arguments. In: Romanovsky, A., Troubitsyna, E., Gashi, I., Schoitsch, E., Bitsch, F. (eds.) Computer Safety, Reliability, and Security, pp. 5\u201315. Springer, Cham (2019)"},{"key":"1209_CR14","unstructured":"Object Management Group (OMG). Risk Analysis and Assessment Modeling Language (2021)"},{"issue":"8","key":"1209_CR15","first-page":"1","volume":"25","author":"JA Estefan","year":"2007","unstructured":"Estefan, J.A.: Survey of model-based systems engineering (MBSE) methodologies. Incose MBSE Focus Group 25(8), 1\u201312 (2007)","journal-title":"Incose MBSE Focus Group"},{"key":"1209_CR16","unstructured":"Aleksandraviciene, A., Morkevicius, A.: MagicGrid\u00ae Book of Knowledge. A Practical Guide to System Modeling using MagicGrid from No Magic, 2nd. Vitae Litera, Kaunas (2021)"},{"key":"1209_CR17","unstructured":"Roques, P.: MBSE with the ARCADIA method and the Capella tool. In: 8th European Congress on Embedded Real Time Software and Systems (ERTS 2016). Toulouse, France (2016)"},{"key":"1209_CR18","volume-title":"A Practical Guide to SysML, The Systems Modeling Language","author":"S Friedenthal","year":"2015","unstructured":"Friedenthal, S., Moore, A., Steiner, R.: A Practical Guide to SysML, The Systems Modeling Language. Morgan Kaufmann, Amsterdam (2015)"},{"key":"1209_CR19","unstructured":"Object Management Group (OMG). In: Systems Modeling Language (SysML\u00ae) v2 API and services Request For Proposal (RFP) (2018)"},{"key":"1209_CR20","unstructured":"Rosenow, H.: Trade off bewertungsmethodik f\u00fcr tool- und methodenentscheidungen zur virtualisierung und modellbasierung in der entwicklung. Master\u2019s Thesis, Technische Universit\u00e4t M\u00fcnchen, M\u00fcnchen (2018)"},{"key":"1209_CR21","unstructured":"International Organization for Standardization (ISO). ISO 21448:2022 road vehicles\u2014safety of the intended functionality (2022)"},{"key":"1209_CR22","unstructured":"SAE. Using STPA During Development and Safety Assessment of Civil Aircraft AIR6913, 2018-02-13. Work in Progress"},{"key":"1209_CR23","unstructured":"SAE. J3187 _202305: System theoretic process analysis (STPA) recommended practices for evaluations of safety-critical systems in any industry (2023)"},{"key":"1209_CR24","unstructured":"SAE. J3307: System theoretic process analysis (STPA) standard for all industries, WIP"},{"key":"1209_CR25","doi-asserted-by":"publisher","unstructured":"Ahlbrecht, A., Durak, U.: Integrating safety into MBSE processes with formal methods. In: 2021 IEEE\/AIAA 40th Digital Avionics Systems Conference (DASC) (2021), pp.\u00a01\u20139. https:\/\/doi.org\/10.1109\/DASC52595.2021.9594315","DOI":"10.1109\/DASC52595.2021.9594315"},{"key":"1209_CR26","doi-asserted-by":"publisher","unstructured":"Ahlbrecht, A., Durak, U.: Model-based STPA: enabling safety analysis coverage assessment with formalization. In: 2022 IEEE\/AIAA 41st Digital Avionics Systems Conference (DASC), pp.\u00a01\u201310 (2022). https:\/\/doi.org\/10.1109\/DASC55683.2022.9925883","DOI":"10.1109\/DASC55683.2022.9925883"},{"key":"1209_CR27","doi-asserted-by":"publisher","unstructured":"Ahlbrecht, A., Zaeske, W., Durak, U.: Model-based STPA: towards agile safety-guided design with formalization. In: 2022 IEEE International Symposium on Systems Engineering (ISSE), pp.\u00a01\u20138 (2022). https:\/\/doi.org\/10.1109\/ISSE54508.2022.10005396","DOI":"10.1109\/ISSE54508.2022.10005396"},{"key":"1209_CR28","unstructured":"Rushby, J.M., Xu, X., Rangarajan, M., Weaver, T.L.: Understanding and evaluating assurance cases. NASA, Tech. Rep. CR\u20132015-218802 (2015)"},{"key":"1209_CR29","doi-asserted-by":"publisher","first-page":"211","DOI":"10.1016\/j.jss.2019.05.013","volume":"154","author":"R Wei","year":"2019","unstructured":"Wei, R., Kelly, T.P., Dai, X., Zhao, S., Hawkins, R.: Model based system assurance using the structured assurance case metamodel. J. Syst. Softw. 154, 211\u2013233 (2019). https:\/\/doi.org\/10.1016\/j.jss.2019.05.013","journal-title":"J. Syst. Softw."},{"key":"1209_CR30","first-page":"49","volume-title":"Computer Safety, Reliability, and Security","author":"M Maksimov","year":"2018","unstructured":"Maksimov, M., Fung, N.L.S., Kokaly, S., Chechik, M.: Two decades of assurance case tools: a survey. In: Gallina, B., Skavhaug, A., Schoitsch, E., Bitsch, F. (eds.) Computer Safety, Reliability, and Security, pp. 49\u201359. Springer, Cham (2018)"},{"key":"1209_CR31","unstructured":"Leveson, N.G.: White paper on limitations of safety assurance and goal structuring notation (GSN) (2020)"},{"issue":"6","key":"1209_CR32","doi-asserted-by":"publisher","first-page":"2329","DOI":"10.1007\/s10270-021-00957-z","volume":"21","author":"JL de la Vara","year":"2022","unstructured":"de la Vara, J.L., Garc\u0131a, A.S., Valero, J., Ayora, C.: Model-based assurance evidence management for safety-critical systems. Softw. Syst. Model. 