process: add checks safety analysis

Ref: closes #54

Author: PandaeDo

src/extensions/score_metamodel/metamodel.yaml

@@ -505,73 +505,77 @@ needs_types:
       status: ^(valid|invalid)$
 
 # Safety Analysis DFA
-feat_plat_saf_dfa:
-  title: DFA
-  prefix: feat_plat_saf_dfa__
-  mandatory_options:
-    verifies: ^feat_arc_sta__[0-9a-z_]*$
-    id: ^gd_guidl__dfa_failure_initiators__[0-9a-z_]*$
-    violation_id: ^.*$
-    violation_cause: ^.*$
-    mitigates: ^(feat_req__[0-9a-z_]*|aou_req_[0-9a-z]*|)$
-    mitigation_issue: ^https://github.com/.*$
-    sufficient: ^(yes|no)$
-    status: ^(valid|invalid)$
-
-feat_saf_dfa:
-  title: DFA
-  prefix: feat_saf_dfa__
-  mandatory_options:
-    verifies: ^feat_arc_sta__[0-9a-z_]*$
-    id: ^gd_guidl__dfa_failure_initiators__[0-9a-z_]*$
-    violation_id: ^.*$
-    violation_cause: ^.*$
-    mitigation_issue: ^https://github.com/.*$
-    sufficient: ^(yes|no)$
-    status: ^(valid|invalid)$
-    mandatory_links:
-      mitigates: ^feat_req__.*$
-
-comp_saf_dfa:
-  title: DFA
-  prefix: comp_saf_dfa__
-  mandatory_options:
-    verifies: ^comp_arc_sta__[0-9a-z_]*$
-    id: ^gd_guidl__dfa_failure_initiators__[0-9a-z_]*$
-    violation_id: ^.*$
-    violation_cause: ^.*$
-    mitigates: ^(feat_req__[0-9a-z_]*|aou_req_[0-9a-z]*|)$
-    mitigation_issue: ^https://github.com/.*$
-    sufficient: ^(yes|no)$
-    status: ^(valid|invalid)$
-
-# Safety Analysis FMEA
-feat_saf_fmea:
-  title: FMEA
-  prefix: feat_saf_fmea__
-  mandatory_options:
-    verifies: ^feat_arc_dyn__[0-9a-z_]*$
-    id: ^gd_guidl__fault_models__[0-9a-z_]*$
-    violation_id: ^.*$
-    violation_cause: ^.*$
-    mitigates: ^(feat_req__[0-9a-z_]*|aou_req_[0-9a-z]*|)$
-    mitigation_issue: ^https://github.com/.*$
-    sufficient: ^(yes|no)$
-    status: ^(valid|invalid)$
-
-comp_saf_fmea:
-  title: FMEA
-  prefix: comp_saf_fmea__
-  mandatory_options:
-    verifies: ^comp_arc_dyn__[0-9a-z_]*$
-    id: ^gd_guidl__fault_models__[0-9a-z_]*$
-    violation_id: ^.*$
-    violation_cause: ^.*$
-    mitigates: ^(comp_req__[0-9a-z_]*|aou_req_[0-9a-z]*|)$
-    mitigation_issue: ^https://github.com/.*$
-    sufficient: ^(yes|no)$
-    argument: ^.+$
-    status: ^(valid|invalid)$
+  feat_plat_saf_dfa:
+    title: DFA
+    prefix: feat_plat_saf_dfa__
+    mandatory_options:
+      id: ^gd_guidl__dfa_failure_initiators__[0-9a-z_]*$
+      violation_id: ^.*$
+      violation_cause: ^.*$
+      mitigation_issue: ^https://github.com/.*$
+      sufficient: ^(yes|no)$
+      status: ^(valid|invalid)$
+      mandatory_links:
+        mitigates: ^(feat_req__.*|aou_req__.*|)$
+        verifies: ^feat_arc_sta__[0-9a-z_]*$
+
+  feat_saf_dfa:
+    title: DFA
+    prefix: feat_saf_dfa__
+    mandatory_options:
+      id: ^feat_saf_dfa__[0-9a-z_]+$
+      violation_id: ^.*$
+      violation_cause: ^.*$
+      mitigation_issue: ^https://github.com/.*$
+      sufficient: ^(yes|no)$
+      status: ^(valid|invalid)$
+      mandatory_links:
+        mitigates: ^(feat_req__.*|aou_req__.*|)$
+        verifies: ^feat_arc_sta__[0-9a-z_]*$
+
+  comp_saf_dfa:
+    title: DFA
+    prefix: comp_saf_dfa__
+    mandatory_options:
+      id: ^gd_guidl__dfa_failure_initiators__[0-9a-z_]*$
+      violation_id: ^.*$
+      violation_cause: ^.*$
+      mitigation_issue: ^https://github.com/.*$
+      sufficient: ^(yes|no)$
+      status: ^(valid|invalid)$
+      mandatory_links:
+        mitigates: ^(comp_req__.*|aou_req__.*|)$
+        verifies: ^comp_arc_sta__[0-9a-z_]*$
+
+  # # Safety Analysis FMEA
+  feat_saf_fmea:
+    title: FMEA
+    prefix: feat_saf_fmea__
+    mandatory_options:
+      id: ^gd_guidl__fault_models__[0-9a-z_]*$
+      violation_id: ^.*$
+      violation_cause: ^.*$
+      mitigation_issue: ^https://github.com/.*$
+      sufficient: ^(yes|no)$
+      status: ^(valid|invalid)$
+      mandatory_links:
+        mitigates: ^(feat_req__.*|aou_req__.*|)$
+        verifies: ^feat_arc_dyn__[0-9a-z_]*$
+
+  comp_saf_fmea:
+    title: FMEA
+    prefix: comp_saf_fmea__
+    mandatory_options:
+      id: ^gd_guidl__fault_models__[0-9a-z_]*$
+      violation_id: ^.*$
+      violation_cause: ^.*$
+      mitigation_issue: ^https://github.com/.*$
+      sufficient: ^(yes|no)$
+      argument: ^.+$
+      status: ^(valid|invalid)$
+      mandatory_links:
+        mitigates: ^(comp_req__.*|aou_req__.*|)$
+        verifies: ^comp_arc_dyn__[0-9a-z_]*$
 
