Validation of Graphically Elicited Multi-variate Probability Models for Safety Assessment of Computer-based Systems
Sponsored by EPSRC-ROPA (Realising Our Potential). March 2000 - February 2002.
Funding to CSR, City University: £155,813
Summary: As in the case of other non-trivial software-based systems, we must assume that failure of safety critical systems is possible, and attempt to discover whether or not, in the case of each system, failure is sufficiently unlikely for the system to be licensed for operational use. There are a number of special features of complex, software-based, safety-critical systems which contribute to the difficulty of assessing their dependability. There is insufficient objective statistical evidence to assure - by testing, or from actual operation of related systems in related environments - that the required level of reliability has been achieved in the case of a new system. For this reason, safety assessors turn to other sources of evidence in an attempt to increase their assurance that such a system is fit for purpose. These other sources might include measurable evidence relating to the quality of the requirements elicitation and design processes, or to the competence of development personnel; as well as the use of more subjective expert assessment of these and other factors. In taking account of much of this evidence, there will not always be scientifically accepted or widely agreed relationships and causal models on which to rely.
This project attempts to investigate the contribution that graphical probability models or "belief networks" might make to these problems. In particular it focuses on:
- Examining and comparing the value of alternative graphical formalisms such as Directed Acyclic Graphs, Undirected Graphs and Chain Graphs. In particular we hope that use of these multiple formalisms might increase our assurance that the builders and users of such graphical models understand the "system of conditional independence assumptions" depicted by such graphs as fully and correctly as possible.
- The development of automated methods of providing a multiplicity of forms of feedback of the structure, assumptions and consequences of such graphical probability models. We intend that this model feedback should include automatically computed symbolic (as well as numeric) forms of model output. In these ways we aim to develop methods of deepening a safety assessment expert's appreciation of, and interaction with, the formal conditional-independence model expressed by a graphical formalism, and hence gaining confidence that such models, ultimately and after appropriate adjustment, can become a valuable aid to and a fair representation of the coherent beliefs of such experts.
CSR Staff: Prof Bev Littlewood (Principal Investigator), Prof Lorenzo Strigini, Mr David Wright.
For further information, contact: Prof Bev Littlewood (b.littlewood@csr.city.ac.uk) Tel: 020 7040 8420 (from UK), or +44 20 7040 8420 (outside UK)