CSC 402, Fall 20001 Requirements Analysis for Special Properties Systems Engineering (def?) –why? increasing complexity –ICBM’s (then TMI, Therac, Challenger...)

Slides:

Advertisements

Similar presentations

Mahmut Ali GÖKÇEIndustrial Systems Engineering Lecture 2 System Identification ISE102 Spring 2007.

Advertisements

DETAILED DESIGN, IMPLEMENTATIONA AND TESTING Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.

Testing and Quality Assurance

Formal Modelling of Reactive Agents as an aggregation of Simple Behaviours P.Kefalas Dept. of Computer Science 13 Tsimiski Str Thessaloniki Greece.

ECE 720T5 Fall 2012 Cyber-Physical Systems Rodolfo Pellizzoni.

Presented by: Thabet Kacem Spring Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.

® IBM Software Group © 2014 IBM Corporation Innovation for a smarter planet MBSE for Complex Systems Development Dr. Bruce Powel Douglass, Ph.D. Chief.

Software Testing and Quality Assurance

Software Testing and Quality Assurance

Detailed Design Kenneth M. Anderson Lecture 21

1 Solution proposal Exam 19. Mai 2000 No help tools allowed.

Knowledge Acquisitioning. Definition The transfer and transformation of potential problem solving expertise from some knowledge source to a program.

1 Software Testing and Quality Assurance Lecture 38 – Software Quality Assurance.

1 SYSTEM and MODULE DESIGN Elements and Definitions.

Architectural Design Principles. Outline  Architectural level of design The design of the system in terms of components and connectors and their arrangements.

Title slide PIPELINE QRA SEMINAR. PIPELINE RISK ASSESSMENT INTRODUCTION TO RISK IDENTIFICATION 2.

Quality Risk Management ICH Q9 Annex I: Methods & Tools

Testing safety-critical software systems

What Exactly are the Techniques of Software Verification and Validation A Storehouse of Vast Knowledge on Software Testing.

Unit 3a Industrial Control Systems

CASE Tools And Their Effect On Software Quality Peter Geddis – pxg07u.

Effective Methods for Software and Systems Integration

Annex I: Methods & Tools prepared by some members of the ICH Q9 EWG for example only; not an official policy/guidance July 2006, slide 1 ICH Q9 QUALITY.

EE551 Real-Time Operating Systems

ECE 720T5 Winter 2014 Cyber-Physical Systems Rodolfo Pellizzoni.

CMSC 345 Fall 2000 Unit Testing. The testing process.

VTT-STUK assessment method for safety evaluation of safety-critical computer based systems - application in BE-SECBS project.

WHAT IS SYSTEM SAFETY? The field of safety analysis in which systems are evaluated using a number of different techniques to improve safety. There are.

1 Debugging and Testing Overview Defensive Programming The goal is to prevent failures Debugging The goal is to find cause of failures and fix it Testing.

Safety-Critical Systems 6 Certification

Software Safety CS3300 Fall Failures are costly ● Bhopal 1984 – 3000 dead and injured ● Therac – 6 dead ● Chernobyl / Three Mile.

Intent Specification Intent Specification is used in SpecTRM

FAULT TREE ANALYSIS (FTA). QUANTITATIVE RISK ANALYSIS Some of the commonly used quantitative risk assessment methods are; 1.Fault tree analysis (FTA)

Some Software Engineering Principles by D. L. Parnas Presented by Team 7: Amitkumar Dhameja Cincy Francis Rong Gu CS575 - Software Design, Team 7.

QUALITY RISK MANAGEMENT RASHID MAHMOOD MSc. Analytical Chemistry MS in Total Quality Management Senior Manager Quality Assurance Nabiqasim Group of Industries.

Safety-Critical Systems T Ilkka Herttua. Safety Context Diagram HUMANPROCESS SYSTEM - Hardware - Software - Operating Rules.

Software Testing and Quality Assurance Software Quality Assurance 1.

Safety Critical Systems 5 Testing T Safety Critical Systems.

1 Safety - definitions Accident - an unanticipated loss of life, injury, or other cost beyond a pre-determined threshhold.  If you expect it, it’s not.

Safety-Critical Systems 5 Testing and V&V T

Safety-Critical Systems 7 Summary T V - Lifecycle model System Acceptance System Integration & Test Module Integration & Test Requirements Analysis.

Cmpe 589 Spring 2006 Lecture 2. Software Engineering Definition –A strategy for producing high quality software.

Objectives Students will be able to:

Architecture Analysis Techniques

Toulouse, September 2003 Page 1 JOURNEE ALTARICA Airbus ESACS  ISAAC.

RLV Reliability Analysis Guidelines Terry Hardy AST-300/Systems Engineering and Training Division October 26, 2004.

Review of Parnas’ Criteria for Decomposing Systems into Modules Zheng Wang, Yuan Zhang Michigan State University 04/19/2002.

Formal Specification: a Roadmap Axel van Lamsweerde published on ICSE (International Conference on Software Engineering) Jing Ai 10/28/2003.

WHAT IF ANALYSIS USED TO IDENTIFY HAZARDS HAZARDOUS EVENTS

SAFEWARE System Safety and Computers Chap18:Verification of Safety Author : Nancy G. Leveson University of Washington 1995 by Addison-Wesley Publishing.

21/1/ Analysis - Model of real-world situation - What ? System Design - Overall architecture (sub-systems) Object Design - Refinement of Design.

Testing Overview Software Reliability Techniques Testing Concepts CEN 4010 Class 24 – 11/17.