 # Extra link types, which shall be available and allow need types to be linked to each other.
 # We use a dedicated linked type for each type of a connection, for instance from
@@ -647,8 +651,8 @@ needs_extra_links:
     outgoing: included by
 
   mitigates:
-    incoming: mitigates by
-    outgoing: mitigated
+    incoming: mitigated by
+    outgoing: mitigates
 ##############################################################
 # Graph Checks
 # The graph checks focus on the relation of the needs and their attributes.
@@ -693,7 +697,8 @@ graph_checks:
   # as the corresponding ASIL of the Feature or Component that is analyzed.
   saf_linkage_safety:
     needs:
-      include: feat_saf_fmea, comp_saf_fmea, feat_plat_saf_dfa, feat_saf_dfa, comp_saf_dfa, aou_req
+      include: feat_saf_fmea, comp_saf_fmea, feat_plat_saf_dfa, feat_saf_dfa, comp_saf_dfa
       condition: safety == ASIL_B
     check:
-      mitigates: safety == QM
+      mitigates: safety != QM
+

src/extensions/score_metamodel/tests/rst/graph/test_metamodel_graph.rst

@@ -117,12 +117,138 @@
    :satisfies: feat_req__parent0__abcd
 
 
+.. Mitigation of Safety Analysis (FMEA and DFA) shall be checked. Mitigation shall have the same or higher safety level than the analysed item.
+.. Negative Test: Linked to a mitigation that is lower than the safety level of the analysed item.
+#EXPECT: feat_saf_dfa__child__10: parent need `feat_req__parent__QM` does not fulfill condition `safety != QM`.
 
