Safety Case Depictions vs. Safety Cases - Would the Real Safety Case Please Stand Up?

The integrity of the safety case depends primarily on the quality of the reasoning embodied in the safety argument and the trustworthiness of the associated items of evidence. Safety case arguments, often depicted using graphical notations such as GSN and CAE, are typically embedded and presented in one or more documents. One of these documents is the Safety Case Report. The periodic submission of a Safety Case Report is good practice and mandated in safety standards such as UK Defence Standard 00-56. The relationship between the safety argument structure and the embedding report can take different forms. The safety case argument may provide an executive summary at the beginning of the report, drive the flow of the report or be attached as an appendix to the report. In this paper, we address the relationship that exists between the safety case, safety argument depictions and the safety case report. We highlight the potential dangers of mismatch between these three entities, including the potential illusion of strong case created through the use of a structured graphical argumentation notation. We conclude that the safety case is the reasoning as to how the system is acceptably safe. The depicted safety case is a representation of the argument that is hoped to mirror the actual safety case. Finally, the safety case report can usefully provide an elaboration of the concepts referenced within the safety argument.