Proven in Use for Software: Assigning an SIL Based on Statistics

Autor: Hendrik Schäbe, Heinz Gall, Jens Braband
Rok vydání: 2018
Předmět:
Zdroj: Handbook of RAMS in Railway Systems ISBN: 9781315269351
DOI: 10.1201/b21983-19
Popis: The nature of software failures and the possibility to predict software failure behavior has attracted the interest of researchers and engineers. The first have tried to study the phenomenon, and the second have been searching for a way to predict software failure behavior based on characteristics describing the software, preferably characteristics of the source code as metrics. In order to approach this problem, first of all, one needs to understand the nature of software failure behavior. Obviously, this is different from hardware failure behavior. One main question is whether software failure behavior can be described by probabilistic models. If such a model is known, the next question is then how it can be used and whether it would be possible to use this model for prediction or to prove that a certain piece of software falls, e.g., into a safety integrity level regarding its failure rate (if this exists) and can therefore be judged to be qualified for this safety integrity level. Proven-in-use arguments are needed when predeveloped products with an in-service history are to be used in different environments than those they were originally developed for. Particular cases may include the following: Commercial-off-the-shelf components that are to be used in safety contexts Predeveloped products that have been certified by a different standard or against different requirements Products that have originally been certified to a lower level of integrity but are to be used for higher levels of integrity A product may include software modules or may be stand-alone integrated hardware and software modules. Also, there has been considerable confusion about the term software reliability. Therefore, the authors want to state the following very clearly: software does not fail; only physical systems can fail. So, unless software is executed on hardware, we cannot refer to failure. The aim of this chapter is to base the argumentation on a general mathematical model, so that the results can be applied to a very general class of products without unnecessary limitations. The advantage of such an approach is also that the same requirements would hold for a broad class of products. In this chapter, we first discuss existing standards and approaches that have been used throughout the last 20 years. Then, we describe the mathematical model and illustrate it with example. Further, the authors provide some of their personal experiences and draw conclusions.
Databáze: OpenAIRE