Confidence in dynamic assurance cases

Files

Diemert_Simon_PhD_2026.pdf (7.99 MB)

Date

2026

Authors

Diemert, Simon

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

Assuring safety- and security-critical systems is a necessary activity, both prior to deployment (at “design-time”) and during system operation (at “run-time”). The need for assurance is heightened as these systems increasingly depend on artificial intelligence and adaptation strategies to handle uncertainty in their operating environments. Assurance Cases (ACs) that incorporate structured arguments and supporting evidence are an important tool for establishing trust in critical systems. Modern ACs are not static documents: they are increasingly viewed as dynamic models of “through-life” assurance and are used for decision-making at both design- and run-time. These Dynamic Assurance Cases (DACs) incorporate dynamic sources of evidence and “live” data from development activities or operations (e.g., safety performance indicators). However, a question arises during their use: “are we confident in the claim(s) made by this version of the case?” While several methods exist to assess confidence in ACs, there is limited knowledge about their adoption by practitioners. Additionally, there are several limitations of quantitative methods, including: 1) an inability to consider the impact of dynamic aspects on confidence; 2) an inability to account for dialectic reasoning (i.e., “de-featers”); and 3) challenges related to subjectivity, interpretability, precision, and modelling nuanced reasoning. The overall objective of this work is to develop a new confidence assessment method that is grounded in the needs of practitioners and addresses the limitations mentioned above. Towards this objective, the main contribution of this dissertation is a new mixed (qualitative and quantitative) method for AC confidence assessment called Certus. With this method, confidence in an AC is modelled using vague, but linguistically meaningful, expressions (e.g., “I have very high belief that this claim is true”). A domain specific language is used to describe the propagation of belief through a structured argument to produce an overall belief valuation for the AC. Certus supports dialectic reasoning and can condition belief assessments on the availability of evidence and the value of performance indicators. The use of the language is guided by a methodology that integrates with the existing practices for developing (D)ACs. A denotational semantics for the language provides a formal basis for assessment. The language and method are evaluated through a series of analyses and a case study to demonstrate that they possess properties related to trustworthiness, including: propagation stability, sensitivity, expressivity, scalability, and applicability to DACs.

Description

Keywords

cyberphysical systems, safety, security, assurance, assurance case, confidence assessment, fuzzy sets, self-adaptive systems

Citation

URI

https://hdl.handle.net/1828/23808

Collections

Electronic Theses and Dissertations (ETD)
 
University of Victoria Libraries

We acknowledge and respect the Lək̓ʷəŋən (Songhees and Esquimalt) Peoples on whose territory the university stands, and the Lək̓ʷəŋən and W̱SÁNEĆ Peoples whose historical relationships with the land continue to this day.