Papers by Luiz Eduardo Galvão Martins
Uni-REPM SCS
Proceedings of the XVIII Brazilian Symposium on Software Quality
Context: Software is an important part in safety-critical system (SCS) development since it is be... more Context: Software is an important part in safety-critical system (SCS) development since it is becoming a major source of hazards. Software has been responsible to implement innovative and complex functions and to send instructions to the hardware. Requirements-related hazards have been associated with many accidents and safety incidents. Requirements issues tend to be mitigated in companies with high processes maturity levels since they adopt good practices from software engineering in a systematic, consistent and proactive way. However, requirements engineers need systematic guidance to consider safety concerns early in the development process. Objective: This thesis investigates which safety practices/actions are suitable to be used in the Requirements Engineering process of SCS as well as to propose a safety maturity model to this area. Method: A set of empirical studies were used in this work. The data collection was done through systematic literature review and case studies. We followed the Design Science methodology to propose Uni-REPM SCS, a safety module for Unified Requirements Engineering Process Maturity Model (Uni-REPM), and the technology transfer framework to perform the safety module validation. Besides, comprehensive literature review was also conducted to provide background and support for the empirical studies. Results: The safety module has seven main processes, 14 sub-processes and 148 safety actions describing principles and practices that form the basis of safety processes maturity. Moreover, we describe its usage through a tool. We conducted a static validation with two practitioners and nine academic experts to evaluate its coverage, correctness, usefulness and applicability. Furthermore, we performed a dynamic validation with seven industry practitioners to evaluate the safety maturity level of seven industry projects. Conclusions: The validation indicates a good coverage of practices and good receptivity by the experts. Finally, the module can help companies in evaluating their current practices as well as offers a step-wise improvement strategy to reach higher maturity.
Recomendações para a certificação e validação de equipamentos médicos no contexto dos processos de gestão da inovação: estudo de caso com bomba de infusão de insulina
Práticas de gestão da inovação - Volume 2
GERSE: Guia para Elicitação de Requisitos de Sistemas Embarcados
ABSTRACT The projects with embedded systems are used for many different purposes, being a major c... more ABSTRACT The projects with embedded systems are used for many different purposes, being a major challenge for the community of developers of such systems. As we benefit from technological advances the complexity of designing an embedded system increases significantly. This paper presents GERSE, a guideline to requirements elicitation of embedded systems. Despite of advances in the area of embedded systems, there is a shortage of requirements elicitation techniques that meet the particularities of this area. The contribution of GERSE is to improve the capture process and organization of the requirements of embedded systems projects. Resumo. Os projetos de sistemas embarcados são desenvolvidos para as mais diversas finalidades, apresentando-se como um grande desafio para a comunidade de desenvolvedores de software. Na medida em que nos beneficiamos dos avanços tecnológicos, a complexidade dos sistemas embarcados tem aumentado de forma significativa. Neste artigo apresentamos o GERSE, um guia para elicitação de requisitos de sistemas embarcados. Apesar dos avanços na área de sistemas embarcados, nota-se uma escassez de técnicas de elicitação de requisitos que atendam às particularidades desta área. A contribuição do GERSE vem no sentido de melhorar o processo de captura e organização dos requisitos em projetos de sistemas embarcados.
How assurance case development and requirements engineering interplay: a study with practitioners
Requirements Engineering, 2022
Safe-RE
Proceedings of the XXXII Brazilian Symposium on Software Engineering, 2018
Context: The development of Safety-Critical Systems (SCS) requires an adequate understanding of s... more Context: The development of Safety-Critical Systems (SCS) requires an adequate understanding of safety terms to avoid the specification of poor, incomplete or unclear safety requirements. However, there are some misunderstandings, mostly by requirements engineers, about the definition of such concepts. Hence, integration of safety concerns in the Requirements Engineering (RE) and a common nomenclature is necessary to improve the specification of these systems. Objective: To fill this gap, this paper presents Safe-RE, a safety requirements metamodel based on industry safety standards whose aim is to support the specification of safety-related concepts in the RE process. Method: We rely on safety standards as a basis for our work since companies must follow them to have their systems certified. Results: To illustrate the Safe-RE metamodel usage, we applied its concepts in an insulin infusion pump system. Conclusions: We hope that Safe-RE can contribute to improving the elicitation and specifications of such systems and therefore, reducing accidents and safety-related catastrophes. We also discuss some benefits we envision of using the metamodel, its limitations, and open issues.