+.. feat_saf_dfa:: Child requirement 10
+   :id: feat_saf_dfa__child__10
+   :safety: ASIL_B
+   :status: valid
+   :mitigates: feat_req__parent__QM
+
+.. Positive Test: Linked to a mitigation that is equal to the safety level of the analysed item.
+#EXPECT-NOT: feat_saf_dfa__child__11: parent need `feat_req__parent__ASIL_B` does not fulfill condition `safety != QM`.
+
+.. feat_saf_dfa:: Child requirement 11
+   :id: feat_saf_dfa__child__11
+   :safety: ASIL_B
+   :status: valid
+   :mitigates: feat_req__parent__ASIL_B
+
+.. Positive Test: Linked to a mitigation that is higher to the safety level of the analysed item.
+#EXPECT-NOT: feat_saf_dfa__child__12: parent need `feat_req__parent__ASIL_D` does not fulfill condition `safety != QM`.
+
+.. feat_saf_dfa:: Child requirement 12
+   :id: feat_saf_dfa__child__12
+   :safety: ASIL_B
+   :status: valid
+   :mitigates: feat_req__parent__ASIL_D
+
+.. Negative Test: Linked to a mitigation that is lower than the safety level of the analysed item.
+#EXPECT: comp_saf_dfa__child__13: parent need `feat_req__parent__QM` does not fulfill condition `safety != QM`.
+
+.. comp_saf_dfa:: Child requirement 13
+   :id: comp_saf_dfa__child__13
+   :safety: ASIL_B
+   :status: valid
+   :mitigates: feat_req__parent__QM
+
+.. Positive Test: Linked to a mitigation that is equal to the safety level of the analysed item.
+#EXPECT-NOT: comp_saf_dfa__child__14: parent need `feat_req__parent__ASIL_B` does not fulfill condition `safety != QM`.
+
+.. comp_saf_dfa:: Child requirement 14
+   :id: comp_saf_dfa__child__14
+   :safety: ASIL_B
+   :status: valid
+   :mitigates: feat_req__parent__ASIL_B
+
+.. Positive Test: Linked to a mitigation that is higher to the safety level of the analysed item.
+#EXPECT-NOT: comp_saf_dfa__child__15: parent need `feat_req__parent__ASIL_D` does not fulfill condition `safety != QM`.
+
+.. comp_saf_dfa:: Child requirement 15
+   :id: comp_saf_dfa__child__15
+   :safety: ASIL_B
+   :status: valid
+   :mitigates: feat_req__parent__ASIL_D
+
+.. Negative Test: Linked to a mitigation that is lower than the safety level of the analysed item.
+#EXPECT: feat_plat_saf_dfa__child__16: parent need `feat_req__parent__QM` does not fulfill condition `safety != QM`.
+
+.. feat_plat_saf_dfa:: Child requirement 16
+   :id: feat_plat_saf_dfa__child__16
+   :safety: ASIL_B
+   :status: valid
+   :mitigates: feat_req__parent__QM
+
+.. Positive Test: Linked to a mitigation that is equal to the safety level of the analysed item.
+#EXPECT-NOT: feat_plat_saf_dfa__child__17: parent need `feat_req__parent__ASIL_B` does not fulfill condition `safety != QM`.
+
+.. feat_plat_saf_dfa:: Child requirement 17
+   :id: feat_plat_saf_dfa__child__17
+   :safety: ASIL_B
+   :status: valid
+   :mitigates: feat_req__parent__ASIL_B
+
+.. Positive Test: Linked to a mitigation that is higher to the safety level of the analysed item.
+#EXPECT-NOT: feat_plat_saf_dfa__child__18: parent need `feat_req__parent__ASIL_D` does not fulfill condition `safety != QM`.
+
+.. feat_plat_saf_dfa:: Child requirement 18
+   :id: feat_plat_saf_dfa__child__15
+   :safety: ASIL_B
+   :status: valid
+   :mitigates: feat_req__parent__ASIL_D
+
+.. Negative Test: Linked to a mitigation that is lower than the safety level of the analysed item.
+#EXPECT: feat_saf_fmea__child__19: parent need `feat_req__parent__QM` does not fulfill condition `safety != QM`.
+
+.. feat_saf_fmea:: Child requirement 19
+   :id: feat_saf_fmea__child__19
+   :safety: ASIL_B
+   :status: valid
+   :mitigates: feat_req__parent__QM
+
+.. Positive Test: Linked to a mitigation that is equal to the safety level of the analysed item.
+#EXPECT-NOT: feat_saf_fmea__child__20: parent need `feat_req__parent__ASIL_B` does not fulfill condition `safety != QM`.
+
+.. feat_saf_fmea:: Child requirement 20
+   :id: feat_saf_fmea__child__20
+   :safety: ASIL_B
+   :status: valid
+   :mitigates: feat_req__parent__ASIL_B
 
-.. .. Parent requirement does not exist
-.. .. #EXPECT: feat_saf_dfa__child__10: Parent need `feat_req__parent__QM` does not fulfill the condition `safety != QM`.
+.. Positive Test: Linked to a mitigation that is higher to the safety level of the analysed item.
+#EXPECT-NOT: feat_saf_fmea__child__21: parent need `feat_req__parent__ASIL_D` does not fulfill condition `safety != QM`.
 
-.. .. feat_req:: Child requirement 10
-.. ..    :id: feat_saf_dfa__child__10
-.. ..    :safety: ASIL_B
-.. ..    :mitigates: feat_req__parent__QM
+.. feat_saf_fmea:: Child requirement 21
+   :id: feat_saf_fmea__child__21
+   :safety: ASIL_B
+   :status: valid
+   :mitigates: feat_req__parent__ASIL_D
+
+.. Negative Test: Linked to a mitigation that is lower than the safety level of the analysed item.
+#EXPECT: comp_saf_fmea__child__22: parent need `feat_req__parent__QM` does not fulfill condition `safety != QM`.
+
+.. comp_saf_fmea:: Child requirement 22
+   :id: comp_saf_fmea__child__22
+   :safety: ASIL_B
+   :status: valid
+   :mitigates: feat_req__parent__QM
+
+.. Positive Test: Linked to a mitigation that is equal to the safety level of the analysed item.
+#EXPECT-NOT: comp_saf_fmea__child__23: parent need `feat_req__parent__ASIL_B` does not fulfill condition `safety != QM`.
+
+.. comp_saf_fmea:: Child requirement 23
+   :id: comp_saf_fmea__child__23
+   :safety: ASIL_B
+   :status: valid
+   :mitigates: feat_req__parent__ASIL_B
+
+.. Positive Test: Linked to a mitigation that is higher to the safety level of the analysed item.
+#EXPECT-NOT: comp_saf_fmea__child__24: parent need `feat_req__parent__ASIL_D` does not fulfill condition `safety != QM`.
+
+.. comp_saf_fmea:: Child requirement 24
+   :id: comp_saf_fmea__child__24
+   :safety: ASIL_B
+   :status: valid
+   :mitigates: feat_req__parent__ASIL_D

src/extensions/score_metamodel/tests/rst/options/test_options_extra_option.rst

@@ -25,3 +25,5 @@
 
 .. std_wp:: This is a test
    :id: std_wp__test__abce
+
+