eclipse-score · aschemmel-tech · Mar 26, 2026
@@ -44,6 +44,20 @@ Static Architecture
 
       {{ draw_component(need(), needs) }}
 
+.. comp_arc_sta:: Bit Manipulation Static view
+   :id: comp_arc_sta__baselibs__bit_manipulation
+   :security: NO
+   :safety:  ASIL_B
+   :status: valid
+   :fulfils: comp_req__bitmanipulation__bit_operations,comp_req__bitmanipulation__byte_operations,comp_req__bitmanipulation__bitmask_operators,comp_req__bitmanipulation__bounds_safety,comp_req__bitmanipulation__header_only
+   :belongs_to: comp__baselibs_bit_manipulation
+
+   .. needarch::
+      :scale: 50
+      :align: center
+
+      {{ draw_component(need(), needs) }}
+
 Interfaces
 ----------
 

@@ -44,6 +44,20 @@ Static Architecture
 
       {{ draw_component(need(), needs) }}
 
+.. comp_arc_sta:: Concurrency Static view
+   :id: comp_arc_sta__baselibs__concurrency
+   :security: YES
+   :safety:  ASIL_B
+   :status: valid
+   :fulfils: comp_req__concurrency__task_interface, comp_req__concurrency__task_cancellation, comp_req__concurrency__simple_task, comp_req__concurrency__task_result, comp_req__concurrency__periodic_task, comp_req__concurrency__delayed_task, comp_req__concurrency__executor_interface, comp_req__concurrency__thread_pool, comp_req__concurrency__condition_variable, comp_req__concurrency__interruptible_wait, comp_req__concurrency__notification, comp_req__concurrency__synchronized_queue, comp_req__concurrency__long_running_threads, comp_req__concurrency__memory_usage_control, comp_req__concurrency__memory_reservation, comp_req__concurrency__thread_count_reporting, comp_req__concurrency__operation_timeout, comp_req__concurrency__error_handling
+   :belongs_to: comp__baselibs_concurrency
+
+   .. needarch::
+      :scale: 50
+      :align: center
+
+      {{ draw_component(need(), needs) }}
+
 Interfaces
 ----------
 

@@ -28,6 +28,8 @@ concurrency
 
    architecture/index.rst
    requirements/index.rst
+   safety_analysis/fmea.rst
+   safety_analysis/dfa.rst
 
