Presentation is loading. Please wait.

Presentation is loading. Please wait.

Safety-Critical Systems 2 T 79.232 Ilkka Herttua.

Published bySpencer Stanley Modified over 9 years ago

Similar presentations

Presentation on theme: "Safety-Critical Systems 2 T 79.232 Ilkka Herttua."— Presentation transcript:

1 Safety-Critical Systems 2 T 79.232 Ilkka Herttua

2 Main topics for spring 2003 Fault tolerance/reliability (III) Hardware/Programmable Logic Controllers (III) Safety-Critical Software (IV) Formal Methods – modelling (IV/V) Verification/Validation and Testing (V) Seminars (VI)

3 Risk Analysis Risk is a combination of the severity (class) and frequency (probability) of the hazardous event. Classes: - Catastrophic – multiple deaths - Critical – a death or severe injuries - Marginal – a severe injury - Negligible – a minor injury

4 Hazard probability Probability classes: Frequent Probable Occasional Remote Improbable Incredible

5 Risk acceptability National/international decision – level of an acceptable loss (ethical, political and economical) Risk Analysis Methods: ALARP – as low as reasonable practical (UK, USA) GAMAB – not greater than before (France)

6 Integrity levels Safety Integrity is a measure of the likelihood of the safety system correctly performing its task. Safety Integrity levels: (failures/year) SIL 410E-5 – 10E-4 SIL 310E-4 – 10E-3 SIL 210E-3 – 10E-2 SIL 1 10E-2 – 10E-1

7 V - Lifecycle model System Acceptance System Integration & Test Module Integration & Test Requirements Analysis Requirements Model Test Scenarios Software Implementation & Unit Test Software Design Requirements Document Systems Analysis & Design Functional / Architechural - Model Specification Document Knowledge Base * * Configuration controlled Knowledge that is increasing in Understanding until Completion of the System: Requirements Documentation Requirements Traceability Model Data/Parameters Test Definition/Vectors

8 Overall safety lifecycle

9 Development Methods Right Requirements phase 1-5 - complete – linking to hazards - correct – testing & modelling - consistent – semiformal language - unambiguous - better English

10 Requirement Engineering Methods – Reveal (UK) -All necessary included, right structure and understandable wording. Tools – Doors (Telelogic) -Data base and configuration management -History, traceability and linking

11 REVEAL REVEAL is a requirements engineering method (Praxis UK) –independent of particular notations –compatible with different tools The application of scientific principles –the role of domain knowledge in relating requirements to specifications Through a systematic process –what has to be done –what order it should be done in –how it can be done

12 The REVEAL Process

13 On-going Processes Management –Baselining –Tracing –Change management –Fault management –Use of tools Conflict Management –Identification of conflicts –Negotiation –Recording conflict and outcome for future change management

14 Requirements Management with DOORS Slides provided by Telelogic/ Quality Systems & Software

15 Dynamic Object Oriented Requirements System Effizienz Interfaces Requirements Links Reports Analysis Change Proposal System Filter, Views Multiuser-Databank User Accounts Configuration- management Text Processing Templates, Standards DOORS Capture, Link, Trace, Analyse, Administer

16 Terminology in DOORS One Document, Group of related Information Requirements, Tests, Specifications, Change Requests, etc Consists of numerous Modules Project Module Object Attribute Data of a Module Characteristics of Objects or Links Date of last Change, Priority, Status, Costs,... Relation between two Objects Links

17 “How do I manage change?” Stay on track and meet schedule Changes from all users including DOORSNet TM Read-only user submits “Change Proposal” Changes reviewed on-line Changes automatically update module Accepted Rejected Link On Hold In Review

18 Team Work: DOORS in Intranet/Internet DOORSNet User Read, Comment, Review, Change Request submission View by Browser Over the Web in your Project Data DOORS User

19 Traceability in DOORS User DemandsSystem Requirements Architectural Design Test Plan Follow Customer Ammendments through all the Documentation

20 Traceability - Requirements from Scenarios Goal hierarchy user requirements traceability Two people shall be able to lift the boat onto the roof of the average saloon car. The sailor shall be able to contact the coastguard when the boat is capsized. The sailor shall be able to perform a tacking manoeuvre. To have sailed and survived Ready to sail Sailed Returned home Boat loaded Boat lifted Boat unloaded Boat rigged Boat on car Mast rigged Center-plate rigged Rudder rigged Gibed Boat manoeuvred Tacked Cruised Boat capsized Gone ashore Boat righted Coast guard contacted

