Presentation is loading. Please wait.

Presentation is loading. Please wait.

Software Engineering for Safety : A Roadmap Presentation by: Manu D Vij CS 599 Software Engineering for Embedded Systems.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Software Engineering for Safety : A Roadmap Presentation by: Manu D Vij CS 599 Software Engineering for Embedded Systems."— Presentation transcript:

1 Software Engineering for Safety : A Roadmap Presentation by: Manu D Vij CS 599 Software Engineering for Embedded Systems

2 Introduction Wide Spread Use of Safety - Critical Systems and their reliance on Software Wide Spread Use of Safety - Critical Systems and their reliance on Software “The Nation depends on fragile software” “The Nation depends on fragile software”

3

4 Keys Areas in SE for Safety Hazard Analysis Hazard Analysis Safety requirements specification and analysis Safety requirements specification and analysis Designing for safety Designing for safety Testing Testing Certification and Standards Certification and Standards Resources Resources

5 Hazard Analysis Core of the development of safe systems Core of the development of safe systems Identification and Analysis: Identification and Analysis: –Criticality –Likelihood of Occurrence Which Hazards to avoid ? Which Hazards to avoid ? Determination of s/w components that can contribute or prevent hazard Determination of s/w components that can contribute or prevent hazard Safety requirements and constraints on design of system Safety requirements and constraints on design of system

6 Safety Requirements Specification and Analysis Formal Specification: Formal Specification: –Ease and Accuracy –Investigate if safety properties are preserved –Automated check availability Interactive theorem provers, Model checkers Interactive theorem provers, Model checkers Safety  Software Requirements Requirements Safety  Software Requirements Requirements SpecTRM ----- Embedded Systems SpecTRM ----- Embedded Systems

7 Designing for Safety Design for Safety Design for Safety –Prevention –Detection and Control Design Trade Offs Design Trade Offs –Safety Vs Other features e.g. Fault Tolerance –Issues involved are moral, legal, finance…… Vulnerability to simple design errors Vulnerability to simple design errors –Tendency to neglect small errors –“Small Errors have small consequence”– not in Software Limited use of known design techniques Limited use of known design techniques –Good design techniques are ignored

8 Testing Critical for safe system in: Critical for safe system in: –Development –Certification Assumptions about: Assumptions about: –Environment –Users –Operations Is it enough ? Is it enough ?

9 Certification and Standards Certification Certification –More complicated –Less well defined Standards Standards –“What standards are appropriate for large, safety-critical systems composed of subsystems from different domains” –Problems: Lack of guidance in existing standards Lack of guidance in existing standards Poor integration of software issues with system safety Poor integration of software issues with system safety Heavy burden of making a safety case for certification Heavy burden of making a safety case for certification –Recommendations: Classifying and evaluating standards according to products, process and resources Classifying and evaluating standards according to products, process and resources Constructing domain specific standards for products Constructing domain specific standards for products

10 Resources Books…. Levenson Books…. Levenson Bowen’s website…. Publications, Conferences, RISKforum Bowen’s website…. Publications, Conferences, RISKforum IEEE video IEEE video

11 Directions for future Work Integration of informal and formal methods Integration of informal and formal methods –Key Areas: Automatic translation of informal notation into formal models Automatic translation of informal notation into formal models Lightweight formal methods Lightweight formal methods Integration of previously distinct formal methods. Integration of previously distinct formal methods.

12 Fault Trees hazard events represented by nodes hazard events represented by nodes AND/OR gates AND/OR gates domino effect domino effect errors in the requirements phase errors in the requirements phase example taken from: http://www.cs.cmu.edu/~koop man/des_s99/safety_critical/

13 Directions…………. Constraints on safe product families and safe reuse Constraints on safe product families and safe reuse –Two key research areas: Safety Analysis of product families Safety Analysis of product families –A Goal Safety reuse of COTS software Safety reuse of COTS software –Two Problems

14 Directions…….. Testing & Evaluation Testing & Evaluation –Requirements-based testing –Evaluation from multiple sources –Model consistency –Virtual environment simulations Runtime monitoring Runtime monitoring

