BS3909 Week 8 1 Self-Study: Safety-critical systems l Wide range of equipment now computer-controlled »Machine could injure operator if certain faults.

Slides:



Advertisements
Similar presentations
EECE499 Computers and Nuclear Energy Electrical and Computer Eng Howard University Dr. Charles Kim Fall 2013 Webpage:
Advertisements

Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 24 Slide 1 Critical Systems Validation 2.
Accident Causes, Prevention and Control
Reliability and Safety Lessons Learned. Ways to Prevent Problems Good computer systems Good computer systems Good training Good training Accountability.
Reliability Risk Assessment
Topic 4 - Risk Assessment Textbook pages 72–77. Learning outcomes By the end of the topic learners will have: Greater familiarity with risk assessment.
Overview Lesson 10,11 - Software Quality Assurance
1 Certification Chapter 14, Storey. 2 Topics  What is certification?  Various forms of certification  The process of system certification (the planning.
1 Software Development Prepared By Joseph Leung. 2Agenda 1.Discuss the need for quality software in business systems, industrial process control systems,
1 Software Testing and Quality Assurance Lecture 38 – Software Quality Assurance.
The Australian/New Zealand Standard on Risk Management
Soft. Eng. II, Spr. 2002Dr Driss Kettani, from I. Sommerville1 CSC-3325: Chapter 9 Title : Reliability Reading: I. Sommerville, Chap. 16, 17 and 18.
SWE Introduction to Software Engineering
Title slide PIPELINE QRA SEMINAR. PIPELINE RISK ASSESSMENT INTRODUCTION TO RISK IDENTIFICATION 2.
Quality Risk Management ICH Q9 Annex I: Methods & Tools
Testing safety-critical software systems
Software Verification and Validation (V&V) By Roger U. Fujii Presented by Donovan Faustino.
Basics of Fault Tree and Event Tree Analysis Supplement to Fire Hazard Assessment for Nuclear Engineering Professionals Icove and Ruggles (2011) Funded.
SAFE 605: Principles of Safety Engineering Overview of Safety Engineering Safety Engineering Concepts.
Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.
Software Project Management
Software Reliability Categorising and specifying the reliability of software systems.
Failure Mode Effect and Criticality Analysis Adam Adgar School of Computing and Technology.
University of Palestine software engineering department Testing of Software Systems Fundamentals of testing instructor: Tasneem Darwish.
Levels of safety Priorities for eliminating hazards in the workplace Eliminate the hazard through the machine design stage Apply safeguarding technology.
MassMEDIC Risk Management: Legal and Liability Issues with Home Healthcare Products Raymond C. Zemlin Goodwin Procter LLP (March 9, 2006) ©2006. Goodwin.
Four Wheel Drive Australia Risk Management Presentation.
DESIGNING FOR SAFETY CHAPTER 9. IMPORTANCE OF DESIGNING FOR SAFETY  In the near future, the level of safety that companies and industries achieve will.
1 Software Testing and Quality Assurance Lecture 33 – Software Quality Assurance.
Safety Induction to the Lift & Escalator Industry
FAULT TREE ANALYSIS (FTA). QUANTITATIVE RISK ANALYSIS Some of the commonly used quantitative risk assessment methods are; 1.Fault tree analysis (FTA)
Blaine Best David Mette Katie Kodrich Allie Pitchler Kyle Killam “An error doesn’t become a mistake until you refuse to correct it.” - Orlando A. Battista.
Safety-Critical Systems T Ilkka Herttua. Safety Context Diagram HUMANPROCESS SYSTEM - Hardware - Software - Operating Rules.
Software Testing and Quality Assurance Software Quality Assurance 1.
1 Reducing the Software Impact to System Safety Paul Mayo – SafeEng Limited.
1 Safety - definitions Accident - an unanticipated loss of life, injury, or other cost beyond a pre-determined threshhold.  If you expect it, it’s not.
On the Definition of Survivability J. C. Knight and K. J. Sullivan, Department of Computer Science, University of Virginia, December 2000.
Quality Assurance.
Safety-Critical Systems 7 Summary T V - Lifecycle model System Acceptance System Integration & Test Module Integration & Test Requirements Analysis.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 9 Slide 1 Critical Systems Specification 1.
1 Software Quality Assurance. 2 Quality Concepts - 1 Variation control is the heart of quality control Software engineers strive to control the – process.
Formal Methods in SE Software Verification Using Formal Methods By: Qaisar Javaid, Assistant Professor Formal Methods1.
Health and Safety in Adult Social Care.
Software Quality Assurance SOFTWARE DEFECT. Defect Repair Defect Repair is a process of repairing the defective part or replacing it, as needed. For example,
Smart Home Technologies
National Corporate Training Pty Ltd0. Topics Follow safe work practices Maintain personal safety standards Assess risks Follow emergency procedures National.
SAFEWARE System Safety and Computers Chap18:Verification of Safety Author : Nancy G. Leveson University of Washington 1995 by Addison-Wesley Publishing.
Behind the Mirror of Safety Steve Danon Director, Risk Control Services Marcotte Insurance Agency.
2011 PLANT OPERATIONS MODULE 8 Maintain Bulk Plant Systems and Equipment.
Software Engineering Lecture 8: Quality Assurance.
RISK MANAGEMENT FOR COMMUNITY EVENTS. Today’s Session Risk Management – why is it important? Risk Management and Risk Assessment concepts Steps in the.
1 Software Testing and Quality Assurance Lecture 38 – Software Quality Assurance.
System Development Life Cycle (SDLC). Activities Common to Software Projects Planning : Principles Principle #1. Understand the scope of the project.
COUNTY SAFETY RISK MANAGEMENT COUNTY COUNSEL THE COUNTY COVERS A HUGE AREA From Ridgecrest to Maricopa Over 500 buildings In 300 locations.
ON “SOFTWARE ENGINEERING” SUBJECT TOPIC “RISK ANALYSIS AND MANAGEMENT” MASTER OF COMPUTER APPLICATION (5th Semester) Presented by: ANOOP GANGWAR SRMSCET,
Ethics in Information Technology Chapter 7 Software Development Ethics in Information Technology.
FUNDAMENTALS OF COMPUTER SYSTEMS Lesson 1. Starter What is the difference between hardware and software?
Measuring and Reviewing Performance
Software Quality Assurance
Chapter 21 Software Quality Assurance
Air Carrier Continuing Analysis and Surveillance System (CASS)
Air Carrier Continuing Analysis and Surveillance System (CASS)
Knife Handling Safety Discuss the types of knives and uses in your work setting.
Chapter 21 Software Quality Assurance
CREOG Patient Safety Series: Safety in Women’s Healthcare
Failure Mode and Effect Analysis
Computer in Safety-Critical Systems
Presentation transcript:

BS3909 Week 8 1 Self-Study: Safety-critical systems l Wide range of equipment now computer-controlled »Machine could injure operator if certain faults happen »Sewage must not be discharged in rising tide »Traffic lights should never go green all-round »Drug-delivery drip mustn’t give over- or under-dose »Nuclear reactor needs accurate and timely control »Radiotherapy equipment must give right dose »Fly-by-wire aircraft mustn’t be crash-by-silicon l Require far higher standards of reliability that we are used to in the rest of the industry l Emphasis on proving correctness rather than testing

BS3909 Week 8 2 Risk Assessment l Not a precise (or even a logical) science »We take bigger risks when we’re “in control” l In reality, we need to combine two factors: »Probability that an undesired event will occur »Severity of impact if it does l Examples of risk/impact/precaution »Steel toe-caps protect carriers against fairly likely event of dropping object on their feet (rarely fatal) »Head restraints protect us against somewhat less likely event of being shunted (sometimes fatal) »Duplicated systems guard against very unlikely event of aircraft crash (often fatal)

BS3909 Week 8 3 Regulation & Standards See for more details l Underlying problem is that systems are designed with more concern about what they should do than about what the must not do »We tend to test what we programmed in »Not what we did inadvertently l Regulation can be based on: »Responsibility (professional and legal) »Observance of standards »Certification or licensing

BS3909 Week 8 4 Two Approaches to Standards l Mandate design technology »For example, insist on formal specifications »Or use of strongly-typed language such as Ada »Or even Formal Methods (mathematically-provable software design) OK until new and better technology arises l Define performance standards »Say what must and must not happen »Doesn’t limit design to current technology But very hard to test or prove performance

BS3909 Week 8 5 Achieving Standards l Certification of practitioners »Ensure that people designing safety-critical systems know what they are doing, and that »they don’t exceed the limitations of their expertise »Use an uncertified practitioner at your own peril l Certification of systems »To ensure compliance with Codes of Practice »Involves audit that procedures have been followed »That testing has been thorough l Licensing practitioners »Goes beyond certification by outlawing unlicensed practitioners (so if you lose licence you lose job)

BS3909 Week 8 6 Legal Issues l Engineers have normal HASAW responsibilities, and l Liable for Negligence if proved »Deviation from standards or codes may provide proof »Engineers expected to warrant expected result l + (probably) responsibility under Consumer Protection »No need to prove negligence »If a product hurts someone through malfunction, there is a case to answer »Software may be held to be an inherent component of the product l Best to insure against these liabilities if you can

BS3909 Week 8 7 Building Safe Systems l Safety must be key objective throughout development cycle »Specifications should consider safety implications –Should be provably consistent –Or design may ignore inconsistent system states »Design should focus on safety issues –Easier to design safety in than to bolt on later –“Impossible” states must still be handled »Provable mapping from design to coding »Testing to include consideration of malfunction l Hazard analysis needed to home in on safety Hoffnung

BS3909 Week 8 8 Hazard analysis l Need to recognize areas of risk to home in on safety l Most disasters are concatenation of minor faults »Operator misunderstands interface »Events are missed when they are simultaneous »System operates prematurely; or late; or doesn’t stop l Fault Tree Analysis »Defines possible undesired events »Then looks at how they might arise »Tracks down subsystems to see if they could occur l Alternative is by design inspections

BS3909 Week 8 9 Specifications l There is an inherent problem with specifications »Plain English is too imprecise »Requirement is often owned by non-specialist (remember last week’s issues?) »So jargon may be misunderstood »Rigorous mathematical specification even harder for non- specialist to evaluate (but at least the engineer knows that it’s consistent) »Producing safety specification concentrates the mind »Ensures that possible failure modes are considered »That fail-safe actions are specified for them »Can prescribe external safeguards

BS3909 Week 8 10 Safety Design l Need to prevent hazards when possible »e.g. by interlocks and mutually-exclusive processing l Minimize likelihood or scale of hazard »e.g. by automatic control, negative feedback »Comparable with safety-stop on lifts l Detect hazards if they occur »e.g. by monitoring, warning devices l Minimize impact of hazard when it is detected »e.g. by emergency stop, recovery process »and training staff to react correctly

BS3909 Week 8 11 Practical Approaches l Rigorous specification »Mathematical definition of intended behaviour l Standards and procedures for development cycle »Enforces code of practice »Avoids risk from uncontrolled “no impact” changes l Minimal interaction between components »If components have simple functions, their correctness can be proved »Then assembly of components can also be proved l Redundancy »Guard against single point of failure

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.