Convergence: Aligning the Methods and Tools of Software Safety Analysis with Those of theSoftware Development Process

摘要

Experience with the Software segment of the System Safety Process over the past fifteen years ispunctuated with the maturation of the analysis process, development and application ofspecialized or customized tools, and definition of a set of preferred/effective deliverables.Codification of our process and the underlying power to drive program expenditures on thesoftware and system safety process reached a peak in MIL-STD-882C with it’s clearly definedprocess, requirements, and deliverables. The resulting “Safety Flag” provided the safetyprofessional with a highly effective tool to force attention on to hazards, risks, and/or majorsystem/software concerns. However, reliance on this “Flag” often fosters an “Us against Them”relationship with the design and development team. In an effort to avoid this polarization, to be“part of the process” rather than “part of the problem”, experience has shown that tailoring thesoftware safety process, analysis tools, and deliverables to each program has significantlyimproved design/analysis integration. Additionally, if applied at the earliest stages of the designdevelopment process, the safety analysis can begin to establish relationships with the keydesigners that allow the safety analysis to have a maximum impact on the design/implementation.The paper will highlight some of the tools utilized by our group which have resulted in favorableexperiences with a number of software intensive development programs across a diversespectrum of the defense market segment. Systems will include aircraft flight control, mobileartillery, spacecraft display, and missile defense systems. Examples of tools and techniques(deliverables in many cases) customized to fit the individual programs will be demonstrated.Lessons learned will be presented and a “roadmap” for continued convergence of the softwaresafety analysis and software development processes suggested.