Complete Learning Module

Safety Case Development

Building structured, assessor-ready safety arguments that demonstrate acceptable safety for automotive systems

14
In-depth chapters
GSN
Goal Structuring Notation
CAE
Claims-Argument-Evidence
FSA
Safety Assessment ready
Start LearningView Curriculum

What You'll Learn

Build complete competency in safety case development through structured, progressive learning.

Structure safety arguments

Build logically complete and well-structured safety arguments using GSN or CAE notation

Map work products to evidence

Systematically link all ISO 26262 work products to safety case evidence nodes with complete traceability

Apply argument patterns

Use reusable argument patterns to efficiently construct common safety case argument branches

Assess argument confidence

Evaluate the strength and completeness of safety case arguments using structured confidence assessment techniques

Manage safety case changes

Perform structured change impact analysis to maintain safety case integrity when design modifications occur

Pass safety assessments

Present a compelling safety case that satisfies independent Functional Safety Assessment requirements

14 Comprehensive Chapters

Each chapter builds your safety case development expertise systematically from foundations to advanced application.

1

What is a Safety Case

Define the safety case concept, its purpose in ISO 26262, and how it differs from simple documentation collection.

Safety case definitionPurpose and scopeISO 26262 requirementAssessor role
2

GSN Framework

Learn Goal Structuring Notation (GSN), the most widely used language for expressing structured safety arguments in automotive safety cases.

GSN elementsGoals and strategiesSolutions and contextsUndeveloped elements
3

CAE Framework

Explore Claims-Argument-Evidence (CAE) as an alternative safety case framework and understand when to choose CAE over GSN.

CAE structureClaim decompositionEvidence linkageFramework comparison
4

Safety Case Strategy

Select and justify an overall argument strategy for the safety case: assurance by compliance, argument by elimination, or probabilistic argument.

Strategy typesCompliance-based argumentElimination strategyHybrid approaches
5

Modular Structure

Design a modular safety case architecture that separates system-level, hardware, software, and supporting process arguments for maintainability.

Module decompositionInterface contractsHierarchical structureReusable modules
6

Claims-Evidence-Argument

Practice linking safety claims to specific evidence sources and constructing logically sound arguments that bridge the two.

Evidence classificationArgument strengthLogical completenessDefeaters and rebuttals
7

Argument Patterns

Apply reusable argument patterns for common safety case structures including compliance, test adequacy, and safety mechanism effectiveness.

Pattern libraryCompliance patternTest adequacy patternSM effectiveness pattern
8

ISO 26262 Work Product Integration

Map all ISO 26262 work products to safety case evidence nodes and ensure complete traceability from safety goals to verification records.

Work product mappingEvidence node creationTraceability matrixGap identification
9

Confidence Assessment

Apply confidence assessment techniques including dependability cases and claim adequacy reviews to evaluate argument strength.

Confidence levelsClaim adequacyEvidence sufficiencyArgument defeaters
10

Incremental Development

Build the safety case incrementally alongside product development, establishing baseline arguments at each project phase gate.

Phase-gate alignmentIncremental argumentAssumption trackingArgument maturity
11

Change Impact Analysis

Perform structured change impact analysis on the safety case when design changes occur to identify which argument branches require update.

Change propagationAffected nodesRe-evidence requirementsVersion management
12

Lifecycle Maintenance

Establish processes to maintain the safety case through the complete product lifecycle including production, field feedback, and updates.

Maintenance processField feedback integrationPeriodic reviewRetirement evidence
13

Common Gaps

Identify the most frequently cited safety case gaps from functional safety assessments and learn how to proactively close them.

Top assessment findingsEvidence gapsArgument weaknessesRemediation strategies
14

Best Practices

Synthesize best practices for creating clear, complete, and compelling safety cases that efficiently satisfy assessor requirements.

Tooling selectionPeer review processAssessor communicationContinuous improvement
GSN / CAE

6 Safety Case Structure Diagrams

Experiment with visual tools that bring safety case development concepts to life.

GSN Notation Reference

Complete GSN element reference diagram showing goals, strategies, solutions, contexts, justifications, assumptions, and module symbols

Safety Case Hierarchy

Top-level safety case structure diagram from item safety goals through subsystem claims to work product evidence nodes

Argument Pattern Library

Collection of reusable GSN argument patterns for compliance, test adequacy, safety mechanism effectiveness, and completeness claims

Evidence Traceability Map

Traceability diagram mapping ISO 26262 mandatory work products to safety case evidence nodes for a complete ASIL D item

Confidence Assessment Model

Diagram showing the confidence assessment process for safety case claims including claim adequacy review and defeater identification

Safety Case Change Propagation

Impact analysis diagram showing how a design change propagates through the safety case argument structure requiring re-evidence

ASIL D Assessment Case

Safety Case for an ASIL D Steering Control Unit

A Tier-1 supplier built a GSN-based safety case for an ASIL D electric power steering unit. The initial assessment returned 31 findings; 28 were traceable to missing evidence links in the safety case rather than actual design gaps. A structured remediation reduced re-assessment findings to zero.

  • Safety case comprised 847 GSN nodes across 6 modules (system, HW, SW, SEooC, supporting processes, validation)
  • Evidence traceability matrix linked 312 work products to 634 safety case evidence nodes
  • Change impact analysis on post-assessment design changes identified 7 argument branches for update
  • Final assessment confirmed safety case with zero major findings from three independent assessors

GSN Safety Case Template

G1: The EPS item does not violate safety goal SG-01 (unintended steering torque) in all defined operating conditions
12 additional top-level GSN goal branches (unlock Advanced plan)

Master Safety Case Development

Build compelling, assessor-ready safety cases using GSN and CAE frameworks with complete traceability to ISO 26262 work products

Start Learning Now
14 chapters6 argument diagramsGSN & CAE frameworks