The safety requirements decomposition pattern

Safety requirement specifications usually have heterogeneous structures, most likely based on the experience of the engineers involved in the specification process. Consequently, it gets difficult to ensure that recommendations given in standards are considered, e.g., evidence that the requirements are complete and consistent with other development artifacts. To address this challenge, we present in this paper the Safety Requirements Decomposition Pattern, which aims at supporting the decomposition of safety requirements that are traceable to architecture and failure propagation models. The effectiveness of the approach has been observed in its application in different domains, such as automotive, avionics, and medical devices. In this paper, we present its usage in the context of an industrial Automated External Defibrillator system.