eclipse-score · crimson11 · Mar 16, 2026 · Mar 19, 2026 · Mar 20, 2026
@@ -50,7 +50,7 @@ filegroup(
         "@//score/mw/com/requirements/safety_analysis/root_causes:general",
         "@//score/mw/com/requirements/safety_analysis/root_causes/proxy:root_causes_proxy",
         "@//score/mw/com/requirements/safety_analysis/root_causes/skeleton:root_causes_skeleton",
-        "@//score/mw/com/requirements/safety_analysis/root_causes/smart_pointer_sample_allocate_ptr:smart_pointer_sample_allocate_ptr",
+        "@//score/mw/com/requirements/safety_analysis/root_causes/smart_pointer:smart_pointer_fta",
     ],
     visibility = ["//visibility:public"],
 )

@@ -351,3 +351,21 @@ ScoreReq.AoU EnsureTheIntegrityAndReliabilityOfCommunication {
     version = 1
     mitigates = ""
 }
+
+/* added for method FMEA */
+
+ScoreReq.AoU NoGuaranteesForTimelyMethodCallExecution {
+    description = "It shall be ensured that a blocking method call will not harm a safety goal."
+    safety = ScoreReq.Asil.B
+    note = "It is not guaranteed that a method call initiated by the caller will arrive at the callee, neither in which latency this will happen. It is also not guaranteed, that the completion of the call is notified to the caller at all, neither in which latency this will happen. This is caused by underlying OS/HW safety claims - see also [NoGuaranteesForNotifications]. The runtime of a user-provided method-handler is not supervised at all."
+    version = 1
+    mitigates = "Communication.CallBlocksOnCaller, Communication.CallBlocksOnCallee, Communication.CallBlocksOnUserHandler"
+}
+
+ScoreReq.PreventiveMeasure MethodInArgPtrMatches {
+    description = "It shall be ensured that the memory locations of the method call in-arguments provided at the caller side are exactly the same as the memory locations as used at the callee side."
+    safety = ScoreReq.Asil.B
+    note = "It is not guaranteed that a method call initiated by the caller will arrive at the callee, neither in which latency this will happen. It is also not guaranteed, that the completion of the call is notified to the caller at all, neither in which latency this will happen. This is caused by underlying OS/HW safety claims - see also [NoGuaranteesForNotifications]."
+    version = 1
+    mitigates = "Communication.CallBlocksOnCaller, Communication.CallBlocksOnCallee, Communication.CallBlocksOnUserHandler"
+}
@@ -14,6 +14,7 @@
 filegroup(
     name = "root_causes_proxy",
     srcs = [
+        "//score/mw/com/requirements/safety_analysis/root_causes/proxy/call_method:call_method_fta",
         "//score/mw/com/requirements/safety_analysis/root_causes/proxy/construction:construction_fta",
         "//score/mw/com/requirements/safety_analysis/root_causes/proxy/find_service:service_not_found_fta",
         "//score/mw/com/requirements/safety_analysis/root_causes/proxy/find_service:wrong_service_found_fta",

@@ -0,0 +1,22 @@
+# *******************************************************************************
+# Copyright (c) 2025 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# SPDX-License-Identifier: Apache-2.0
+# *******************************************************************************
+
+filegroup(
+    name = "call_method_fta",
+    srcs = [
+        "call_blocks_fta.puml",
+        "wrong_in_args_provided_fta.puml",
+        "wrong_results_used_fta.puml",
+    ],
+    visibility = ["//visibility:public"],
+)
@@ -0,0 +1,26 @@
+' *******************************************************************************
+' Copyright (c) {year} Contributors to the Eclipse Foundation
+'
+' See the NOTICE file(s) distributed with this work for additional
+' information regarding copyright ownership.
+'
+' This program and the accompanying materials are made available under the
+' terms of the Apache License Version 2.0 which is available at
+' https://www.apache.org/licenses/LICENSE-2.0
+'
+' SPDX-License-Identifier: Apache-2.0
+' *******************************************************************************
+
+@startuml
+
+!include ../../../../../../../../third_party/traceability/doc/sample_library/safety_analysis/fta_metamodel.puml
+
+$TopEvent("Method Call blocks", "Communication.CallBlocks")
+
+$OrGate("Gate1", "TopEvent")
+$BasicEvent("Method call blocks in message-passing at the caller side -> send blocked", "Communication.BlocksOnCaller", "Gate1")
+$BasicEvent("Method call blocks in user-handler at the callee side", "Communication.CallBlocksOnUserHandler", "Gate1")
+$BasicEvent("Method call blocks in reply at the callee side -> send blocked ", "Communication.CallBlocksOnCallee", "Gate1")
+
+
+@enduml
@@ -0,0 +1,32 @@
+' *******************************************************************************
+' Copyright (c) {year} Contributors to the Eclipse Foundation
+'
+' See the NOTICE file(s) distributed with this work for additional
+' information regarding copyright ownership.
