Two Decades of Assurance Case Tools: A Survey

  • Mike MaksimovEmail author
  • Nick L. S. Fung
  • Sahar Kokaly
  • Marsha Chechik
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11094)


In regulated safety-critical domains, such as the aerospace and nuclear domains, certification bodies often require systems to undergo a stringent safety assessment procedure to show their compliance to one or more safety standards. Assurance cases are an emerging way of communicating safety of a safety-critical system in a structured and comprehensive manner. Due to the significant complexity of the required materials, software tools are often used as a practical way of constructing assurance cases. This paper presents the first, to the best of our knowledge, systematic review of assurance case tools. Specifically, we provide a comprehensive list of assurance case tools developed over the past 20 years and an analysis of their functionalities.


Assurance case Tools Systematic literature review 



The work reported in this paper has been funded by General Motors and NSERC Canada. The authors thank Mark Lawford, Alan Wassyng and Tom Maibaum for many useful discussions about assurance cases.


  1. 1.
  2. 2.
    Impact case study - University of York.
  3. 3.
  4. 4.
  5. 5.
  6. 6.
    Goal Structuring Notation Working Group: GSN Community Standard Version 1, November 2011.
  7. 7.
    Object Management Group: Structured Assurance Case Metamodel (SACM) version 1.0. Formal, 01 February 2013 (2013)Google Scholar
  8. 8.
    Kitchenham, B.: Guidelines for Performing Systematic Literature Reviews in Software Engineering. Technical rep. EBSE-2007-01, EBSE (2007)Google Scholar
  9. 9.
    Aiello, M.A., Hocking, A.B., Knight, J.C., Rowanhill, J.C.: SCT: a safety case toolkit. In: Proceedings ISSRE 2014 Workshops, pp. 216–219 (2014)Google Scholar
  10. 10.
    Allan, J., Williams, J., Gander-Miller, G., Turner, M., Ballantyne, T., Harvey, J.: Safety case production. WIT Trans. Built Environ. 37 (1998)Google Scholar
  11. 11.
    Althammer, E., Schoitsch, E., Eriksson, H., Vinter, J.: The DECOS concept of generic safety cases - a step towards modular certification. In: Proceedings of SEAA 2009, pp. 537–545 (2009)Google Scholar
  12. 12.
    Ankrum, T.S., Kromholz, A.H.: Structured assurance cases: three common standards (presentation). In: Proceedings of HASE 2005, pp. 99–108 (2005)Google Scholar
  13. 13.
    Barry, M.R.: CertWare: a workbench for safety case production and analysis. In: Proceedings of Aerospace Conference 2011, pp. 1–10 (2011)Google Scholar
  14. 14.
    Bjornander, S., Land, R., Graydon, P., Lundqvist, K., Conmy, P.: A method to formally evaluate safety case arguments against a system architecture model. In: Proceedings of ISSREW 2012, pp. 337–342 (2012)Google Scholar
  15. 15.
    Bloomfield, R., Bishop, P.: Safety and assurance cases: past, present and possible future – an adelard perspective. In: Dale, C., Anderson, T. (eds.) Making Systems Safer, pp. 51–67. Springer, London (2010). Scholar
  16. 16.
    Calinescu, R., Weyns, D., Gerasimou, S., Iftikhar, M.U., Habli, I., Kelly, T.: Engineering trustworthy self-adaptive software with dynamic assurance cases. IEEE TSE PP(99), 1–30 (2017)Google Scholar
  17. 17.
