{"id":"https://openalex.org/W3211799410","doi":"https://doi.org/10.1109/models50736.2021.00028","title":"A Lean Approach to Building Valid Model-Based Safety Arguments","display_name":"A Lean Approach to Building Valid Model-Based Safety Arguments","publication_year":2021,"publication_date":"2021-10-01","ids":{"openalex":"https://openalex.org/W3211799410","doi":"https://doi.org/10.1109/models50736.2021.00028","mag":"3211799410"},"language":"en","primary_location":{"is_oa":false,"landing_page_url":"https://doi.org/10.1109/models50736.2021.00028","pdf_url":null,"source":null,"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false},"type":"article","type_crossref":"proceedings-article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5063484877","display_name":"Torin Viger","orcid":"https://orcid.org/0009-0000-2611-8670"},"institutions":[{"id":"https://openalex.org/I185261750","display_name":"University of Toronto","ror":"https://ror.org/03dbr7087","country_code":"CA","type":"education","lineage":["https://openalex.org/I185261750"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Torin Viger","raw_affiliation_strings":["University of Toronto, Canada"],"affiliations":[{"raw_affiliation_string":"University of Toronto, Canada","institution_ids":["https://openalex.org/I185261750"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046557118","display_name":"Logan Murphy","orcid":"https://orcid.org/0009-0001-1150-5704"},"institutions":[{"id":"https://openalex.org/I185261750","display_name":"University of Toronto","ror":"https://ror.org/03dbr7087","country_code":"CA","type":"education","lineage":["https://openalex.org/I185261750"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Logan Murphy","raw_affiliation_strings":["University of Toronto, Canada"],"affiliations":[{"raw_affiliation_string":"University of Toronto, Canada","institution_ids":["https://openalex.org/I185261750"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5033777906","display_name":"Alessio Di Sandro","orcid":"https://orcid.org/0000-0003-2429-4958"},"institutions":[{"id":"https://openalex.org/I185261750","display_name":"University of Toronto","ror":"https://ror.org/03dbr7087","country_code":"CA","type":"education","lineage":["https://openalex.org/I185261750"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Alessio Di Sandro","raw_affiliation_strings":["University of Toronto, Canada"],"affiliations":[{"raw_affiliation_string":"University of Toronto, Canada","institution_ids":["https://openalex.org/I185261750"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5073134853","display_name":"Ramy Shahin","orcid":"https://orcid.org/0000-0001-8724-3934"},"institutions":[{"id":"https://openalex.org/I185261750","display_name":"University of Toronto","ror":"https://ror.org/03dbr7087","country_code":"CA","type":"education","lineage":["https://openalex.org/I185261750"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Ramy Shahin","raw_affiliation_strings":["University of Toronto, Canada"],"affiliations":[{"raw_affiliation_string":"University of Toronto, Canada","institution_ids":["https://openalex.org/I185261750"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5079431306","display_name":"Marsha Che\u0107hik","orcid":"https://orcid.org/0000-0002-6301-3517"},"institutions":[{"id":"https://openalex.org/I185261750","display_name":"University of Toronto","ror":"https://ror.org/03dbr7087","country_code":"CA","type":"education","lineage":["https://openalex.org/I185261750"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Marsha Chechik","raw_affiliation_strings":["University of Toronto, Canada"],"affiliations":[{"raw_affiliation_string":"University of Toronto, Canada","institution_ids":["https://openalex.org/I185261750"]}]}],"institution_assertions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":2.969,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.888421,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":78,"max":81},"biblio":{"volume":null,"issue":null,"first_page":"194","last_page":"204"},"is_retracted":false,"is_paratext":false,"primary_topic":{"id":"https://openalex.org/T13295","display_name":"Safety Systems Engineering in Autonomy","score":0.9999,"subfield":{"id":"https://openalex.org/subfields/2213","display_name":"Safety, Risk, Reliability and Quality"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T13295","display_name":"Safety Systems Engineering in Autonomy","score":0.9999,"subfield":{"id":"https://openalex.org/subfields/2213","display_name":"Safety, Risk, Reliability and Quality"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9915,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10142","display_name":"Formal Methods in Verification","score":0.9845,"subfield":{"id":"https://openalex.org/subfields/1703","display_name":"Computational Theory and Mathematics"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/traceability","display_name":"Traceability","score":0.6642611},{"id":"https://openalex.org/keywords/safety-case","display_name":"Safety case","score":0.64758843},{"id":"https://openalex.org/keywords/argument","display_name":"Argument (complex analysis)","score":0.52512765}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.75502825},{"id":"https://openalex.org/C153876917","wikidata":"https://www.wikidata.org/wiki/Q899704","display_name":"Traceability","level":2,"score":0.6642611},{"id":"https://openalex.org/C2780234205","wikidata":"https://www.wikidata.org/wiki/Q2281276","display_name":"Safety case","level":2,"score":0.64758843},{"id":"https://openalex.org/C55439883","wikidata":"https://www.wikidata.org/wiki/Q360812","display_name":"Correctness","level":2,"score":0.6208753},{"id":"https://openalex.org/C108710211","wikidata":"https://www.wikidata.org/wiki/Q11538","display_name":"Mathematical