+'
+' This program and the accompanying materials are made available under the
+' terms of the Apache License Version 2.0 which is available at
+' https://www.apache.org/licenses/LICENSE-2.0
+'
+' SPDX-License-Identifier: Apache-2.0
+' *******************************************************************************
+
+@startuml
+
+!include ../../../../../../../../third_party/traceability/doc/sample_library/safety_analysis/fta_metamodel.puml
+
+$TopEvent("Wrong input arguments provided", "Communication.WrongInArgsProvided")
+
+$OrGate("Gate1", "TopEvent")
+
+$IntermediateEvent("Caller did not/only partially provide InArgs", "Event1", "Gate1")
+$OrGate("Gate2", "Event1")
+$BasicEvent("Call signalled before InArgs completely provided", "Event2", "Gate2")
+$BasicEvent("Caller provided InArgs in wrong location", "Event4", "Gate2")
+
+$IntermediateEvent("Caller provided wrong InArgs", "Event5", "Gate1")
+$OrGate("Gate4", "Event5")
+$BasicEvent("Caller provided InArgs in wrong layout", "Communication.InArgsWrongLayout", "Gate4")
+$BasicEvent("Caller updates InArgs concurrently after call signalling", "Communication.InArgsUpdateAfterCall", "Gate4")
+
+@enduml
@@ -0,0 +1,26 @@
+' *******************************************************************************
+' Copyright (c) {year} Contributors to the Eclipse Foundation
+'
+' See the NOTICE file(s) distributed with this work for additional
+' information regarding copyright ownership.
+'
+' This program and the accompanying materials are made available under the
+' terms of the Apache License Version 2.0 which is available at
+' https://www.apache.org/licenses/LICENSE-2.0
+'
+' SPDX-License-Identifier: Apache-2.0
+' *******************************************************************************
+
+@startuml
+
+!include ../../../../../../../../third_party/traceability/doc/sample_library/safety_analysis/fta_metamodel.puml
+
+$TopEvent("Wrong call result used", "Communication.WrongResultsUsed")
+
+$OrGate("Gate1", "TopEvent")
+$BasicEvent("Caller used result from wrong location", "Event10", "Gate1")
+$BasicEvent("Caller used result in wrong layout", "Event11", "Gate1")
+$BasicEvent("Caller used result before fully provided", "Event12", "Gate1")
+$BasicEvent("Caller used result while concurrently updated", "Event13", "Gate1")
+
+@enduml
@@ -19,6 +19,9 @@ filegroup(
         "//score/mw/com/requirements/safety_analysis/root_causes/skeleton/creation:creation_of_skeleton_not_possible_fta",
         "//score/mw/com/requirements/safety_analysis/root_causes/skeleton/destruction:no_resources_freed_fta",
         "//score/mw/com/requirements/safety_analysis/root_causes/skeleton/destruction:wrong_resources_freed_fta",
+        "//score/mw/com/requirements/safety_analysis/root_causes/skeleton/handle_method_call:wrong_in_args_used_fta",
+        "//score/mw/com/requirements/safety_analysis/root_causes/skeleton/handle_method_call:wrong_method_called_fta",
+        "//score/mw/com/requirements/safety_analysis/root_causes/skeleton/handle_method_call:wrong_results_provided_fta",
         "//score/mw/com/requirements/safety_analysis/root_causes/skeleton/offer_a_service:offers_already_offered_service_fta",
         "//score/mw/com/requirements/safety_analysis/root_causes/skeleton/offer_a_service:only_partially_offered_fta",
         "//score/mw/com/requirements/safety_analysis/root_causes/skeleton/offer_a_service:service_offered_under_wrong_id_fta",

@@ -12,26 +12,25 @@
 # *******************************************************************************
 
 filegroup(
-    name = "does_not_free_resources_on_destruction_fta",
+    name = "wrong_in_args_used_fta",
     srcs = [
-        "does_not_free_resources_on_destruction_fta.puml",
+        "wrong_in_args_used_fta.puml",
     ],
     visibility = ["//visibility:public"],
 )
 
 filegroup(
-    name = "returns_wrong_data_fta",
+    name = "wrong_method_called_fta",
     srcs = [
-        "returns_wrong_data_fta.puml",
+        "wrong_method_called_fta.puml",
     ],
     visibility = ["//visibility:public"],
 )
 
 filegroup(
-    name = "smart_pointer_sample_allocate_ptr",
+    name = "wrong_results_provided_fta",
     srcs = [
-        ":does_not_free_resources_on_destruction_fta",
-        ":returns_wrong_data_fta",
+        "wrong_results_provided_fta.puml",
     ],
     visibility = ["//visibility:public"],
 )
@@ -0,0 +1,32 @@
+' *******************************************************************************
+' Copyright (c) {year} Contributors to the Eclipse Foundation
+'
+' See the NOTICE file(s) distributed with this work for additional
+' information regarding copyright ownership.
