Towards Systematic Compliance Evaluation Using Safety-Oriented Process Lines and Evidence Mapping

The role of software is growing in safety related systems. This underlines the need for software process assessment in many safety-critical domains. For example, the nuclear power industry has strict safety requirements for control systems and many methods are applied to evaluate compliance to domain specific standards and requirements. This paper discusses the needs of the nuclear domain and presents alternatives to develop a process assessment method that takes into account domain specific requirements. The aim is to provide an approach that facilitates the use of assessment findings in evaluating compliance with the domain requirements and supports other assurance needs. Safety-oriented Process Line Engineering (SoPLE) is studied as a method for mapping assessment criteria to domain specific requirements. A binary distance metric is used to evaluate, how far a process mapping based method would solve problems found in compliance evaluation. Based on the results, SoPLE is applicable in this case, but process mapping is not adequate to facilitate compliance evaluation.