Does software have to be ultra reliable in safety critical systems?
Bishop, P. G. (2013). Does software have to be ultra reliable in safety critical systems?. Paper presented at the SAFECOMP 2013, 32nd International Conference on Computer Safety, Reliability and Security, 24 - 27 September 2013, Toulouse, France.
Abstract
It is difficult to demonstrate that safety-critical software is completely free of dangerous faults. Prior testing can be used to demonstrate that the unsafe failure rate is below some bound, but in practice, the bound is not low enough to demonstrate the level of safety performance required for critical software-based systems like avionics. This paper argues higher levels of safety performance can be claimed by taking account of: 1)external mitigation to prevent an accident: 2) the fact that software is corrected once failures are detected in operation. A model based on these concepts is developed to derive an upper bound on the number of expected failures and accidents under different assumptions about fault fixing, diagnosis, repair and accident mitigation. A numerical example is used to illustrate the approach. The implications and potential applications of the theory are discussed.
Publication Type: | Conference or Workshop Item (Paper) |
---|---|
Publisher Keywords: | safety, software defects, software reliability, fault tolerance, fault correction |
Subjects: | Q Science > QA Mathematics > QA76 Computer software |
Departments: | School of Science & Technology > Computer Science > Software Reliability |