Copyright DB Netz AG, licensed under CC-BY SA 3.0 DE (see full text in CC-BY-SA-3.0-DE)
ARCH.916 Incorporate risk control measures in the system needs
RCAMT-275
-
Define modelling rules in ARCH for expressing maximum allowed wrong-side failure rates
BACKLOG
RCAMT-616
-
Update of Input/Output for some ARCH process steps and improve understanding of incorporate risk control measures
Finished
Goal | Capture the definition set of functions, functional exchanges, information/data and states that are needed for risk control to achieve a system capability. |
---|---|
Requirements met by this process step | ISO 15288 6.4.3.3 b) 3 |
Inputs | AMOD-056 System functions and exchanges (single system capability) AMOD-058 Initial system exchange scenario AMOD-059 Initial system functional chain description AMOD-112 System common data objects [S.CDB] AMOD-113 System exchange items [S.CDB] AMOD-114 System interface definition AMOD-115 External interface behaviour [S.ES] AMOD-055 System functions to state allocation map [Matrix] (to be confirmed) AMOD-032 Allocated risk control measures |
Outputs | AMOD-056 System functions and exchanges (single system capability) (updated) AMOD-117 System exchange scenarios with risk control measures [S.ES] AMOD-118 System functional chain descriptions with risk control measures [SFCD] AMOD-112 System common data objects [S.CDB] (updated) AMOD-113 System exchange items [S.CDB] (updated) AMOD-114 System interface definition (updated) AMOD-115 External interface behaviour [S.ES] (updated) AMOD-055 System functions to state allocation map [Matrix] (updated) AMOD-060 System/actor states (updated) |
Methodology | Content
1. Update system functions with risk control measuresThis task updates AMOD-056 by implementing risk mitigations as follows: For every entry in the allocated risk control measures, where the risk mitigation specifies a new function, create a new function; create appropriate functional exchanges between the new function and existing functions; where the risk mitigation specifies a behavior contraint this should be documented in the description of the function where the risk mitigation specifies a non-functional attribute against a function on the current diagram capture the attribute(s) according to methods to be defined in
2. Create system exchange scenarios with risk control measuresThis task creates AMOD-117 by implementing risk mitigations as follows: Taking the initial exchange scenario as a base, create a new exchange scenario, now incorporating any new functions required to mitigate risks. See the chapter "Specific guidance for scenarios applicable at the system analysis" in Method for definition of scenarios for more guidance. 3. Create system functional chains with risk control measuresThis task creates AMOD-118 by implementing risk mitigations as follows: Taking the initial functional chain description as a base, create a new functional chain description, now incorporating any new functions required to mitigate risks. 4. Update system data with risk control measuresThis task updates AMOD-112 and AMOD-113 by implementing risk mitigations as follows: For every entry in the risk logs, where the risk mitigation specifies the need for additional system data items create new elements (exchange items, data objects as necessary) allocate new elements to appropriate exchanges between system functions where the risk mitigation specifies a non-functional attribute on system data capture the attribute(s) according to methods to be defined in
among others, examples are constraints on data separation, redundancy. 5. Update system interface model with risk control measuresThis task updates AMOD-114 and AMOD-115 by implementing risk mitigations as follows: For every entry in the allocated risk control measures, where the risk mitigation specifies new interface layers and/or behaviours during the delivery of the current system capability, these should be added to the relevant view (or, if necessary, new views should be created); where the risk mitigation specifies a non-functional attribute against an interface layer and/or behaviour on the current diagram capture the attribute(s) according to methods to be defined in
See the chapter "Specific guidance for scenarios applicable at the system analysis" in Method for definition of scenarios for more guidance. 6. Update system statesThis task updates AMOD-055 and AMOD-060 by implementing risk mitigations as follows: During risk assessment for a system exchange scenario, new states may be identified for the mitigation of a risk that arises during the delivery of the current system capability. Either update existing instances of view AMOD-060 or, where no statefulness was previously identified for an operational actor/entity, create a new one. |
Tools and non-human resources | Team for Capella |
Cardinality | Once per system capability |
Completion criteria |
|
Design review | ARCH.R.3 System capability review |
Step done by (Responsible) | Lead system architect |
Provides input to/assists (Contributes) |
|
Uses outputs (Informed) | RAMS manager |