Presentation is loading. Please wait.

Presentation is loading. Please wait.

©Ian Sommerville 2006Critical Systems Slide 1 Critical Systems Engineering l Processes and techniques for developing critical systems.

Similar presentations

Presentation on theme: "©Ian Sommerville 2006Critical Systems Slide 1 Critical Systems Engineering l Processes and techniques for developing critical systems."— Presentation transcript:

1 ©Ian Sommerville 2006Critical Systems Slide 1 Critical Systems Engineering l Processes and techniques for developing critical systems

2 ©Ian Sommerville 2006Critical Systems Slide 2 What is a system? l A collection of elements which are assembled to fulfil some defined purpose. Elements may be hardware or software components, organisational policies and procedures and operational processes. l Systems have properties which are emergent i.e. they only come to light when the parts are put together, they have structure and mechanisms for communication and control.

3 ©Ian Sommerville 2006Critical Systems Slide 3 Socio-technical computer-based systems l Systems which some of the elements are software-controlled computers and which are used by people for some purpose. They typically include: Computer hardware Software Policies and procedures Operational processes

4 ©Ian Sommerville 2006Critical Systems Slide 4 Emergent properties l Properties which are properties of the system AS A WHOLE rather than of the collection of parts. l Not determined solely from the properties of the system parts but also from the system’s structure. l Examples The reliability of a computer depends on the reliability of the processor, memory, keyboard, monitor, disk, etc. A mobile phone has the emergent property of being a communication device.

5 ©Ian Sommerville 2006Critical Systems Slide 5 Emergent system-wide properties l Important emergent properties of a system are Performance Reliability Safety Security Usability Maintainability l These are non-functional properties - they do not relate to any specific functionality of the system l Some or all of these properties are usually more important than detailed system functionality

6 ©Ian Sommerville 2006Critical Systems Slide 6 The role of software in systems l Software in complex systems now has a number of different roles. For example: Control and coordination The operation of different parts of the system is coordinated by a controlling software system Information management Large amounts of information that is required in many systems is managed and organised by software Input and output filtering System inputs and outputs are pre and post processed by software to simplify their subsequent processing User interface The user interface to many systems is now largely a software-based interface System monitoring The operation of the system is monitored by software and anomalies reported

7 ©Ian Sommerville 2006Critical Systems Slide 7 Critical systems l A critical system is any system whose ‘failure’ could threaten human life, the system’s environment or the existence of the organisation which operates the system. l ‘Failure’ in this context does NOT mean failure to conform to a specification but means any potentially threatening system behaviour.

8 ©Ian Sommerville 2006Critical Systems Slide 8 Critical system classes l Safety-critical systems A system whose failure may result in the loss of human life, injury or major environmental damage l Mission-critical systems A system whose failure may result in the consequent failure of a goal-directed activity l Business-critical systems A system whose failure may result in the failure of the business that is using that system

9 ©Ian Sommerville 2006Critical Systems Slide 9 Examples of critical systems l Communication systems such as telephone switching systems, aircraft radio systems, etc. l Embedded control systems for process plants, medical devices. l Command and control systems such as air-traffic control systems, disaster management systems. l Financial systems such as foreign exchange transaction systems, account management systems.

10 ©Ian Sommerville 2006Critical Systems Slide 10 The concept of dependability l For critical systems, it is usually the case that the most important system property is the dependability of the system l The dependability of a system reflects the user’s degree of trust in that system. It reflects the extent of the user’s confidence that it will operate as users expect and that it will not ‘fail’ in normal use l Usefulness and trustworthiness are not the same thing. A system does not have to be trusted to be useful

11 ©Ian Sommerville 2006Critical Systems Slide 11 Dimensions of dependability

12 ©Ian Sommerville 2006Critical Systems Slide 12 Availability and reliability l Reliability The probability of failure-free system operation over a specified time in a given environment for a given purpose l Availability The probability that a system, at a point in time, will be operational and able to deliver the requested services l Availability and reliability are related but distinct Availability takes into account the time that the system is out of service Unreliable systems can have a high availability if there is a short restart time

13 ©Ian Sommerville 2006Critical Systems Slide 13 Safety l Safety is a property of a system that reflects the system’s ability to operate, normally or abnormally, without danger of causing human injury or death and without damage to the system’s environment l It is increasingly important to consider software safety as more and more devices incorporate software-based control systems

14 ©Ian Sommerville 2006Critical Systems Slide 14 l Safety and reliability are related but distinct In general, reliability and availability are necessary but not sufficient conditions for system safety l Reliability is concerned with conformance to a given specification and delivery of service l Safety is concerned with ensuring system cannot cause damage irrespective of whether or not it conforms to its specification Safety and reliability

15 ©Ian Sommerville 2006Critical Systems Slide 15 Security l The security of a system is a system property that reflects the system’s ability to protect itself from accidental or deliberate external attack l Security is becoming increasingly important as systems are networked so that external access to the system through the Internet is possible l Security is an essential pre-requisite for availability, reliability and safety

16 ©Ian Sommerville 2006Critical Systems Slide 16 Damage from insecurity l Denial of service The system is forced into a state where normal services are unavailable or where service provision is significantly degraded l Corruption of programs or data The programs or data in the system may be modified in an unauthorised way l Disclosure of confidential information Information that is managed by the system may be exposed to people who are not authorised to read or use that information

17 ©Ian Sommerville 2006Critical Systems Slide 17 Security and dependability l Security and availability Systems that are insecure may be liable to denial of service attacks that compromise the availability of the system. l Security and reliability Corruption of programs and data may mean that a system becomes unreliable and, possibly, unsafe. l Security and safety Safety validation relies on demonstrating that a particular system is safe. Insecurities can result in changes to the system so we can no longer be confident in its safety

18 ©Ian Sommerville 2006Critical Systems Slide 18 Development for dependability l Use of formal methods for system specification l Use of formal verification to demonstrate that a program is consistent with its specification l Separate teams for implementation and testing l Incorporation of redundant code and self-checking in programs l Redundant hardware units l Measurement of test coverage

19 ©Ian Sommerville 2006Critical Systems Slide 19 Costs of increasing dependability Cost LowMediumHighVery high Ultra- high Dependability

20 ©Ian Sommerville 2006Critical Systems Slide 20 Key points l Computer-based systems are socio-technical systems which include hardware, software, operational processes and procedures and people. l An increasing number of socio-technical systems are critical systems l Systems have emergent properties i.e. properties which are only apparent when all sub-systems are integrated. l Critical system attributes are dependability attributes - reliability, availability, safety and security

21 ©Ian Sommerville 2006Critical Systems Slide 21 Key points l The dependability of a system reflects the user’s trust in that system l The availability of a system is the probability that it will be available to deliver services when requested l The reliability of a system is the probability that system services will be delivered as specified l Reliability and availability are generally seen as necessary but not sufficient conditions for safety and security l Insecure systems cannot be guaranteed to be available, reliable or safe

Download ppt "©Ian Sommerville 2006Critical Systems Slide 1 Critical Systems Engineering l Processes and techniques for developing critical systems."

Similar presentations

Ads by Google