The use of Software of Unknown Pedigree (SOUP) in safety-critical systems presents a challenge due to uncertainty about its dependability to perform its function safely and securely. SOUP refers to a software item that is already developed and generally available for which adequate records of the development process are not available. While some industries have developed policies and best practices regarding the use of SOUP in safety-critical applications, these best practices have yet to be fully integrated in aviation. We propose a framework for evaluating the use of SOUP as part of a safety-critical aviation application by reviewing best practices from six industry domains. We believe that unmanned aircraft systems (HAS) may be prime candidates for evaluating this framework because of their software-intensive nature, the non-traditional development approach used by some manufacturers, and the fact that some software hazards may be mitigated since unmanned aircraft do not have humans onboard. Establishing an accepted framework for the use of SOUP in aviation could reduce costs and expedite airworthiness and operational approvals for these systems. As a next step, we propose a case study that would provide empirical evidence for the use of the framework to the safety regulators and approving authorities in support of use of SOUP in safety-critical applications. We discuss how this research may be extended to standards development and beyond.
展开▼