21(6), 2329\u20132365 (2022). https:\/\/doi.org\/10.1007\/s10270-021-00957-z","journal-title":"Softw. Syst. Model."},{"key":"1209_CR33","doi-asserted-by":"publisher","DOI":"10.1007\/s10270-019-00735-y","author":"S Wolny","year":"2020","unstructured":"Wolny, S., Mazak, A., Carpella, C., Geist, V., Wimmer, M.: Thirteen years of SysML: a systematic mapping study. Softw. Syst. Model. (2020). https:\/\/doi.org\/10.1007\/s10270-019-00735-y","journal-title":"Softw. Syst. Model."},{"key":"1209_CR34","doi-asserted-by":"publisher","unstructured":"Ahlbrecht, A., Bertram, O.: Evaluating system architecture safety in early phases of development with MBSE and STPA. In: 2021 IEEE International Symposium on Systems Engineering (ISSE), pp.\u00a01\u20138 (2021). https:\/\/doi.org\/10.1109\/ISSE51541.2021.9582542","DOI":"10.1109\/ISSE51541.2021.9582542"},{"key":"1209_CR35","unstructured":"Sun, L.: Establishing confidence in safety assessment evidence. PhD thesis, University of York (2012)"},{"key":"1209_CR36","doi-asserted-by":"publisher","first-page":"58","DOI":"10.1007\/978-3-642-30982-3_3","volume-title":"Formal Methods for Model-Driven Engineering: 12th International School on Formal Methods for the Design of Computer, Communication, and Software Systems, SFM 2012, Bertinoro, Italy, June 18\u201323, 2012. Advanced Lectures","author":"J Cabot","year":"2012","unstructured":"Cabot, J., Gogolla, M.: Object constraint language (OCL): a definitive guide. In: Bernardo, M., Cortellessa, V., Pierantonio, A. (eds.) Formal Methods for Model-Driven Engineering: 12th International School on Formal Methods for the Design of Computer, Communication, and Software Systems, SFM 2012, Bertinoro, Italy, June 18\u201323, 2012. Advanced Lectures, pp. 58\u201390. Springer, Berlin (2012). https:\/\/doi.org\/10.1007\/978-3-642-30982-3_3"},{"key":"1209_CR37","doi-asserted-by":"publisher","DOI":"10.1016\/j.ssci.2023.106080","volume":"162","author":"R Sadeghi","year":"2023","unstructured":"Sadeghi, R., Goerlandt, F.: A proposed validation framework for the system theoretic process analysis (STPA) technique. Saf. Sci. 162, 106080 (2023). https:\/\/doi.org\/10.1016\/j.ssci.2023.106080","journal-title":"Saf. Sci."},{"key":"1209_CR38","doi-asserted-by":"publisher","DOI":"10.1016\/j.ress.2021.107610","volume":"215","author":"S Khastgir","year":"2021","unstructured":"Khastgir, S., Brewerton, S., Thomas, J., Jennings, P.: Systems approach to creating test scenarios for automated driving systems. Reliab. Eng. Syst. Saf. 215, 107610 (2021). https:\/\/doi.org\/10.1016\/j.ress.2021.107610","journal-title":"Reliab. Eng. Syst. Saf."},{"key":"1209_CR39","doi-asserted-by":"publisher","unstructured":"Julian, K.D., Kochenderfer, M.J.: Guaranteeing safety for neural network-based aircraft collision avoidance systems. In: 2019 IEEE\/AIAA 38th Digital Avionics Systems Conference (DASC), pp.\u00a01\u201310 (2019) https:\/\/doi.org\/10.1109\/DASC43569.2019.9081748","DOI":"10.1109\/DASC43569.2019.9081748"}],"container-title":["Software and Systems Modeling"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10270-024-01209-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10270-024-01209-6\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10270-024-01209-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,2,28]],"date-time":"2025-02-28T08:26:43Z","timestamp":1740731203000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10270-024-01209-6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,9,13]]},"references-count":39,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2025,2]]}},"alternative-id":["1209"],"URL":"https:\/\/doi.org\/10.1007\/s10270-024-01209-6","relation":{},"ISSN":["1619-1366","1619-1374"],"issn-type":[{"value":"1619-1366","type":"print"},{"value":"1619-1374","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,9,13]]},"assertion":[{"value":"20 November 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"1 August 2024","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"2 August 2024","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"13 September 2024","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}