Abstract
It is difficult to demonstrate that safety-critical software is completely free of dangerous faults. Prior testing can be used to demonstrate that the unsafe failure rate is below some bound, but in practice, the bound is not low enough to demonstrate the level of safety performance required for critical software-based systems like avionics. This paper argues higher levels of safety performance can be claimed by taking account of: 1) external mitigation to prevent an accident: 2) the fact that software is corrected once failures are detected in operation. A model based on these concepts is developed to derive an upper bound on the number of expected failures and accidents under different assumptions about fault fixing, diagnosis, repair and accident mitigation. A numerical example is used to illustrate the approach. The implications and potential applications of the theory are discussed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Avizienis, A., Laprie, J.-C., Randell, B., Landwehr, C.: Basic concepts and taxonomy of dependable and secure computing. IEEE Transactions on Dependable and Secure Computing 1(1), 11–33 (2004)
Boeing, Statistical Summary of Commercial Jet Airplane Accidents Worldwide Operations 1959 – 2010. Aviation Safety, Boeing Commercial Airplanes, Seattle, Washington, U.S.A (June 2011)
Briere, D., Traverse, P.: Airbus A320/A330/A340 electrical flight controls — a family of fault-tolerant systems. In: Proc. 23rd IEEE Int. Symp. on Fault-Tolerant Computing (FTCS-23), pp. 616–623 (June 1993)
Butler, R.W., Finelli, G.B.: The infeasibility of quantifying the reliability of life-critical real-time software. IEEE Transactions on Software Engineering 19(1), 3–12 (1993)
FAA Airworthiness Directive database, http://rgl.faa.gov/Regulatory_and_Guidance_Library/rgAD.nsf/MainFrame
Graydon, P.J., Knight, J.C., Yin, X.: Practical Limits On Software Dependability: A Case Study. In: Real, J., Vardanega, T. (eds.) Ada-Europe 2010. LNCS, vol. 6106, pp. 83–96. Springer, Heidelberg (2010)
Hecht, H., Hecht, M.: Software reliability in the system context. IEEE Transactions on Software Engineering 12, 51–58 (1986)
Hinchey, M.G., Bowen, J.P.: Industrial-strength formal methods in practice. Springer (1999)
IEC, Functional safety of electrical/electronic/programmable electronic safety-related systems. IEC 61508 ed. 2.0, International Electrotechnical Commission (2010)
INSAG, Defence in Depth in Nuclear Safety. INSAG 10, International Nuclear Safety Advisory Group (1996)
Jackson, D., Thomas, M.: Software for dependable systems: sufficient evidence? National Research Council (U.S.). National Academic Press (2007) ISBN 978-0-309-10394-7
Joint Airworthiness Authority, Joint Airworthiness Requirements, Part 25: Large Aeroplanes JAR 25 (1990)
Joint Airworthiness Authority, Advisory Material Joint (AMJ) relating to JAR 25.1309: System Design and Analysis. AMJ 25.1309 (1990)
Kanoun, K., Laprie, J.-C.: Dependability modeling and evaluation of software fault-tolerant systems. IEEE Transactions on Computers 39(4), 504–513 (1990)
Kantz, H., Koza, C.: The ELEKTRA Railway Signalling-System: Field Experience with an Actively Replicated System with Diversity. In: 25th IEEE Int. Symposium on Fault-Tolerant Computing (FTCS-25), pp. 453–458 (June 1995)
Knight, J.C., Leveson, N.G.: An empirical study of failure probabilities in multi-version software. In: Digest. FTCS-16: Sixteenth Annual Int. Symp. Fault-Tolerant Computing, pp. 165–170 (July 1986)
Krantz, S.G.: Jensen’s Inequality. In: Section 9.1.3 in Handbook of Complex Variables, p. 118. Birkhäuser, Boston (1999)
Laprie, J.-C.: For a product-in-a-process approach to software reliability evaluation. In: Third International Symposium on Software Reliability Engineering (ISSRE 1992), pp. 134–139 (October 1992)
Leveson, N.G.: Engineering a Safer World: Systems Thinking Applied to Safety. MIT Press (2012) ISBN 978-0262016629
Littlewood, B., Rushby, J.: Reasoning about the Reliability of Diverse Two-Channel Systems in Which One Channel Is “Possibly Perfect”. IEEE Transactions on Software Engineering 38(5), 1178–1194 (2012)
Littlewood, B., Strigini, L.: Validation of Ultra-High Dependability for Software-based Systems. Communications of the ACM 36(11), 69–80 (1993)
Lyu, M.T.: Software Fault Tolerance. John Wiley & Sons, Inc., New York (1995) ISBN:0471950688
Radio Technical Commission for Aeronautics, Software Considerations in Airborne Systems and Equipment Certification, RTCA/DO-178C. RTCA, Washington, DC (December 2011)
Smidts, C.: A stochastic model of human errors in software development: impact of repair times. In: Proceedings of the 10th International Symposium on Software Reliability Engineering (ISSRE 1999), pp. 94–103 (1999)
Shooman, M.: Avionics Software Problem Occurrence Rates. In: Seventh International Symposium on Software Reliability Engineering (ISSRE 1996), pp. 55–64 (1996)
van der Meulen, M.J.P., Revilla, M.A.: The Effectiveness of Software Diversity in a Large Population of Programs. IEEE Transactions on Software Engineering 34(6), 753–764 (2008)
Zwillinger, D.: CRC Standard Mathematical Tables and Formulae, 31th edn., pp. 630–631. CRC Press, Boca Raton (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bishop, P. (2013). Does Software Have to Be Ultra Reliable in Safety Critical Systems?. In: Bitsch, F., Guiochet, J., Kaâniche, M. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2013. Lecture Notes in Computer Science, vol 8153. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40793-2_11
Download citation
DOI: https://doi.org/10.1007/978-3-642-40793-2_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40792-5
Online ISBN: 978-3-642-40793-2
eBook Packages: Computer ScienceComputer Science (R0)