NASA OSMA SAS '02 Software Fault Tree Analysis Dolores R. Wallace SRS Information Services Software Assurance Technology Center http://satc.gsfc.nasa.gov/

Slides:

Advertisements

Similar presentations

Integra Consult A/S Safety Assessment. Integra Consult A/S SAFETY ASSESSMENT Objective Objective –Demonstrate that an acceptable level of safety will.

Advertisements

99/11/12. When to use it Fig. 1. Fault Tree Analysis in problem solving.

6/6/2014 Risk Management for Medical Devices Safe and Effective Products Paul McDaniel ASQ CQM/OE Executive VP Operations and QA Sicel Technologies.

Frequencies Estimation Ricki M Mulia, ST. MSc. Unsafe Act Unsafe Condition HAZARD EXPOSURE Penyakit Akibat kerja RISK Kecelakaan kerja Higiene Industri.

Systems Analysis and Design 9th Edition

1 Chapter 2: Product Development Process and Organization Introduction Importance of human resources: Most companies have similar technology resources.

Software Engineering 1 Evolutionary Processes Lesson 11.

© Janice Regan, CMPT 102, Sept CMPT 102 Introduction to Scientific Computer Programming The software development method algorithms.

Risk Management Chapter 7.

Combining Product Risk Management & Design Controls

Prof. Seppo Virtanen TUT PURESAFE Final Conference Tuesday 20 January 2015, 14:20 – 14:40 RAMS Methods and Tools: From LHC to FCC.

Computer Engineering 203 R Smith Risk Management 7/ Risk Management The future can never be predicted with 100% accuracy. Failure to plan for risks.

1 Risk evaluation Risk treatment. 2 Risk Management Process Risk Management Process.

SQM - 1DCS - ANULECTURE Software Quality Management Software Quality Management Processes V & V of Critical Software & Systems Ian Hirst.

CSC 402, Fall Requirements Analysis for Special Properties Systems Engineering (def?) –why? increasing complexity –ICBM’s (then TMI, Therac, Challenger...)

Tony Gould Quality Risk Management. 2 | PQ Workshop, Abu Dhabi | October 2010 Introduction Risk management is not new – we do it informally all the time.

Software Process and Product Metrics

West Virginia University A Bayesian Approach to Reliability Predication of Component Based Systems H. Singh, V. Cortellessa, B. Cukic, E. Gunel, V. Bharadwaj.

Fault Tree Analysis Applied to a tiny ― Computer Startup ― (2-3 people)

Basics of Fault Tree and Event Tree Analysis Supplement to Fire Hazard Assessment for Nuclear Engineering Professionals Icove and Ruggles (2011) Funded.

 Probably the most time-consuming project management activity.  Continuous activity - Plans must be regularly revised.  Various different types of.

Project Risk Management. The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding.

SAS 03/ GSFC/SATC-ERAU-DoC Fault Tree Analysis Application for Safety and Reliability Massood Towhidnejad Embry-Riddle University Dolores Wallace & Al.

Quality in Product and Process Design Pertemuan 13-14

Quality Risk Management Methodology Anthony Cumberlege SAPRAA meeting - Randpark golf club, 20 March 2009.

 Copyright © 2010 Pearson Education, Inc. Publishing as Prentice Hall Chapter 7 Quality and Innovation in Product and Process Design.

Managing Software Quality

Risk Assessment and Probabilistic Risk Assessment (PRA) Mario. H. Fontana PhD.,PE Research Professor Arthur E. Ruggles PhD Professor The University of.

1SAS 03/ GSFC/SATC- NSWC-DD System and Software Reliability Dolores R. Wallace SRS Technologies Software Assurance Technology Center

Understand Application Lifecycle Management

Chapter 3: Software Maintenance Process Omar Meqdadi SE 3860 Lecture 3 Department of Computer Science and Software Engineering University of Wisconsin-Platteville.

Lecture4 : Project planning Lecturer: Kawther Abas 447CS – Management of Programming Projects.

FAULT TREE ANALYSIS (FTA). QUANTITATIVE RISK ANALYSIS Some of the commonly used quantitative risk assessment methods are; 1.Fault tree analysis (FTA)

Introduction Complex and large SW. SW crises Expensive HW. Custom SW. Batch execution Structured programming Product SW.

Software Project Management

Project Management All projects need to be “managed” –Cost (people-effort, tools, education, etc.) –schedule –deliverables and “associated” characteristics.

Reliability Data Collection and Analysis Benbow and Broome (Ch 15, 16 and 17) Presented by Dr. Joan Burtner Certified Quality Engineer Associate Professor.

CASE (Computer-Aided Software Engineering) Tools Software that is used to support software process activities. Provides software process support by:- –

Software Engineering1  Verification: The software should conform to its specification  Validation: The software should do what the user really requires.

1 NASA OSMA SAS02 Software Fault Tree Analysis Dolores R. Wallace SRS Information Services Software Assurance Technology Center

1 Chapter 3: Project Management Chapter 22 & 23 in Software Engineering Book.

SAFEWARE System Safety and Computers Chap18:Verification of Safety Author : Nancy G. Leveson University of Washington 1995 by Addison-Wesley Publishing.

ON “SOFTWARE ENGINEERING” SUBJECT TOPIC “RISK ANALYSIS AND MANAGEMENT” MASTER OF COMPUTER APPLICATION (5th Semester) Presented by: ANOOP GANGWAR SRMSCET,

1 Product Development Process Requirements Definition (Chap. 3) Conceptual Design (Chap. 3 and 4) Detailed Design (Chap. 5) Manufacturing (Chap. 7) Logistics,

The Information Systems Development Processes Chapter 9.

