Demonstration of the Context-based Software Risk Model Method for Risk Informed Assurance and Test of Software-Intensive Space Systems

摘要

This paper documents a NASA HQ/Office of Safety and Mission Assurance (OSMA) and Johnson Space Center (JSC) project carried out to validate the "Context-based Software Risk Model" (CSRM), a method for risk assessment and risk-informed safety assurance of software-intensive, mission-critical digital control systems utilized in NASA space missions. The CSRM framework enables the preventive identification and assessment of potential space system failures resulting from the interaction between software and the "balance-of-system," and provides a risk-informed path for conducting software testing in such a way as to attain a quantitatively defined level of safety and success assurance for the space system. CSRM uses a seamless combination of traditional probabilistic risk assessment (PRA) techniques (event trees and fault tree models) and more advanced dynamic logic-modeling techniques (Dynamic Flowgraph Methodology (DFM) or comparable methods) to estimate and integrate the contribution of digital systems and software into the overall system risk. The above concepts are illustrated in this paper via examples drawn from the detailed risk assessment of the Miniature Autonomous Extravehicular Robotic Camera (Mini AERCam), a free-flying nano-satellite designed and developed by NASA JSC. The assessment included developing CSRM models of the Mini AERCam systems, focusing on its digital and software-intensive control apparatus.