    Cârlan, C., Barner, S., Diewald, A., Tsalidis, A., Voss, S.: ExplicitCase: integrated model-based development of system and safety cases. In: Tonetta, S., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2017. LNCS, vol. 10489, pp. 52–63. Springer, Cham (2017). Scholar
  18. 18.
    Cimatti, A., DeLong, R., Marcantonio, D., Tonetta, S.: Combining MILS with contract-based design for safety and security requirements. In: Koornneef, F., van Gulijk, C. (eds.) SAFECOMP 2015. LNCS, vol. 9338, pp. 264–276. Springer, Cham (2015). Scholar
  19. 19.
    Cruanes, S., Hamon, G., Owre, S., Shankar, N.: Tool integration with the evidential tool bus. In: Giacobazzi, R., Berdine, J., Mastroeni, I. (eds.) VMCAI 2013. LNCS, vol. 7737, pp. 275–294. Springer, Heidelberg (2013). Scholar
  20. 20.
    Denney, E., Pai, G.: Tool support for assurance case development. J. Autom. Softw. Eng. 25(3), 435–499 (2018)CrossRefGoogle Scholar
  21. 21.
    Fujita, H., Matsuno, Y., Hanawa, T., Sato, M., Kato, S., Ishikawa, Y.: DS-bench toolset: tools for dependability benchmarking with simulation and assurance. In: Proceedings of DSN 2012, pp. 1–8 (2012)Google Scholar
  22. 22.
    Fung, N.L.S., Kokaly, S., Di Sandro, A., Salay, R., Chechik, M.: MMINT-A: a tool for automated change impact assessment of assurance cases. In: Proceedings of SAFECOMP 2018 Workshops. Springer (2018, accepted for publication)Google Scholar
  23. 23.
    Gacek, A., Backes, J., Cofer, D., Slind, K., Whalen, M.: Resolute: an assurance case language for architecture models. In: Proceedings HILT 2014, pp. 19–28 (2014)Google Scholar
  24. 24.
    Górski, J., Jarzębowicz, A., Miler, J., Witkowicz, M., Czyżnikiewicz, J., Jar, P.: Supporting assurance by evidence-based argument services. In: Ortmeier, F., Daniel, P. (eds.) SAFECOMP 2012. LNCS, vol. 7613, pp. 417–426. Springer, Heidelberg (2012). Scholar
  25. 25.
    Groza, A., Marc, N.: Consistency checking of safety arguments in the goal structuring notation standard. In: Proceedings of ICCP 2014, pp. 59–66 (2014)Google Scholar
  26. 26.
    Huhn, M., Zechner, A.: Analysing dependability case arguments using quality models. In: Buth, B., Rabe, G., Seyfarth, T. (eds.) SAFECOMP 2009. LNCS, vol. 5775, pp. 118–131. Springer, Heidelberg (2009). Scholar
  27. 27.
    Kawakami, H., Ott, D., Wong, H.C., Dahab, R., Gallo, R.: ACBuilder: a tool for hardware architecture security evaluation. In: Proceedings of HOST 2016, pp. 97–102 (2016)Google Scholar
  28. 28.
    Kelly, T.P.: Arguing Safety: A Systematic Approach to Managing Safety Cases. Ph.D. thesis, Univ. of York, UK (1998)Google Scholar
  29. 29.
    Kelly, T., McDermid, J.: A systematic approach to safety case maintenance. J. Reliab. Eng. Syst. Saf. 1(3), 271–284 (2001)CrossRefGoogle Scholar
  30. 30.
    Laibinis, L., Troubitsyna, E., Prokhorova, Y., Iliasov, A., Romanovsky, A.: From requirements engineering to safety assurance: refinement approach. In: Li, X., Liu, Z., Yi, W. (eds.) SETTA 2015. LNCS, vol. 9409, pp. 201–216. Springer, Cham (2015). Scholar
  31. 31.
    Larrucea, X.: Modelling and certifying safety for cyber-physical systems: an educational experiment. In: Proceedings of SEAA 2016, pp. 198–205 (2016)Google Scholar
  32. 32.
    Larrucea, X., Walker, A., Colomo-Palacios, R.: Supporting the management of reusable automotive software. IEEE Softw. J. 34(3), 40–47 (2017)CrossRefGoogle Scholar