Review on the Hazard Analysis Techniques Seo Ryong Koo Dept. of Nuclear and Quantum Engineering KAIST Lab. Seminar.

1 Software Testing and Quality Assurance Lecture 38 – Software Quality Assurance.

ON “SOFTWARE ENGINEERING” SUBJECT TOPIC “RISK ANALYSIS AND MANAGEMENT” MASTER OF COMPUTER APPLICATION (5th Semester) Presented by: ANOOP GANGWAR SRMSCET,

Process Safety Management Soft Skills Programme Nexus Alliance Ltd.

October 22, 2005 Parvaiz Ahmed Khand An Overview of Software Safety.

LOGO Combining Fault Trees and Event Trees Seung Ki, Shin.

Introduction to Safety Engineering for Safety-Critical Systems Seo Ryong Koo Dept. of Nuclear and Quantum Engineering KAIST Lab. Seminar.

Formal Specification.

Dept. of Nuclear and Quantum Engineering

System Design and Modeling

Complexity Time: 2 Hours.

Safety and Risk.

Software Design Methodology

Software testing strategies 2

Presented By: Darlene Banta

Paper by D.L Parnas And D.P.Siewiorek Prepared by Xi Chen May 16,2003

Software Engineering for Safety: a Roadmap

Review and comparison of the modeling approaches and risk analysis methods for complex ship system. Author: Sunil Basnet.

Presentation transcript:

CSC 402, Fall Requirements Analysis for Special Properties Systems Engineering (def?) –why? increasing complexity –ICBM’s (then TMI, Therac, Challenger...) –how? create system architecture –first job: analyze and modify requirements! criteria for its evaluation tradeoffs involving subsystems

CSC 402, Fall Components of Systems Safety (and other properties) “emergent” –the system is more than the sum of its parts “synergy” a real concept? –complexity shows up at the interfaces what does “divide and conquer” really accomplish? complex interfaces, simple modules simple interfaces, complex modules

CSC 402, Fall Software and Systems Engineering Software as “component” –embedded systems - software “control” Controlled Process Software Controller Inputs Outputs Uncontrolled Variables Actuators manipulated vars Sensors controlled vars

CSC 402, Fall Human as “Component” –human “control” - software “decision support” consider the system properties like “safety” –medical expert systems »or even patient databases –pilot interface to commercial airliner at system level: –what is known about the components –how can we reduce risks »relative to component parameters we can control

CSC 402, Fall Safety Analysis Safety as system property –software not “safe” or “unsafe” by itself safety relative to reliability? –what do we know about software reliability? »very, very little! »Parnas, Hamlet write about this extensively

CSC 402, Fall Steps in Safety Analysis Definition and Description of System Hazard Identification Accident Modeling Quantification of Risks Documentation of Results System Changes

CSC 402, Fall Feedforward control aspects –plans ahead to avoid and mitigate Feedback control aspects –uses accident information, when available when system not entirely novel

CSC 402, Fall Lots of Methods FMEA - failure modes effects analysis –based on failure modes of each significant system component AEA - action error analysis –human actions and failures are analyzed with respect to the system ETA - event tree analysis –postulate hazardous event, determine system responses FTA - fault tree analysis –postulate hazardous event, determine possible causes CCA - cause consequence analysis –combine ETA and FTA HAZOP - hazard and operability study –guide words (checklist approach) of “deviation analysis” - more of, less of, none, other WSA - work safety analysis –investigate working methods, machines and environment

CSC 402, Fall State Space Search Strategies Forward analysis –based on system structure –propogate failure of system elements forward Backward analysis –based on system structure –propogate backwards from postulated accidents Morphological analysis –concentrate on hazardous factors and potential targets

CSC 402, Fall Goals of the Search

CSC 402, Fall Applicability to Software? FTA: Leveson, Cha, 1991 Hazop: (Deviation Analysis) Reese, 1996 Others? (Want a Master’s Thesis topic???)

CSC 402, Fall Fault Tree Analysis Basic steps: postulate accident or undesired system output –root of tree determine necessary preconditions –draw as leaves with appropriate logical connectors –add probabilities if known

CSC 402, Fall Why Software FTA? Benefits: –Combats software state space explosion backwards technique reduces search space –only the events of interest are considered –Partial verification technique useful at many levels of abstraction –including requirements can be viewed as a structured walkthrough –with the power of the included logic

CSC 402, Fall –Learning and communication human interpretation of models is informative –Automatable there are some tools to draw and analyze

CSC 402, Fall Risky State Logical Connector and/or logical connector necessary precondx necessary precondx necessary precondx necessary precondx Recurse to leaves

CSC 402, Fall Comments Leveson, Cha paper: –work from system spec to software spec –work from software spec down to code to individual software constructs –based on safety-critical variable values –must know static program dependencies to take path »must also know how values may change »could be done like symbolic execution - path expressions

CSC 402, Fall Necessary Preconditions for FTA Need to know precisely: –necessary preconditions to get to any system state –probabilities for those conditions is this possible for software? fault tree value if it is not possible?

CSC 402, Fall Specification Support for FTA Basic support –precise and measurable requirements –analysis models that exhibit system behavior Full support –formal specifications state charts have been used as a basis for software FTA

CSC 402, Fall Classify the Technique? Static or Dynamic –execution as conceptual (walkthrough) –execution of “model” separate from product Redundancy in Requirements Analysis –what are the tradeoffs? –is this really a multi language approach to requirements and specification?