21 References TelecommunicationsAT&T, Alcatel, British Telecom, General Dynamics, ITT, L3 Comm, MCI Worldcom, Motorola, Nokia, Nortel, Tellabs Defense/AerospaceBoeing, Jet Propulsion Labs, Lockheed Martin, Raytheon Equipment ManufacturersCadence, Carrier, Cisco Systems, Hewlett Packard, Kodak, Otis Elevator, Pitney Bowes, Xerox AutomotiveBMW, Chrysler Daimler-Benz, Ford, General Motors, Rolls-Royce Financial/InsuranceCiticorp, Experian, Freddie Mac, Mastercard, NASD/NASDAQ/ASE, Nations Bank, Norwest Financial Services, Prudential, State Farm, UNUM, USAA, VISA GovernmentCND, FDA, FAA, MoD, NIMA, NASA, NSA, DISA, IRS, DOD Healthcare/MedicalAbbott Labs, Beckman Instruments, GE Medical, HP Medical, Kaiser Permanente, Siemans Medical Systems IntegratorsBooz Allen, CSC, EDS, IBM, Litton/PRC, Mitre, SAIC, Unisys

22 Designing for Safety Faults groups: - requirement/specification errors - random component failures - systematic faults in design (software) Approaches to tackle problems - right system architecture (fault-tolerant) - reliability engineering (component, system) - quality management (designing and producing processes)

23 Designing for Safety Hierarchical design - simple modules, encapsulated functionality - separated safety kernel – safety critical functions Maintainability - preventative versa corrective maintenance - scheduled maintenance routines for whole lifecycle - easy to find faults and repair – short MTTR mean time to repair Human error - Proper HMI

24 Safety management Safety culture/policy of the organisation - Task for management ( Tarkets ) Safety planning - Task for safety manager ( How to ) Safety reporting - All personal - Safety log / validation reports

25 Home assignments 4.18 (tolerable risk) 5.10 (incompleteness within specification) Email before 25. February to herttua@eurolock.org

Download ppt "Safety-Critical Systems 2 T 79.232 Ilkka Herttua."

Similar presentations

Configuration management

Configuration management
Configuration management

Configuration management
Configuration Management

Configuration Management
T Safety Critical Systems (4 cr)

T Safety Critical Systems (4 cr)
HP Quality Center Overview.

HP Quality Center Overview.
ITIL: Service Transition

ITIL: Service Transition
Safety-Critical Systems 2 Requirement Engineering T- 79.5303 Spring 2006 Ilkka Herttua.

Safety-Critical Systems 2 Requirement Engineering T Spring 2006 Ilkka Herttua.
Requirements and Design

Requirements and Design
Safety-Critical Systems 2 T 79.232 Risk analysis and design for safety Ilkka Herttua.

Safety-Critical Systems 2 T Risk analysis and design for safety Ilkka Herttua.
Safety-Critical Systems 2 Requirement Engineering T- 79.5303 Spring 2008 Ilkka Herttua.

Safety-Critical Systems 2 Requirement Engineering T Spring 2008 Ilkka Herttua.
Metrics Project and Process Metrics. Why do we measure? Assessing project status Allows us to track risks Before they go critical Adjust workflow See.

Metrics Project and Process Metrics. Why do we measure? Assessing project status Allows us to track risks Before they go critical Adjust workflow See.
Software Configuration Management

Software Configuration Management
SE 555 Software Requirements & Specification Requirements Management.

SE 555 Software Requirements & Specification Requirements Management.
Requirements Management

Requirements Management
Supplement 02CASE Tools1 Supplement 02 - Case Tools And Franchise Colleges By MANSHA NAWAZ.

Supplement 02CASE Tools1 Supplement 02 - Case Tools And Franchise Colleges By MANSHA NAWAZ.
Lucas Phillips Anurag Nanajipuram FAILURE MODE AND EFFECT ANALYSIS.

Lucas Phillips Anurag Nanajipuram FAILURE MODE AND EFFECT ANALYSIS.
Annex I: Methods & Tools prepared by some members of the ICH Q9 EWG for example only; not an official policy/guidance July 2006, slide 1 ICH Q9 QUALITY.

Annex I: Methods & Tools prepared by some members of the ICH Q9 EWG for example only; not an official policy/guidance July 2006, slide 1 ICH Q9 QUALITY.
Configuration Management

Configuration Management
IV&V Facility Model-based Design Verification IVV Annual Workshop September, 2009 Tom Hempler.

IV&V Facility Model-based Design Verification IVV Annual Workshop September, 2009 Tom Hempler.
This chapter is extracted from Sommerville’s slides. Text book chapter 29 1 1.

This chapter is extracted from Sommerville’s slides. Text book chapter

Similar presentations

Ads by Google