Medical Device Software Development

Appendix 2 Automated Tools for Systems Development

Introduction Edited by Enas Naffar using the following textbooks: - A concise introduction to Software Engineering - Software Engineering for students-

Modern Systems Analysis and Design Third Edition

Achieving High Software Reliability

UNDERSTANDING THE BUSINESS VALUE OF SYSTEMS AND MANAGING CHANGE

Software Testing Testing process, Design of test cases.

Safety and Risk.

Software Engineering (CSI 321)

Business System Development

An Integrated Approach for Software Safety Analysis

Quality Risk Management

The value of a project-oriented approach to IT and how we do it in IBM

Introduction Edited by Enas Naffar using the following textbooks: - A concise introduction to Software Engineering - Software Engineering for students-

Quality Management Systems – Requirements

Methodologies For Systems Analysis.

Tools of Software Development

Modern Systems Analysis and Design Third Edition

Thursday’s Lecture Chemistry Building Musspratt Lecture Theatre,

The benefits to perform FMEA

Modern Systems Analysis and Design Third Edition

Project Management Chapter 11.

Failure Mode and Effect Analysis

Chapter 3 Managing the Information Systems Project

Review and comparison of the modeling approaches and risk analysis methods for complex ship system. Author: Sunil Basnet.

Presentation transcript:

NASA OSMA SAS '02 Software Fault Tree Analysis Dolores R. Wallace SRS Information Services Software Assurance Technology Center http://satc.gsfc.nasa.gov/ dwallac@pop300.gsfc.nasa.gov Dr. Massood Townidnejad Embry-Riddle University towhid@erau.edu NASA OSMA SAS02

The Premise FTA applies to software (SFTA)1 SFTA uses same tools as FTA SFTA can apply FTA algorithms computing risk based on probability 1 Several researchers have explored SFTA to some extent, e.g., Leveson, Lutz, Dugan, Heimdahl Measurement uses (as one of several data points): When to release system Test Scheduling Quality measurement Ability to estimate latent faults Who uses this: Managers Developers IV&Vers QEs NASA OSMA SAS02

Tasks Understand the methodology, including symbology Develop tool evaluation criteria Identify commercial tools Get demonstration copies Apply tools to software Measurement uses (as one of several data points): When to release system Test Scheduling Quality measurement Ability to estimate latent faults Who uses this: Managers Developers IV&Vers QEs NASA OSMA SAS02

FTA Methodology Hierarchical, graphical representation of events Notation to represent Boolean expression recording relationships between states/ events Qualitative: ID of design weaknesses,e.g., single point of failure and safety critical failure combinations Quantitative: event’s probability of occurrence to identify paths most likely to occur Starting point (top of tree): system failure or hazard Backward progression id’ing parallel and sequence combinations of events causing top event to occur NASA OSMA SAS02

Probability Issue Hardware Large collections of historic data Classification of failure types Degradation Software Limited availability of software failure data Classification of cause more relevant Degradation not same for software Probability values not available, though subject of research efforts NASA OSMA SAS02

FTA Symbology EVENTS GATES BASIC AND OR CONDITIONING UNDEVELOPED EXCLUSIVE OR EXTERNAL PRIORITY AND INTERMEDIATE INHIBIT TRANSFERS OUT IN NASA OSMA SAS02

Tool Evaluation Criteria Categories User Interface Functionality Output SFTA Model Security Operational Issues Adaptability *** Cost of Tool (consider functionality not usable by SFTA) Return on Investment NASA OSMA SAS02

Commercial Tools Approximately 33 Most embody two or more analyses (e.g., FMEA) All compute risk with algorithms applying values of probability of failure Many claim adaptability for SFTA Two claimed specific use for SFTA, but … Lack of specific SFTA tools caused our redirection! NASA OSMA SAS02

New Focus: Life Cycle Approach Requirements Identify weaknesses and modify, eliminate them Identify those with direct impact on safety of system Design Apply to design, smaller than related code Identify components/modules, subcomponents with direct impact on safety of system Code Apply only to those subcomponents already identified as having direct impact on safety of system NASA OSMA SAS02

Application of SFTA to Software Design The Challenge Focus SFTA on OODs Develop a relationship between OOD charts and diagrams to symbology of FTA Initial Issues Attempt to fit activity diagram to general template Recognize loops as a feature of activity diagram Allow for concurrency found in many real-time systems Applied commercial tool- identified probable cause of failure successfully in each case Next Steps Generate fault trees directly from several activity diagrams NASA OSMA SAS02

Activity Diagram Drink not available Drink available Deliver drink Choose drink Show drink menu Check enough money is inserted Insert coins into machine Drink not available Drink available NASA OSMA SAS02

Software Fault Tree NASA OSMA SAS02

Resulting Fault Tree Analysis NASA OSMA SAS02

FUTURE Identify the general features of activity, state, and sequence diagrams as related to FTA symbology Apply this approach to real, larger designs Have commercial tool vendor work with us to build the interface between these OOD types and the FTA symbology Hoped for result: practical means of applying FTA to software across the life cycle! Make sure I mention that after all this, we would like to do a comparison study, or shadow project, to measure how well SFTA ranks against other known methods NASA OSMA SAS02