 Abstract
 ========

@@ -266,6 +266,9 @@ Assumptions of Use (AoU)
    :status: valid
 
    Users shall implement appropriate synchronization mechanisms when sharing state between tasks, as the library only guarantees thread-safe task submission and execution scheduling.
-
-.. needextend:: "__concurrency" in id
+
+.. needextend:: "__concurrency__" in id
+   :+tags: baselibs
+
+.. needextend:: "__concurrency__" in id
    :+tags: concurrency
@@ -0,0 +1,50 @@
+..
+   # *******************************************************************************
+   # Copyright (c) 2025 Contributors to the Eclipse Foundation
+   #
+   # See the NOTICE file(s) distributed with this work for additional
+   # information regarding copyright ownership.
+   #
+   # This program and the accompanying materials are made available under the
+   # terms of the Apache License Version 2.0 which is available at
+   # https://www.apache.org/licenses/LICENSE-2.0
+   #
+   # SPDX-License-Identifier: Apache-2.0
+   # *******************************************************************************
+
+
+DFA (Dependent Failure Analysis)
+================================
+
+.. document:: concurrency DFA
+   :id: doc__concurrency_dfa
+   :status: draft
+   :safety: ASIL_B
+   :security: NO
+   :realizes: wp__sw_component_dfa
+
+.. note:: Use the content of the document to describe e.g. why a fault model is not applicable for the diagram.
+
+
+Dependent Failure Initiators
+----------------------------
+
+.. code-block:: rst
+
+    .. comp_saf_dfa:: <Title>
+       :violates: <Component architecture>
+       :id: comp_saf_dfa__<Component>__<Element descriptor>
+       :failure_id: <ID from DFA failure initiators :need:`gd_guidl__dfa_failure_initiators`>
+       :failure_effect: "description of failure effect of the failure initiator on the element"
+       :mitigated_by: <ID from Component Requirement | ID from AoU Component Requirement>
+       :mitigation_issue: <ID from Issue Tracker>
+       :sufficient: <yes|no>
+       :status: <valid|invalid>
+
+.. note::   argument is inside the 'content'. Therefore content is mandatory
+
+.. attention::
+    The above directive must be updated according to your component DFA.
+
+    - The above "code-block" directive must be updated
+    - Fill in all the needed information in the <brackets>
@@ -0,0 +1,50 @@
+..
+   # *******************************************************************************
+   # Copyright (c) 2025 Contributors to the Eclipse Foundation
+   #
+   # See the NOTICE file(s) distributed with this work for additional
+   # information regarding copyright ownership.
+   #
+   # This program and the accompanying materials are made available under the
+   # terms of the Apache License Version 2.0 which is available at
+   # https://www.apache.org/licenses/LICENSE-2.0
+   #
+   # SPDX-License-Identifier: Apache-2.0
+   # *******************************************************************************
+
+
+FMEA (Failure Modes and Effects Analysis)
+=========================================
+
+.. document:: concurrency FMEA
+   :id: doc__concurrency_fmea
+   :status: draft
+   :safety: ASIL_B
+   :security: NO
+   :realizes: wp__sw_component_fmea
+
+.. note:: Use the content of the document to describe e.g. why a fault model is not applicable for the diagram.
+
+
+Failure Mode List
+-----------------
+
+.. code-block:: rst
+
+    .. comp_saf_fmea:: <Title>
+       :violates: <Component architecture>
+       :id: comp_saf_fmea__<Component>__<Element descriptor>
+       :fault_id: <ID from fault model :need:`gd_guidl__fault_models`>
+       :failure_effect: "description of failure effect of the fault model on the element"
+       :mitigated_by: <ID from Component Requirement | ID from AoU Component Requirement>
+       :mitigation_issue: <ID from Issue Tracker>
+       :sufficient: <yes|no>
+       :status: <valid|invalid>
+
+.. note::   argument is inside the 'content'. Therefore content is mandatory
+
+.. attention::
+    The above directive must be updated according to your component FMEA.
+
+    - The above "code-block" directive must be updated
+    - Fill in all the needed information in the <brackets>
@@ -38,6 +38,19 @@ Static Architecture
    :tags: baselibs_containers
    :implements: logic_arc_int__baselibs__dynamic_array, logic_arc_int__baselibs__intrusive_list
 
+   .. needarch::
+      :scale: 50
+      :align: center
+
+      {{ draw_component(need(), needs) }}
+
+.. comp_arc_sta:: Containers Static view
+   :id: comp_arc_sta__baselibs__containers
+   :security: YES
+   :safety:  ASIL_B
+   :status: valid
+   :fulfils: comp_req__containers__dynamic_array, comp_req__containers__intrusive_list, comp_req__containers__type_safety, comp_req__containers__non_relocatable_vector, comp_req__containers__deterministic_behavior
+   :belongs_to: comp__baselibs_containers
 
     .. needarch::
       :scale: 50

@@ -94,7 +94,6 @@ Assumptions of Use (AoU)
    :security: NO
    :safety: ASIL_B
    :status: valid
-   :tags: inspected
 
    The user shall verify sufficient capacity or handle allocation failures before insertion operations to prevent exceeding container limits and undefined behavior.
 
@@ -104,7 +103,6 @@ Assumptions of Use (AoU)
    :security: NO
    :safety: ASIL_B
    :status: valid
-   :tags: inspected
 
    The user shall ensure that iterators are not used after operations that invalidate them and refresh iterators after modifying operations.
 
@@ -114,7 +112,6 @@ Assumptions of Use (AoU)
    :security: NO
    :safety: ASIL_B
    :status: valid
-   :tags: inspected
 
    The user shall ensure that elements stored in containers remain valid throughout their lifetime in the container, and for intrusive containers, that element objects are not destroyed or moved while contained within the container.
 
@@ -124,7 +121,6 @@ Assumptions of Use (AoU)
    :security: NO
    :safety: ASIL_B
    :status: valid
-   :tags: inspected
 
    The user shall implement external synchronization mechanisms when accessing or modifying container objects from multiple threads concurrently, as the library provides no internal thread safety guarantees.
 
@@ -134,7 +130,6 @@ Assumptions of Use (AoU)
    :security: NO
    :safety: ASIL_B
    :status: valid
-   :tags: inspected
 
    The user shall ensure that all index-based access operations use valid indices within the container's current size range to prevent out-of-bounds access and undefined behavior.
 
@@ -144,7 +139,6 @@ Assumptions of Use (AoU)
    :security: NO
    :safety: ASIL_B
    :status: valid
-   :tags: inspected
 
    The user shall verify container state before performing operations that depend on specific states, such as checking if a container is non-empty before accessing elements.
 