Diabetes mellitus is a metabolic disease characterized by high levels of blood glucose; in severe... more Diabetes mellitus is a metabolic disease characterized by high levels of blood glucose; in severe cases of diabetes, insulin infusion pumps are prescribed as treatment. Infusion pumps are automated devices with the purpose to simulate the functioning of the organism of a healthy person regarding the production and delivery of insulin, as this is a medical device, its operation must be reliable enough to avoid any risk to the patient’s health and well-being. The aim of this article is to conduct a systematic literature review to investigate and perceive what are the risks implicated for the user of insulin infusion pumps also understand how safety and functional requirements for these devices have been treated, developed and studied.
A Software Audit Model for Safety-Critical Domains
Nowadays, the use of software considered complex and critical is growing in several sectors of th... more Nowadays, the use of software considered complex and critical is growing in several sectors of the industry, such as aeronautics with its various systems embedded in aircraft and the medical one with its increasingly advanced medical devices. As part of this research, the different software models were considered, and standards in the aeronautical (DO-178C) and medical (IEC 62304) were studied regarding their guidelines and requirements for safety-critical software development. A software audit model has been proposed with the activities that are necessary for conducting safety-critical software auditing, as well as a set of questions for software auditing developed using DO-178C has been proposed and evaluated by software experts to ensure its maturity and efficiency. The objective of the proposed software audit model is to ensure that the software developed complies with the applicable standard, allowing the auditor the necessary flexibility in the scope of the audit without the n...
A Process Model based on STAMP for Collecting and Management of Safety Evidence
Safety evidence collection is an essential activity for companies that develop safety-critical sy... more Safety evidence collection is an essential activity for companies that develop safety-critical systems (SCS), software intensive product (SIP) and service development (SD). The collected evidence of safety along the SCS development are used during the certification process to show the auditors that the systems, software, services and products developed are safe. In this article we discuss the importance for the companies to have a robust safety evidence collection process. We discuss the use of STAMP as a basis to build a comprehensive safety evidence collection and management process that also correspond and do not conflict with agile methodologies. We believe that a proper integration between product development and evidence gathering process can be achieved by adopting STAMP as the basis for a full safety evidence collection and management process.
Context: Safety-critical systems (SCS) must be carefully planned since inadequate or misunderstoo... more Context: Safety-critical systems (SCS) must be carefully planned since inadequate or misunderstood requirements have been recognized as the major cause of safety-related catastrophes. Objective: We investigate the inte- gration and requirements communication in the requirements engineering (RE) process among different parties when developing SCS. Method: We used a Sys- tematic Mapping Study as the basis for our work. Results: We analyze several aspects such as challenges, domain, requirements activity, languages, tools, sta- keholders involved, communication format, and safety standards. Conclusions: This information contributes to setting up possible collaborative networks and as a reference when developing new research projects.
This paper presents the requirements for a more flexible and adaptable Software Audit Model and i... more This paper presents the requirements for a more flexible and adaptable Software Audit Model and its associated adaptable checklist to conduct a software audit. This flexibility allows applying the SAM independently of the software development life cycle chosen. The initial proposed SAM will enable us to evaluate, integrate, and adapt the Stages of Involvement in different software development cycles based on the events necessary for aircraft certification with safety-critical software.
IEEE Transactions on Software Engineering, 2020
Software is an important part in safetycritical system (SCS) development since it is becoming a m... more Software is an important part in safetycritical system (SCS) development since it is becoming a major source of hazards. Requirements-related hazards have been associated with many accidents and safety incidents. Requirements issues tend to be mitigated in companies with high processes maturity levels since they do their business in a systematic, consistent and proactive approach. However, requirements engineers need systematic guidance to consider safety concerns early in the development process. Goal: the paper investigates which safety practices are suitable to be used in the Requirements Engineering (RE) process for SCS and how to design a safety maturity model for this area. Method: we followed the design science methodology to propose Uni-REPM SCS, a safety module for Unified Requirements Engineering Process Maturity Model (Uni-REPM). We also conducted a static validation with two practitioners and nine academic experts to evaluate its coverage, correctness, usefulness and applicability. Results: The module has seven main processes, fourteen sub-processes and 148 practices that form the basis of safety processes maturity. Moreover, we describe its usage through a tool. Conclusions: The validation indicates a good coverage of practices and well receptivity by the experts. Finally, the module can help companies in evaluating their current practices.
