Assurance cases are used to argue in a structured, and evidence-supported way, that a property such as safety or security is satisfied by a system. In some domains however, instead of single systems, product lines with many system-variants are engineered, to satisfy the needs of different customers. In such context, single-system methods for assurance-case creation suffer from scalability issues because the underlying assumption is that the evidence and arguments can be created per system variant. This paper presents a novel method for product-line assurance-case creation where all the arguments and the evidence are created without analyzing each system variant. Consequently, the effort to create an assurance case scales with the complexity of system variants, instead with their number. The method is based on a contract-based design framework for cyber–physical systems, which is extended to define the conditions under which all system variants satisfy a particular property. These conditions are used to define an assurance-case pattern, which can be instantiated for arbitrary product lines. Moreover, the defined pattern is modular to enable step-wise assurance-case creation. Finally, an exploratory case study is performed on a real product-line from the heavy-vehicle manufacturer Scania to evaluate the applicability of the presented method.

保证案例用于以结构化且证据支持的方式争论系统是否满足诸如安全性之类的属性。但是，在某些领域中，设计了具有许多系统变量的产品线，而不是单个系统，以满足不同客户的需求。在这种情况下，用于保证案例创建的单系统方法会遇到可伸缩性问题，因为基本假设是可以针对每个系统变体创建证据和论据。本文提出了一种用于创建产品线保证案例的新颖方法，该方法创建所有参数和证据而无需分析每个系统变体。因此，创建保证案例的工作与系统变体的复杂性（而不是其数量）成比例。该方法基于网络物理系统基于合同的设计框架，该框架经过扩展以定义所有系统变体满足特定属性的条件。这些条件用于定义保证案例模式，可以针对任意产品线实例化该模式。此外，定义的模式是模块化的，以允许逐步创建保证案例。最后，对重型汽车制造商的真实产品线进行了探索性案例研究斯堪尼亚评估所提出方法的适用性。