Leveraging Change Patterns and Software Traceability to Support the Evolution of Safety-Critical Systems

Software evolution relates to the activity and phenomenon of software change. Constant changes are inevitable in large software systems including safety-critical systems for which failure may result in death or serious injury to humans, damage to property and/or environmental harm. Therefore, to ensure safety, such systems undergo a rigorous certification process before their release. The certification process commonly happens in discrete and costly steps and, once certified, the system is commonly closed to changes and adaption to avoid the need for re-certification. This effect is referred to as the \Big Freeze' problem. In this dissertation, I describe my contribution to enhance evolution in software-intensive systems, especially those with safety-critical implications, in order to address this problem. Enhanced evolution in such systems facilitates a continual assessment of safety during the maintenance phase of their development life cycle. First, I identified patterns of change within software artifacts and patterns of co-evolution between pairs of artifact types, particularly requirements and source code, across multiple versions of a software system. Second, I exploited these identified patterns to implement a Trace Link Evolver (TLE) to detect these change scenarios which occurred between subsequent versions of a system. TLE then uses a corresponding set of link evolution heuristics and automatically evolves trace links between requirements and source code as changes are introduced to the system. Experimental results showed TLE achieves significantly higher accuracy than existing approaches which reconstruct trace links from scratch after the change. Third, I evaluated TLE's scalability in industrial contexts with large open source software projects. A prototype Eclipse plugin was developed by a team of undergraduate students to show how TLE algorithms might be integrated into an IDE environment. I developed a prototype visualization tool which illustrates the evolution of trace links and their associated classes and features, in the form of a graph, by leveraging the links generated by TLE. TLE visualization provides developers with information they need to understand the evolution history, rationales, and underlying functionality of classes in the source code. Historical data has shown that problems with the correctness and completeness of environmental assumptions contribute to many accidents in safety-critical systems. Therefore, in my final contribution, I extended the focus from the co-evolution of requirements and code, by additionally exploring changes in environmental assumptions and faults. The goal was to diagnose problematic change patterns in safety artifacts across versions of a system. In the approach named Assumption Diagnostics and Rationale Process (ADRP), existing trace links are exploited to reason about the likelihood that assumptions are missing or incorrectly retained in the new software product. ADRP generates a report containing useful information for a safety analyst to assess validity of environmental assumptions. ADRP finally recommends mitigation steps if a problem with assumptions is diagnosed. Evaluation results showed ADRP consistently diagnosed problematic assumptions. In summary, this dissertation describes my contributions to enhance change propagation across subsequent versions of software-intensive safety-critical systems. The ultimate goal is to minimize the human errors and manual e ort required to evolve software and safety artifacts.