Anais do I Brazilian Workshop on Large-scale Critical Systems (BWare 2019), 2019
Context: traditional hazard analysis techniques were not proposed to be used in the Requirements ... more Context: traditional hazard analysis techniques were not proposed to be used in the Requirements Engineering (RE) process. Objective: The aim of this work is to present and discuss a new method for early safety requirements specification called SARSSi* to be used at the beginning of the development of safety-critical systems. Method: this goal is achieved through the combination of two techniques: (1) STAMP/STPA; and (2) i* language. Results: this paper attempts to bridge the gap between two parallel trends in systematic safety approaches – the combination of requirements and safety engineering techniques. Our method consists of six steps and guidelines to perform a preliminary hazard analysis and facilitate the systematic identification of safety-critical functions and components. Conclusions: We demonstrate the utility of our method by applying it in a real industry case study. The initial results show preliminary suitability of our method and its contribution to improving the vis...
Development of a Low-Cost Insulin Infusion Pump: Lessons Learned from an Industry Case
2015 IEEE 28th International Symposium on Computer-Based Medical Systems, 2015
In the last 30 years there have been great advances in technology for diabetes treatment, which f... more In the last 30 years there have been great advances in technology for diabetes treatment, which facilitated the management of the disease and its complications. Among the advances we can mention the development of insulin infusion pump. However, diabetes treatment using the insulin pump still remains expansive in Brazil, especially because the device and its accessories are imported. The aim of this paper is to report a prototype development of a low-cost insulin infusion pump aimed to benefit Brazilian people suffering with Diabetes Mellitus type 1. The prototype development is a result from a cooperation between Brazilian academy and industry. We comment the development of such a prototype and the lessons learned obtained from it.
This paper presents an overview about a Brazilian research towards requirements engineering proce... more This paper presents an overview about a Brazilian research towards requirements engineering process for embedded systems. The scientific contributions reported throughout the paper are concerned to templates, guidelines and tools developed during the last four years. These artifacts can help to narrow the existing gap between hardware and software embedded system teams. We brifely describe two requirements specification templates, named TERASE and CAMA, and one requirements elicitation guide, named GERSE which is supported by a software tool called Zaki.
A case study using a protocol to derive safety functional requirements from Fault Tree Analysis
2014 IEEE 22nd International Requirements Engineering Conference (RE), 2014
State-of-the-art in Requirements Engineering offers many frameworks and techniques to enable requ... more State-of-the-art in Requirements Engineering offers many frameworks and techniques to enable requirements engineers in their work. However, for critical systems there are gaps in state-of-the-art, and these can result in dire consequences, potentially putting lives in danger and damage infrastructure and threaten the environment. A well known technique used to help requirements engineers to understand safety hazards situations in the context of safety-critical software is Fault Tree Analysis (FTA). This technique is a good one to decompose hazards identified in the system context into events that may put the system functionalities in risk. However, FTA does not offer a protocol of how to derive safety functional requirements from fault trees. In this paper we present a case study adopting a protocol to help requirements engineers to derive safety functional requirements from FTA. The proposed protocol was based on a study performed in a Brazilian company in the area of electronic medical devices. The development of prototype of a low cost insulin infusion pump, which is a critical system, offered the basis to propose and test a protocol to derive safety functional requirements from FTA. During the case study we collected evidences that help us to discuss if FTA is sufficient to guide software engineers to implement the corresponding control software and also if FTA offers enough information to help requirements engineers to derive safety functional requirements.
Mobile apps for the treatment of diabetes patients: a systematic review
Research on Biomedical Engineering, 2021
The incidence of diabetes mellitus (DM) is a significant and growing health problem for all count... more The incidence of diabetes mellitus (DM) is a significant and growing health problem for all countries, regardless of their development level. Providing mobile computing solutions that assist the patients in their daily treatment routine can be an excellent ally. This systematic review aims to assess how mobile apps for DM treatment follow-up can contribute to improving patients’ quality of life. We searched the bases ACM Digital Library, PubMed, Springer Link, IEEE Explore, and Science Direct databases. We obtained 1608 primary studies; 1485 were used in the screening phase and 791 in the full screening phase, resulting in 106 articles for data extraction from 2013 to 2018. We have identified the main functionalities and characteristics necessary for an application for managing DM, such as automation and ease of data collection. We found that apps for type 1 DM help treat patients, facilitate the collection and access to data, and allow better daily monitoring of treatment.
Uploads
Papers by Luiz Eduardo Galvão Martins