proof","level":2,"score":0.5729078},{"id":"https://openalex.org/C98184364","wikidata":"https://www.wikidata.org/wiki/Q1780131","display_name":"Argument (complex analysis)","level":2,"score":0.52512765},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.5212189},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.45518348},{"id":"https://openalex.org/C206880738","wikidata":"https://www.wikidata.org/wiki/Q431667","display_name":"Automated theorem proving","level":2,"score":0.45479706},{"id":"https://openalex.org/C75606506","wikidata":"https://www.wikidata.org/wiki/Q1049183","display_name":"Formal methods","level":2,"score":0.4315154},{"id":"https://openalex.org/C111498074","wikidata":"https://www.wikidata.org/wiki/Q173326","display_name":"Formal verification","level":2,"score":0.41673243},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.34999365},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.31684017},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0},{"id":"https://openalex.org/C55493867","wikidata":"https://www.wikidata.org/wiki/Q7094","display_name":"Biochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"is_oa":false,"landing_page_url":"https://doi.org/10.1109/models50736.2021.00028","pdf_url":null,"source":null,"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.59,"display_name":"Peace, justice, and strong institutions","id":"https://metadata.un.org/sdg/16"}],"grants":[],"datasets":[],"versions":[],"referenced_works_count":31,"referenced_works":["https://openalex.org/W1464569014","https://openalex.org/W1513515524","https://openalex.org/W1537448361","https://openalex.org/W1561919121","https://openalex.org/W1572810132","https://openalex.org/W195085068","https://openalex.org/W1970488655","https://openalex.org/W1984936841","https://openalex.org/W1994350081","https://openalex.org/W2050779443","https://openalex.org/W2098230708","https://openalex.org/W2104725403","https://openalex.org/W2136310957","https://openalex.org/W2148662736","https://openalex.org/W2238711819","https://openalex.org/W2258135661","https://openalex.org/W2262684111","https://openalex.org/W2502486893","https://openalex.org/W26187284","https://openalex.org/W2753707546","https://openalex.org/W2774981561","https://openalex.org/W2804761755","https://openalex.org/W2895208382","https://openalex.org/W2950249629","https://openalex.org/W2981188613","https://openalex.org/W2990050232","https://openalex.org/W3080919791","https://openalex.org/W3095618058","https://openalex.org/W3196417018","https://openalex.org/W3211799410","https://openalex.org/W34866348"],"related_works":["https://openalex.org/W2391979747","https://openalex.org/W2166178773","https://openalex.org/W2152752131","https://openalex.org/W2078866556","https://openalex.org/W2036449508","https://openalex.org/W1946493810","https://openalex.org/W1922520186","https://openalex.org/W161255303","https://openalex.org/W1544097700","https://openalex.org/W1488573418"],"abstract_inverted_index":{"In":[0,107],"recent":[1],"decades,":[2],"cyber-physical":[3],"systems":[4,30,60],"developed":[5],"using":[6,113],"Model-Driven":[7],"Engineering":[8],"(MDE)":[9],"techniques":[10],"have":[11,61],"become":[12],"ubiquitous":[13],"in":[14,40,89,161],"safety-critical":[15],"domains.":[16],"Safety":[17],"assurance":[18],"cases":[19],"(ACs)":[20],"are":[21,31,43,54],"structured":[22],"arguments":[23,42,53,125],"designed":[24],"to":[25,48,56,86,103,119],"comprehensively":[26],"show":[27],"that":[28,150],"such":[29],"safe;":[32],"however,":[33],"the":[34,114,121,140,166,194,197,205],"reasoning":[35],"steps,":[36],"or":[37],"strategies,":[38],"used":[39],"AC":[41,52,83,135],"often":[44],"informal":[45,177],"and":[46,58,100,126,144,147,187],"difficult":[47],"rigorously":[49],"evaluate.":[50],"Consequently,":[51],"prone":[55],"fallacies,":[57],"unsafe":[59],"been":[62],"deployed":[63],"as":[64],"a":[65,78,174],"result":[66],"of":[67,80,95,139,165,176,189,196],"fallacious":[68],"ACs.":[69,92],"To":[70],"mitigate":[71],"this":[72,108],"problem,":[73],"prior":[74],"work":[75],"[32]":[76],"created":[77],"set":[79],"provably":[81],"valid":[82],"strategy":[84],"templates":[85,97],"guide":[87],"developers":[88],"building":[90],"rigorous":[91,127],"Yet":[93],"instantiations":[94],"these":[96],"remain":[98],"error-prone":[99],"still":[101],"need":[102],"be":[104],"reviewed":[105],"manually.":[106],"paper,":[109],"we":[110],"report":[111],"on":[112,199],"interactive":[115],"theorem":[116],"prover":[117],"Lean":[118,181],"bridge":[120],"gap":[122],"between":[123,142],"safety":[124,145,201],"model-based":[128],"reasoning.":[129],"We":[130,192],"generate":[131],"formal,":[132],"modelbased":[133],"machine-checked":[134],"arguments,":[136],"taking":[137],"advantage":[138],"traceability":[141],"model":[143,168],"artifacts,":[146],"mitigating":[148],"errors":[149],"could":[151],"arise":[152],"from":[153,204],"manual":[154],"argument":[155],"assessment.":[156],"The":[157],"approach":[158,198],"is":[159],"implemented":[160],"an":[162],"extended":[163],"version":[164],"MMINT-A":[167],"management":[169],"tool":[170],"[10].":[171],"Implementation":[172],"includes":[173],"conversion":[175],"claims":[178],"into":[179,184],"formal":[180,185],"properties,":[182],"decomposition":[183],"sub-properties":[186],"generation":[188],"correctness":[190],"proofs.":[191],"demonstrate":[193],"applicability":[195],"two":[200],"case":[202],"studies":[203],"literature.":[206]},"cited_by_api_url":"https://api.openalex.org/works?filter=cites:W3211799410","counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":3}],"updated_date":"2025-01-16T05:39:55.917528","created_date":"2021-11-22"}