Reusing a Functional Safety Concept in Variable System Architectures

Product line engineering is applied in many engineering domains. It is used to save development time by reusing system components in an organized way. While developing safety critical systems this approach is complicated by the fact, that safety concepts on higher abstraction levels need to be fulfilled by the different variants of the system. This typical leads to the creation of individual safety concepts for each variant or the analysis of the fulfillment of the safety concepts by all variants, both very costly efforts. In this paper we present an approach to enable multiple variants to use one common functional safety concept, while having different technical implementations at the low level. We specify safety properties such as potential faults and failure propagation as well as independence assumptions on them for the functional components as well as for technical ones. This information is used to create constraints for the variability models allowing only to configure safe variants. We focus on detecting the violation of independence assumption due to allocation decisions that are typically mainly driven by functional needs, disregarding safety properties. An implementation based on the tool pure::variants and the SAFE framework is presented that creates variants based on EAST-ADL and AUTOSAR.