Regulating safety critical systems: a new approach to presenting safety arguments

The Goal Structuring Notation

The development, review and acceptance of an explicit 'safety case' forms a key component of the assurance and regulation of many safety critical systems, including those in the nuclear, defence, railway, automotive, medical device, and process industries. 

Industrial practice in safety case development prior to York's development of the Goal Structuring Notation (GSN) relied almost exclusively upon narrative text to communicate the safety argument within the safety case. This approach suffered from problems of lack of clarity, difficulty in comprehension, poor structure, and limited formalised development of 'case law' in safety argumentation.

GSN was developed and matured by York to tackle these problems directly, and is now used internationally by safety critical industries in a large number of domains including defence, transport, nuclear and medical devices.

https://www.youtube.com/watch?v=mi6AtO4s5RY

  • Developed by the High Integrity Systems Engineering Group
  • Researchers included Professor Tim Kelly and Professor John McDermid
  • Underpinning Research: Development of Notation and Method for Assurance Case Argumentation based upon concepts from Informal Logic, Notation and Method for Argumentation Patterns, Notation and Method for Modular Assurance Case Arguments 
  • Technology: Structured Graphical Argumentation used for the development of Safety Case arguments within safety critical industries
  • GSN is delivered through significant education and training through our courses in System Safety, and is referenced by several international safety standards and is a GSN standard.
  • Impact: GSN is used in large numbers of industrial safety cases across many domains including air traffic management, military aerospace and defence, off-shore oil and gas, space systems, medical systems, railways and automotive; Tool; Widespread GSN tool support; referenced by several international safety standards (e.g. ISO26262)

GSN impact case study (PDF  , 5,959kb)

 

Back