Graphical Approach for Variability Management in Safety-Critical Product Lines

Abstract: The number and complexity of the systems realizing the functionality of the machines in the automotive domain are growing. In this arises the need for a systematic way to manage their development. As the technologies advance, the vehicles introduce an increasing range of capabilities. However, they have similar functions, which have the potential to be reused. One of the widely used approaches that manages the commonality and variability of the development artifacts in a systematic manner is Product Line Engineering (PLE). Consequently, PLE reduces the time to market and the development cost. The machines, realized in the automotive domain, interact with their operators and the surrounding environment. Possible malfunctions of the machines may introduce a risk of accidents with fatal consequences. Therefore, the products should be analyzed, developed and managed in a safe manner and certified according to different relevant safety standards like ISO 15998, ISO 61508 and ISO 26262. There is a diversity of functions in a Product Line (PL). Some of them are mandatory for all machines and others are optional for some models. This gives the opportunity to combine the functions in multiple configurations. However, not all combinations are possible due to dependencies among the functions. Furthermore, the configurations should be valid from a safety perspective, and the developed products should satisfy the requirements identified during the safety analysis. The above mentioned factors emphasize the need for explicit representation of the systems' characteristics, such as commonality and variability, functional dependencies and quality attributes. The purpose of the current work is to find an efficient way to satisfy this need. The scope of our research is limited to the automotive domain. In order to gain familiarity with the state of practice, we collaborated with Volvo Construction Equipment (Volvo CE) as an industrial partner. In particular, we: conducted an informal interview study with the practitioners, analyzed the requirements management tool used in Volvo CE and studied products typical for the domain in detail, examined the deliverables defined in the related domain specific safety standards. We gained knowledge on how variability is managed in an industrial context today, which safety aspects need to be considered and how functional safety artifacts are managed with regards to variability. We synthesized the characteristics that are explicitly represented during the development and safety certification of the products in a safety-critical product line. We identified the challenges that the practitioners meet today and the areas that need to be improved. As a result, we formulated evaluation criteria for search and assessment of possible solutions. Subsequently we searched in the literature for different modeling techniques, that are able to respond to the industrial needs, and found the following to be relevant in our context: Feature modeling techniques consider the different variability types and dependencies among the features. Model-based development techniques can represent different views of the system on each level of the development process. Orthogonal modeling techniques extract the variability and dependencies in a different view. Furthermore, we evaluated the methods found during the literature study, based on the proposed criteria. We concluded that the examined techniques alone cannot represent all characteristics needed to support the development of a safety-critical product line, especially the impact of the variability on the safety and vice versa. However, each of them focuses on the presentation of certain aspect of the product line, which can help in building a more complete representation. Thus we focused on the approaches that may be extended and integrated into a complete solution. As a result, we propose a model and graphical notation for variability management in safety-critical product lines, which takes the identified industrial needs into account. The concept is depicted graphically by several model-based diagrams, which represent the different aspects of the product line, on each development level. Special attention is paid to the representation of the safety and variability aspects of the systems. The method is exemplified on an industrial example, in order to show how it achieves the defined goals.