Towards Recertification of Modular Updates in Integrated Maritime Systems of Systems

Abstract

The transformation of maritime navigation and control systems into an integrated System of Systems (SoS) consisting of a heterogeneous mixture of individual software-intense and safety-critical subsystems poses new challenges for the verification and validation of the overall system composition. Other than in traditional maritime architectures, the software-reliant structure of a SoS can be subject to change while already in operation, as features can be updated, errors can be fixed, or processes can be optimized. Thus, the alteration of a module on the system level necessitates the reassessment of compliance with the corresponding certification records. In this work, we present an approach on how the modules of a SoS can be associated through extended safety contracts with the corresponding safety case specification to verify the impact of a modification before deployment. Moreover, for each type of update (perfective, corrective, adaptive), the elements that need to be reassessed on the associated safety case are identified. Finally, the concept is established on a safety-critical module of the Maritime Traffic Alert and Collision Avoidance System (MTCAS) in order to assess the applicability of the developed approach.