Performing Hazard and Safety Analysis of Object Oriented Systems

摘要

There is increasing interest in the use of Object Oriented (OO) software technology in the development of safety related systems. OO techniques provide considerable potential benefits for system developers such as increased flexibility and re-use. Most current system safety analysis techniques examine the software in a safety critical system as a whole entity. The analyses typically work "top down" from system hazards, and result in a system-specific safety case. If the benefits of OO, especially reuse, are to be realised in safety critical systems, it is imperative that techniques for performing hazard and safety analysis are developed which fit in with the OO development process and life-cycle. This means that, for example, it is necessary to examine components such as classes and objects in such a way that the results can be used to construct analyses of complete systems. This paper presents a proposal for how hazard and safety analysis of OO systems may be performed. The proposed process starts at the level of OO conceptual designs by investigating faulty behaviours in state transitions of objects and interactions between the objects in a system. Safety contracts for object interactions can then be derived to capture the safety requirements of the system. A simple example is used to illustrate how the techniques can be applied. The paper then goes on to investigate how the techniques may enable safe utilisation of desirable features of OO such as inheritance and reuse. It also discusses how confirmatory analysis of the system design may be performed to ensure the safety requirements defined in the safety contracts are met.