+'
+' This program and the accompanying materials are made available under the
+' terms of the Apache License Version 2.0 which is available at
+' https://www.apache.org/licenses/LICENSE-2.0
+'
+' SPDX-License-Identifier: Apache-2.0
+' *******************************************************************************
+
+@startuml
+
+!include ../../../../../../../../third_party/traceability/doc/sample_library/safety_analysis/fta_metamodel.puml
+
+$TopEvent("Wrong input arguments used", "Communication.WrongInArgsUsed")
+
+$OrGate("Gate1", "TopEvent")
+$IntermediateEvent("Callee used wrong InArgs", "Event1", "Gate1")
+$IntermediateEvent("Callee used corrupted InArgs", "Event2", "Gate1")
+$OrGate("Gate2", "Event1")
+$OrGate("Gate3", "Event2")
+$BasicEvent("Callee used InArgs from wrong location", "Event3", "Gate2")
+$BasicEvent("Callee used InArgs before being provided", "Event4", "Gate2")
+
+$BasicEvent("Callee used InArgs in wrong layout", "Event5", "Gate3")
+$BasicEvent("Callee used InArgs while concurrently updated", "Event6", "Gate3")
+$BasicEvent("InArgs corrupted by 3d party", "Event7", "Gate3")
+
+@enduml
@@ -0,0 +1,28 @@
+' *******************************************************************************
+' Copyright (c) {year} Contributors to the Eclipse Foundation
+'
+' See the NOTICE file(s) distributed with this work for additional
+' information regarding copyright ownership.
+'
+' This program and the accompanying materials are made available under the
+' terms of the Apache License Version 2.0 which is available at
+' https://www.apache.org/licenses/LICENSE-2.0
+'
+' SPDX-License-Identifier: Apache-2.0
+' *******************************************************************************
+
+@startuml
+
+!include ../../../../../../../../third_party/traceability/doc/sample_library/safety_analysis/fta_metamodel.puml
+
+$TopEvent("Wrong method called", "Communication.WrongMethodCalled")
+
+$OrGate("Gate1", "TopEvent")
+$IntermediateEvent("MethodId mismatch provider/consumer", "Event2", "Gate1")
+$IntermediateEvent("Wrong user handler called", "Event4", "Gate1")
+$IntermediateEvent("Wrongly configured", "Event3", "Event2")
+$TransferIn("Transfer2", "Event3")
+$BasicEvent("User Handler assignment wrong", "Communication.UserMethodCallHandlerAssignmentWrong", "Event4")
+$BasicEvent("MethodId corrupted", "Event5", "Event2")
+
+@enduml
@@ -0,0 +1,32 @@
+' *******************************************************************************
+' Copyright (c) {year} Contributors to the Eclipse Foundation
+'
+' See the NOTICE file(s) distributed with this work for additional
+' information regarding copyright ownership.
