Verification Validation of Safety Critical Software：安全关键软件验证与确认.ppt

Abstract of talk (1) The increasing trend towards systems integration, and increased automation of critical functions which were once performed by humans, means that more and more reliance is placed on software. Procurers of safety-critical systems are becoming more aware of the need for appropriate levels of safety assurance, and are increasingly requiring system developers to produce a Safety Case to document the reasons why a system is safe to be operated. Abstract of talk (2) This talk looks at recent and emerging standards for safety-critical software, and will introduce listeners to the key principles of safety assurance, including: hazard and risk analysis safety integrity levels the structure and content of safety cases management of the safety process Computer Aided Disasters Therac 25 (1985-87, N. America) radiation therapy machine delivers severe radiation overdoses (x6) London Ambulance Service (1992) 20+ die unnecessarilly when dispatch system fails USS Vincennes (1988) shoots down Iran Air airliner after faulty identification Airbus A320 (1988-) various crashes Ariane 5 (1996) software exception causes self-destruct etc See lab.ox.ac.uk/archive/safety.html /risks.html What’s Different About Software? Broadly speaking, traditional safety engineering is concerned with physical failures: e.g. wear-out, corrosion, faulty manufacture mitigations include: well-tried designs, safety margins, redundant components, inspection, maintenance this has little relevance for software On the other hand, software is typically: novel, complex, highly input-sensitive, not designed by domain experts Software demands a new approach to safety engineering Talk outline Define main terms concepts in safety engineering as they relate to software: hazards, risk, safety integrity levels, etc Explain the basic principles of safety management  the safety lifecycle for software systems Outline 3 important safety analysis techniques Failure Modes Effects Analysis (FMEA)