@@ -154,7 +148,6 @@ Assumptions of Use (AoU)
    :security: NO
    :safety: ASIL_B
    :status: valid
-   :tags: inspected
 
    The user shall provide sufficient memory resources for all container operations.
 
@@ -164,7 +157,6 @@ Assumptions of Use (AoU)
    :security: NO
    :safety: ASIL_B
    :status: valid
-   :tags: inspected
 
    The user shall ensure that element types are copy constructible, move constructible and destructible, and additionally for intrusive containers that they provide the required intrusive node members.
 

@@ -22,3 +22,4 @@ Safety Management
    module_codeowners
    module_safety_plan_fdr
    module_safety_package_fdr
+   module_safety_analysis_fdr
@@ -0,0 +1,90 @@
+..
+   # *******************************************************************************
+   # Copyright (c) 2026 Contributors to the Eclipse Foundation
+   #
+   # See the NOTICE file(s) distributed with this work for additional
+   # information regarding copyright ownership.
+   #
+   # This program and the accompanying materials are made available under the
+   # terms of the Apache License Version 2.0 which is available at
+   # https://www.apache.org/licenses/LICENSE-2.0
+   #
+   # SPDX-License-Identifier: Apache-2.0
+   # *******************************************************************************
+
+
+Safety Analysis Checklist
+=========================
+
+.. document:: Baselibs Safety Analysis Checklist
+   :id: doc__baselibs_safety_analysis_fdr
+   :status: draft
+   :safety: ASIL_B
+   :security: YES
+   :realizes: wp__fdr_reports
+
+**Purpose**
+
+The purpose of this Safety Analysis (DFA and FMEA) checklist template is to collect the topics to be checked during verification of the Safety Analysis.
+
+**Conduct**
+
+As described in :need:`wf__p_formal_rv`, the formal document review is performed by an "external" safety manager:
+
+- reviewer: <committer with safety manager skills explicitly named here>
+
+**Checklist**
+
+Please note that the "passed" column must contain "yes" or "no" for each checklist item. Additionally, the remarks column must explain why item passed or did not passed. In case of "no" an issue link to the issue tracking system has to be added in the last column.
+
+.. list-table:: Safety Analysis Checklist
+      :header-rows: 1
+      :widths: 10,10,30,30,20
+
+      * - ID
+        - Safety analysis activity
+        - Compliant to ISO 26262?
+        - Reference
+        - Comment
+
+      * - 1
+        - Is it plausible that each potential identified dependent failure that has been identified, will lead to a dependent failure which cause a violation of FFI?
+        - [YES | NO ]
+        - :need:`[[title]] <std_req__iso26262__analysis_742>`
+        - <Rationale for result>
+
+      * - 2
+        - Are the failure initiators :need:`[[title]] <gd_guidl__dfa_failure_initiators>` / fault models :need:`[[title]] <gd_guidl__fault_models>` applied?
+        - [YES | NO ]
+        - :need:`[[title]] <std_req__iso26262__analysis_744>`
+        - <Rationale for result>
+
+      * - 3
+        - Are measures defined to resolute the identified potential dependent failures?
+        - [YES | NO ]
+        - :need:`[[title]] <std_req__iso26262__analysis_746>`, :need:`[[title]] <std_req__iso26262__analysis_747>`
+        - <Rationale for result>
+
+      * - 4
+        - Is the result of the safety analysis indicate if the safety requirements are complied?
+        - [YES | NO ]
+        - :need:`[[title]] <std_req__iso26262__analysis_842>`
+        - <Rationale for result>
+
+      * - 5
+        - Are for all not complied safety requirements mitigations defined to resolute the non-compliance? The mitigations shall have a direct influence on the violation by prevention, detection or mitigation to reduce the risk to an acceptable level.
+        - [YES | NO ]
+        - :need:`[[title]] <std_req__iso26262__analysis_843>`
+        - <Rationale for result>
+
+      * - 6
+        - Are the mitigations effective and implemented?
+        - [YES | NO ]
+        - :need:`[[title]] <std_req__iso26262__analysis_844>`
+        - <Rationale for result>
+
+      * - 7
+        - Are the templates for DFA and/or FMEA used? See :need:`gd_temp__comp_saf_dfa` and :need:`gd_temp__comp_saf_fmea`
+        - [YES | NO ]
+        - :need:`[[title]] <std_req__iso26262__analysis_748>`, :need:`[[title]] <std_req__iso26262__analysis_849>`, :need:`[[title]] <std_req__iso26262__analysis_8410>`
+        - <Rationale for result>