+'
+' This program and the accompanying materials are made available under the
+' terms of the Apache License Version 2.0 which is available at
+' https://www.apache.org/licenses/LICENSE-2.0
+'
+' SPDX-License-Identifier: Apache-2.0
+' *******************************************************************************
+
+@startuml
+
+!include ../../../../../../../../third_party/traceability/doc/sample_library/safety_analysis/fta_metamodel.puml
+
+$TopEvent("Wrong call result provided", "Communication.WrongResultsProvided")
+$OrGate("Gate1", "TopEvent")
+$IntermediateEvent("Callee did provide no result", "Event3", "Gate1")
+$IntermediateEvent("Callee did provide wrong result", "Event4", "Gate1")
+$OrGate("Gate3", "Event3")
+$OrGate("Gate4", "Event4")
+$BasicEvent("Callee signalled call finished before or without providing result completely", "Event5", "Gate3")
+$BasicEvent("Callee provided result in wrong location", "Event8", "Gate3")
+
+$BasicEvent("Callee provided result in wrong layout", "Event9", "Gate4")
+$BasicEvent("Callee concurrently updates result after signaling it", "Event11", "Gate4")
+
+
+
+@enduml
@@ -0,0 +1,21 @@
+# *******************************************************************************
+# Copyright (c) 2025 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# SPDX-License-Identifier: Apache-2.0
+# *******************************************************************************
+
+filegroup(
+    name = "smart_pointer_fta",
+    srcs = [
+        "//score/mw/com/requirements/safety_analysis/root_causes/smart_pointer/method_signature_element_ptr:method_signature_element_ptr_fta",
+        "//score/mw/com/requirements/safety_analysis/root_causes/smart_pointer/sample_ptr_sample_allocate_ptr",
+    ],
+    visibility = ["//visibility:public"],
+)
@@ -0,0 +1,21 @@
+# *******************************************************************************
+# Copyright (c) 2025 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# SPDX-License-Identifier: Apache-2.0
+# *******************************************************************************
+
+filegroup(
+    name = "method_signature_element_ptr_fta",
+    srcs = [
+        "failure_freeing_resources_on_destruction_fta.puml",
+        "points_to_wrong_data_fta.puml",
+    ],
+    visibility = ["//visibility:public"],
+)
@@ -0,0 +1,25 @@
+' *******************************************************************************
+' Copyright (c) {year} Contributors to the Eclipse Foundation
+'
+' See the NOTICE file(s) distributed with this work for additional
+' information regarding copyright ownership.
+'
+' This program and the accompanying materials are made available under the
+' terms of the Apache License Version 2.0 which is available at
+' https://www.apache.org/licenses/LICENSE-2.0
+'
+' SPDX-License-Identifier: Apache-2.0
+' *******************************************************************************
+
+@startuml
+
+!include ../../../../../../../../third_party/traceability/doc/sample_library/safety_analysis/fta_metamodel.puml
+
+$TopEvent("Failure freeing resources on destruction", "Communication.MethodSignatureElementPtrFailsToFree")
+
+$OrGate("Gate1", "TopEvent")
+$BasicEvent("Does not free method signature element", "Event1", "Gate1")
+$IntermediateEvent("Frees wrong method signature element", "Event2", "Gate1")
+$BasicEvent("Overwrite of element in use", "Communication.ChangingStateFails", "Event2")
+
+@enduml
@@ -0,0 +1,29 @@
+' *******************************************************************************
+' Copyright (c) {year} Contributors to the Eclipse Foundation
+'
+' See the NOTICE file(s) distributed with this work for additional
+' information regarding copyright ownership.
+'
+' This program and the accompanying materials are made available under the
+' terms of the Apache License Version 2.0 which is available at
+' https://www.apache.org/licenses/LICENSE-2.0
+'
+' SPDX-License-Identifier: Apache-2.0
+' *******************************************************************************
+
+@startuml
+
+!include ../../../../../../../../third_party/traceability/doc/sample_library/safety_analysis/fta_metamodel.puml
+
+$TopEvent("Points to wrong data", "Communication.MethodSignatureElementPtrWrongTarget")
+
+$OrGate("Gate1", "TopEvent")
+$IntermediateEvent("Shared Memory no longer valid", "Event2", "Gate1")
+$BasicEvent("Life-Cycle issues", "Communication.LifeCycleIssues", "Event2")
+$IntermediateEvent("Wrong memory location referenced", "Event3", "Gate1")
+$OrGate("Gate2", "Event3")
+$BasicEvent("References valid memory outside shared-memory", "Event4", "Gate2")
+$BasicEvent("References valid memory inside shared-memory", "Event5", "Gate2")
+$BasicEvent("References invalid memory", "Event6", "Gate2")
+
+@enduml