15 Directions….. Education: Education: –Scientific rather than methodical courses –Textbooks –Awareness Related Fields Related Fields –Security & Survivability Techniques quite similar Techniques quite similar Security Vs Safety Security Vs Safety –Software Architecture Safety consequence of flexible architectures Safety consequence of flexible architectures Evaluation of architectures for safety critical product families Evaluation of architectures for safety critical product families Partitioning to control hazards enabled by shared resources Partitioning to control hazards enabled by shared resources Architectural solutions to the need for “techniques that augment the robustness of less robust components Architectural solutions to the need for “techniques that augment the robustness of less robust components –Human Factors Engineering Better understanding of usage patterns, and formal specification of operator's mental model can yield more accurate safety requirements and safer maintenance. Better understanding of usage patterns, and formal specification of operator's mental model can yield more accurate safety requirements and safer maintenance. More research needed. More research needed. –Other fields Domain specific design for fault tolerance Domain specific design for fault tolerance Advances in OS, Programming Language Advances in OS, Programming Language

16 Conclusion.... Safety is system problem Safety is system problem Advancement in the other fields will enhance safety Advancement in the other fields will enhance safety Protecting devices….Are they enough ?? Safety into system! Protecting devices….Are they enough ?? Safety into system! Probabilistic risk assessment is not enough!! Probabilistic risk assessment is not enough!! Advancement is safety analysis is required Advancement is safety analysis is required

Download ppt "Software Engineering for Safety : A Roadmap Presentation by: Manu D Vij CS 599 Software Engineering for Embedded Systems."

Similar presentations

Integra Consult A/S Safety Assessment. Integra Consult A/S SAFETY ASSESSMENT Objective Objective –Demonstrate that an acceptable level of safety will.

Integra Consult A/S Safety Assessment. Integra Consult A/S SAFETY ASSESSMENT Objective Objective –Demonstrate that an acceptable level of safety will.
Trusted Computing in Government Networks May 16, 2007 Richard C. (Dick) Schaeffer, Jr. Information Assurance Director National Security Agency.

Trusted Computing in Government Networks May 16, 2007 Richard C. (Dick) Schaeffer, Jr. Information Assurance Director National Security Agency.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 4 Slide 1 Software Processes.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 4 Slide 1 Software Processes.
Object-Oriented Software Development CS 3331 Fall 2009.

Object-Oriented Software Development CS 3331 Fall 2009.
What is software? Computer programs and associated documentation

What is software? Computer programs and associated documentation
1 Chapter 4 - Part 1 Software Processes. 2 Software Processes is: Coherent (logically connected) sets of activities for specifying, designing, implementing,

1 Chapter 4 - Part 1 Software Processes. 2 Software Processes is: Coherent (logically connected) sets of activities for specifying, designing, implementing,
Chapter 4 Quality Assurance in Context

Chapter 4 Quality Assurance in Context
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 4 Slide 1 Software Processes.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 4 Slide 1 Software Processes.
Software Processes Coherent sets of activities for specifying, designing, implementing and testing software systems.

Software Processes Coherent sets of activities for specifying, designing, implementing and testing software systems.
Extensibility, Safety and Performance in the SPIN Operating System Presented by Allen Kerr.

Extensibility, Safety and Performance in the SPIN Operating System Presented by Allen Kerr.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 24 Slide 1 Critical Systems Validation 2.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 24 Slide 1 Critical Systems Validation 2.
Presented by: Thabet Kacem Spring 2010. Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.

Presented by: Thabet Kacem Spring Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.
Software Reuse Building software from reusable components Objectives

Software Reuse Building software from reusable components Objectives
CS599 Software Engineering for Embedded Systems1 Software Engineering for Real-Time: A Roadmap Presentation by: Mandar Samant Raghbir Singh Banwait.

CS599 Software Engineering for Embedded Systems1 Software Engineering for Real-Time: A Roadmap Presentation by: Mandar Samant Raghbir Singh Banwait.
SWE Introduction to Software Engineering

SWE Introduction to Software Engineering
Ensuring Non-Functional Properties. What Is an NFP?  A software system’s non-functional property (NFP) is a constraint on the manner in which the system.

Ensuring Non-Functional Properties. What Is an NFP?  A software system’s non-functional property (NFP) is a constraint on the manner in which the system.
1 Software Architecture: a Roadmap David Garlen Roshanak Roshandel Yulong Liu.

1 Software Architecture: a Roadmap David Garlen Roshanak Roshandel Yulong Liu.
Presentation R. R. Lutz. Analyzing Software Requirements Errors in Safety-Critical Embedded Systems. In Proceedings of the IEEE International Symposium.

Presentation R. R. Lutz. Analyzing Software Requirements Errors in Safety-Critical Embedded Systems. In Proceedings of the IEEE International Symposium.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 4 Slide 1 Software Process Models.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 4 Slide 1 Software Process Models.
SWE Introduction to Software Engineering

SWE Introduction to Software Engineering

Similar presentations

Ads by Google