  33. 33.
    Lautieri, S., Cooper, D., Jackson, D., Cockram, T.: Assurance cases: how assured are you? In: Proceedings of DSN 2004 Supplemental Volume (2004)Google Scholar
  34. 34.
    Lewis, R.: Safety case development as an information modelling problem. In: Dale, C., Anderson, T. (eds.) Safety-Critical Systems: Problems, Process and Practice, pp. 183–193. Springer, London (2009). Scholar
  35. 35.
    Luo, Y., van den Brand, M., Li, Z., Saberi, A.: A systematic approach and tool support for GSN-based safety case assessment. J. Syst. Archit. 76(pp), 1–16 (2017)CrossRefGoogle Scholar
  36. 36.
    Luo, Y., van den Brand, M., Kiburse, A.: Safety case development with SBVR-based controlled language. In: Desfray, P., Filipe, J., Hammoudi, S., Pires, L.F. (eds.) MODELSWARD 2015. CCIS, vol. 580, pp. 3–17. Springer, Cham (2015). Scholar
  37. 37.
    Matsuno, Y., Takamura, H., Ishikawa, Y.: A dependability case editor with pattern library. In: Proceedings of HASE 2010, pp. 170–171 (2010)Google Scholar
  38. 38.
    Matsuno, Y.: D-case communicator: a web based GSN editor for multiple stakeholders. In: Tonetta, S., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2017. LNCS, vol. 10489, pp. 64–69. Springer, Cham (2017). Scholar
  39. 39.
    Nair, S., Walkinshaw, N., Kelly, T., de la Vara, J.L.: An evidential reasoning approach for assessing confidence in safety evidence. In: Proceedings of ISSRE 2015, pp. 541–552 (2015)Google Scholar
  40. 40.
    Netkachova, K., Netkachov, O., Bloomfield, R.: Tool Support for assurance case building blocks. In: Koornneef, F., van Gulijk, C. (eds.) SAFECOMP 2015. LNCS, vol. 9338, pp. 62–71. Springer, Cham (2015). Scholar
  41. 41.
    Newton, A., Vickers, A.: The benefits of electronic safety cases. In: Redmill, F., Anderson, T. (eds.) The Safety of Systems, pp. 69–82. Springer, London (2007). Scholar
  42. 42.
    Ratiu, D., Zeller, M., Killian, L.: Safety.Lab: model-based domain specific tooling for safety argumentation. In: Koornneef, F., van Gulijk, C. (eds.) SAFECOMP 2015. LNCS, vol. 9338, pp. 72–82. Springer, Cham (2015). Scholar
  43. 43.
    Retouniotis, A., Papadopoulos, Y., Sorokos, I., Parker, D., Matragkas, N., Sharvia, S.: Model-connected safety cases. In: Bozzano, M., Papadopoulos, Y. (eds.) IMBSA 2017. LNCS, vol. 10437, pp. 50–63. Springer, Cham (2017). Scholar
  44. 44.
    Sabetzadeh, M., Falessi, D., Briand, L., Di Alesio, S.: A goal-based approach for qualification of new technologies: foundations, tool support, and industrial validation. J. Reliab. Eng. Syst. Saf. 119(C), 52–66 (2013)CrossRefGoogle Scholar
  45. 45.
    Shida, S., Uchida, A., Ishii, M., Ide, M., Kuramitsu, K.: Assure-It: a runtime synchronization tool of assurance cases. In: SAFECOMP 2013 FastAbstract (2013)Google Scholar
  46. 46.
    Zhang, H., Babar, M.A., Tell, P.: Identifying relevant studies in software engineering. J. Inf. Soft. Technol. 53(6), 625–637 (2011)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Mike Maksimov
    • 1
    Email author
  • Nick L. S. Fung
    • 1
  • Sahar Kokaly
    • 2
  • Marsha Chechik
    • 1
  1. 1.University of TorontoTorontoCanada
  2. 2.McMaster UniversityHamiltonCanada

Personalised recommendations