Conversation
github-actions
bot
added
documentation
aschemmel-tech
force-pushed
the
aschemmel-tech-risk-analysis
branch
from
9b803b0 to
e9426c3
Compare
|
@hoe-jo asked for informal OSS review before PR creation - confirmed |
masc2023
left a comment
masc2023
left a comment
There was a problem hiding this comment.
Readability very much increased, left some improvement comments, What about the TBD, ?, shall they followed-up in another PRs, links to tickets?
TSF/docs/risk_analysis.rst
Outdated
| The software under analysis (SUA) is the **header-only C++ JSON library `nlohmann/json` (v3.12.0)**, with: | ||
|
|
||
| - **Implementation** | ||
| - primary include `include/nlohmann/json.hpp` (and internal headers under `include/nlohmann/detail/**`) |
There was a problem hiding this comment.
impr proposal: add direct link to the folder including 2 hpps files
TSF/docs/risk_analysis.rst
Outdated
|
|
||
| Assumptions of Use are captured in the TSF elements: | ||
|
|
||
| - `TA-CONSTRAINTS` → `AOU-01..AOU-31` |
| Two use cases should be considered: | ||
|
|
||
| - Configuration of the system during startup phase | ||
| - Use of JSON encoded data during normal operation of the system |
There was a problem hiding this comment.
is there anything to consider for shutdown, unforeseen crashes? Even if there is nothing to consider, adding this information to complete the documentation, that it has been considered
There was a problem hiding this comment.
Added reasoning why not taken into account.
TSF/docs/risk_analysis.rst
Outdated
|
|
||
| This step records the **Controller (Functional) Constraints (CFC)** derived from the UCA results. This adds to the above constraint table | ||
|
|
||
| .. list-table:: CFCs |
There was a problem hiding this comment.
Controller (Functional) Constraints (CFCs)
TSF/docs/risk_analysis.rst
Outdated
|
|
||
| The UCA identified in the above analysis are: | ||
|
|
||
| .. list-table:: UCAs |
TSF/docs/risk_analysis.rst
Outdated
| - Non availability of return data is treated by the caller (e.g. by default data, or safe state). | ||
| - - | ||
| - UCA-I1-ML; UCA-I3-ML | ||
| - ? |
There was a problem hiding this comment.
So this is not covered yet by TSF, correct?
There was a problem hiding this comment.
added link to bug ticket
TSF/docs/risk_analysis.rst
Outdated
| ^^^^^^^^^^^^^^^^^ | ||
|
|
||
| In TSF terms, misbehaviours are **anything that can cause a deviation from Expected Behaviour** (`TA-MISBEHAVIOURS_CONTEXT.md`). | ||
| JLS-24 partly but not fully covers C2. As this misbehaviour leads to an exception, this needs to be covered by the user (see AOU-04). |
There was a problem hiding this comment.
improv. proposal: readability improved by direkt links to the JLS-24 and AOU-04, etc. mentioned here
TSF/docs/risk_analysis.rst
Outdated
| 9.2 Expectations | ||
| ^^^^^^^^^^^^^^^^ | ||
|
|
||
| Here, expectations are recorded as explicit, change-controlled statements about the SUA where it is responsible for preventing or mitigating a risk (Hazard, UCA, Causal Scenario) or Misbehaviour. The key SUA expectations already exist as TSF Expectation (`JLEX-02`). |
TSF/docs/risk_analysis.rst
Outdated
|
|
||
|
|
||
| 2. Purpose of the analysis | ||
| 1. Purpose of the analysis |
There was a problem hiding this comment.
I think this should still be 2. as the next topic is 2.1?
There was a problem hiding this comment.
somehow my editor tricks me here, hopefully fixed
aschemmel-tech
force-pushed
the
aschemmel-tech-risk-analysis
branch
2 times, most recently
from
7c70800 to
7adc905
Compare
github-project-automation
bot
moved this from In Progress
to On Hold
in BAS - Baselibs FT
aschemmel-tech
force-pushed
the
aschemmel-tech-risk-analysis
branch
from
7adc905 to
3e04f29
Compare
3 participants
STPA risk analysis as proposed by TSF
Reduced complexity by tailoring.
Base was #23.