Objective Measurement of Safety in the Context of IEC 61508-3

摘要

Safety standards like the IEC 61508 are an important source for developing safety-critical (software) systems as they provide a set of requirements and recommendations to assist engineers in system and software development. Applying this standard in practice leads to interpretation problems due to insufficient operationalization, i.e. unclear requirements and unclear or missing acceptance criteria. This makes it hard to measure the extent to which a product fulfills the requirements of the standard. For this, we systematically developed a quality model that covers the coding-related parts of the safety standard IEC 61508. It provides refinements to the recommendations and equips them with proper measurement support by means of static code analysis tools (236 measures for C/C++ systems). We found in an evaluation study that the used approach is suitable for covering the coding-related parts of the standard with proper and meaningful operationalization. Additionally, the results indicate an adequate completeness of the modeled contents. This encourages us to go a step further and to extend the model to support compliance assessments in future work.