Assessing safety cases for programmable electronic systems

摘要

A number of safety assessments have been carried out forprogrammable electronic systems over the last seven years at ERA. In thecourse of this work, significant problems have been observed with theconstruction of an appropriate safety case. Some of the problems havebeen of a philosophical nature, while in some cases they have been of adetailed nature. The author has been involved in developing a systematicapproach to collecting and using such evidence to justify the safety ofsystems. Typically, this approach involves three main stages: (1) toidentify that appropriate safety targets have been defined; (2) toidentify the logical argument which shows how the architecture andbehaviour of the system function together so as to meet the necessarytargets; and (3) to establish whether the quality of implementation isadequate to uphold the assumptions made in the logical argument