Safety Manual#

Note

Document header

Baselibs Safety Manual
status: draft
security: NO
safety: ASIL_B
tags: baselibs
realizes: wp__module_safety_manual
doc__baselibs_safety_manual
Generic Document

Introduction/Scope#

This is the safety manual for baselibs module which is a collection of several utilities of common use.

Assumed Platform Safety Requirements#

For the Baselibs module the following safety related stakeholder requirements are assumed to define the top level functionality (purpose) of the module. I.e. from these all the feature and component requirements implemented are derived.

This means that not all baselibs libraries and language API are provided in ASIL B. So for Baselibs the definition of the assumed safety requirement(s) of each of the ASIL B libraries are defined in the following feature requirements:

Assumptions of Use#

Assumptions on the Environment#

Generally the assumption of the project platform SEooC is that it is integrated in a safe system, i.e. the POSIX OS it runs on is qualified and also the HW related failures are taken into account by the system integrator, if not otherwise stated in the module’s safety concept.
The platform-wide AoUs are collected in SW-platform Assumptions (doc__platform_assumptions)

To support Safety matching (aou_req__platform__safety_matching):
<List here all the OS/libcxx calls the module expects to be safe.>

List of additional AoUs expected from the environment the module runs on:

No needs passed the filters

Assumptions on the User#

As there is no assumption on which specific OS and HW is used, the integration testing of the stakeholder and feature requirements is expected to be performed by the user of the platform SEooC. Tests covering all stakeholder and feature requirements performed on a reference platform (tbd link to reference platform specification), reviewed and passed are included in the platform SEooC safety case.
Additionally the components of the platform may have additional specific assumptions how they are used. These are part of every module documentation: <link to add>. Assumptions from components to their users can be fulfilled in two ways:
1. There are assumption which need to be fulfilled by all SW components, e.g. “every user of an IPC mechanism needs to make sure that he provides correct data (including appropriate ASIL level)” - in this case the AoU is marked as “platform”.
2. There are assumption which can be fulfilled by a safety mechanism realized by some other project platform component and are therefore not relevant for an user who uses the whole platform. But those are relevant if you chose to use the module SEooC stand-alone - in this case the AoU is marked as “module”. An example would be the “JSON read” which requires “The user shall provide a string as input which is not corrupted due to HW or QM SW errors.” - which is covered when using together with safe project platform persistency feature.

List of AoUs on the user of the module of this safety manual:

Title

ID

Status

Access control

aou_req__json__access_control

valid

Bitmask Enum Value Constraints

aou_req__bitmanipulation__enum_constraints

valid

Check Capacity

aou_req__containers__capacity_management

valid

Container State Verification

aou_req__containers__state_verification

valid

Cooperative Cancellation Handling

aou_req__concurrency__coop_cancellation

valid

Element Lifetime and Ownership

aou_req__containers__element_lifetime

valid

Element Type Requirements

aou_req__containers__ele_type_requirements

valid

Error Domain Implementation

aou_req__result__error_domain_implementation

valid

Error Handling

aou_req__filesystem__error_handling

valid

Error Reaction and Safe State

aou_req__result__error_reaction

valid

External Synchronization Required for Concurrent Access

aou_req__bitmanipulation__concurrent_access

valid

FlatBuffers access control

aou_req__flatbuffers__access_control

valid

FlatBuffers buffer verification before access

aou_req__flatbuffers__verify_structure

valid

FlatBuffers buffer version check before access

aou_req__flatbuffers__verify_version

valid

FlatBuffers data integrity

aou_req__flatbuffers__data_integrity

valid

Index Bounds Checking

aou_req__containers__bounds_checking

valid

Integral Type Constraints

aou_req__bitmanipulation__type_constraints

valid

Iterator Validity

aou_req__containers__iterator_validity

valid

JSON data integrity

aou_req__json__data_integrity

valid

Low-Level Use Only

aou_req__filesystem__low_level_use_only

valid

Memory Management on Task Submission Failure

aou_req__concurrency__memory_management

valid

Memory Resource Management

aou_req__containers__memory_management

valid

Path Validation

aou_req__filesystem__path_validation

valid

Performance

aou_req__filesystem__performance

valid

Resource Lifetime

aou_req__result__resource_lifetime

valid

Result Value Handling

aou_req__result__value_handling

valid

Supported Path Formats

aou_req__filesystem__supported_path_formats

valid

Thread Pool Sizing

aou_req__concurrency__thread_pool_sizing

valid

Thread Safety

aou_req__result__thread_safety

valid

Thread Safety

aou_req__filesystem__thread_safety

valid

Thread Safety

aou_req__concurrency__thread_safety

valid

Thread Safety

aou_req__containers__thread_safety

valid

Safety concept of the SEooC#

<Describe here the safety concept incl. which faults are taken care of, reactions of the implemented functions under anomalous operating conditions … if this is not already documented sufficiently in the feature documentation “safety impact” section of all the features the module is used in.>

Safety Anomalies#

Anomalies (bugs in ASIL SW, detected by testing or by users, which could not be fixed) known before release are documented in the platform/module release notes <add link to release note>.

References#

<link to the user manual>
<other links>