Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSC 402, Fall 20001 Requirements Analysis for Special Properties Systems Engineering (def?) –why? increasing complexity –ICBM’s (then TMI, Therac, Challenger...)

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "CSC 402, Fall 20001 Requirements Analysis for Special Properties Systems Engineering (def?) –why? increasing complexity –ICBM’s (then TMI, Therac, Challenger...)"— Presentation transcript:

1 CSC 402, Fall 20001 Requirements Analysis for Special Properties Systems Engineering (def?) –why? increasing complexity –ICBM’s (then TMI, Therac, Challenger...) –how? create system architecture –first job: analyze and modify requirements! criteria for its evaluation tradeoffs involving subsystems

2 CSC 402, Fall 20002 Components of Systems Safety (and other properties) “emergent” –the system is more than the sum of its parts “synergy” a real concept? –complexity shows up at the interfaces what does “divide and conquer” really accomplish? complex interfaces, simple modules simple interfaces, complex modules

3 CSC 402, Fall 20003 Software and Systems Engineering Software as “component” –embedded systems - software “control” Controlled Process Software Controller Inputs Outputs Uncontrolled Variables Actuators manipulated vars Sensors controlled vars

4 CSC 402, Fall 20004 Human as “Component” –human “control” - software “decision support” consider the system properties like “safety” –medical expert systems »or even patient databases –pilot interface to commercial airliner at system level: –what is known about the components –how can we reduce risks »relative to component parameters we can control

5 CSC 402, Fall 20005 Safety Analysis Safety as system property –software not “safe” or “unsafe” by itself safety relative to reliability? –what do we know about software reliability? »very, very little! »Parnas, Hamlet write about this extensively

6 CSC 402, Fall 20006 Steps in Safety Analysis Definition and Description of System Hazard Identification Accident Modeling Quantification of Risks Documentation of Results System Changes

7 CSC 402, Fall 20007 Feedforward control aspects –plans ahead to avoid and mitigate Feedback control aspects –uses accident information, when available when system not entirely novel

8 CSC 402, Fall 20008 Lots of Methods FMEA - failure modes effects analysis –based on failure modes of each significant system component AEA - action error analysis –human actions and failures are analyzed with respect to the system ETA - event tree analysis –postulate hazardous event, determine system responses FTA - fault tree analysis –postulate hazardous event, determine possible causes CCA - cause consequence analysis –combine ETA and FTA HAZOP - hazard and operability study –guide words (checklist approach) of “deviation analysis” - more of, less of, none, other WSA - work safety analysis –investigate working methods, machines and environment

9 CSC 402, Fall 20009 State Space Search Strategies Forward analysis –based on system structure –propogate failure of system elements forward Backward analysis –based on system structure –propogate backwards from postulated accidents Morphological analysis –concentrate on hazardous factors and potential targets

10 CSC 402, Fall 200010 Goals of the Search

11 CSC 402, Fall 200011 Applicability to Software? FTA: Leveson, Cha, 1991 Hazop: (Deviation Analysis) Reese, 1996 Others? (Want a Master’s Thesis topic???)

12 CSC 402, Fall 200012 Fault Tree Analysis Basic steps: postulate accident or undesired system output –root of tree determine necessary preconditions –draw as leaves with appropriate logical connectors –add probabilities if known

13 CSC 402, Fall 200013 Why Software FTA? Benefits: –Combats software state space explosion backwards technique reduces search space –only the events of interest are considered –Partial verification technique useful at many levels of abstraction –including requirements can be viewed as a structured walkthrough –with the power of the included logic

14 CSC 402, Fall 200014 –Learning and communication human interpretation of models is informative –Automatable there are some tools to draw and analyze

15 CSC 402, Fall 200015 Risky State Logical Connector and/or logical connector necessary precondx necessary precondx necessary precondx necessary precondx Recurse to leaves

16 CSC 402, Fall 200016 Comments Leveson, Cha paper: –work from system spec to software spec –work from software spec down to code to individual software constructs –based on safety-critical variable values –must know static program dependencies to take path »must also know how values may change »could be done like symbolic execution - path expressions

17 CSC 402, Fall 200017 Necessary Preconditions for FTA Need to know precisely: –necessary preconditions to get to any system state –probabilities for those conditions is this possible for software? fault tree value if it is not possible?

18 CSC 402, Fall 200018 Specification Support for FTA Basic support –precise and measurable requirements –analysis models that exhibit system behavior Full support –formal specifications state charts have been used as a basis for software FTA

19 CSC 402, Fall 200019 Classify the Technique? Static or Dynamic –execution as conceptual (walkthrough) –execution of “model” separate from product Redundancy in Requirements Analysis –what are the tradeoffs? –is this really a multi language approach to requirements and specification?

Download ppt "CSC 402, Fall 20001 Requirements Analysis for Special Properties Systems Engineering (def?) –why? increasing complexity –ICBM’s (then TMI, Therac, Challenger...)"

Similar presentations

Mahmut Ali GÖKÇEIndustrial Systems Engineering Lecture 2 System Identification ISE102 Spring 2007.

Mahmut Ali GÖKÇEIndustrial Systems Engineering Lecture 2 System Identification ISE102 Spring 2007.
DETAILED DESIGN, IMPLEMENTATIONA AND TESTING Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.

DETAILED DESIGN, IMPLEMENTATIONA AND TESTING Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.
Testing and Quality Assurance

Testing and Quality Assurance
Formal Modelling of Reactive Agents as an aggregation of Simple Behaviours P.Kefalas Dept. of Computer Science 13 Tsimiski Str. 546 24 Thessaloniki Greece.

Formal Modelling of Reactive Agents as an aggregation of Simple Behaviours P.Kefalas Dept. of Computer Science 13 Tsimiski Str Thessaloniki Greece.
ECE 720T5 Fall 2012 Cyber-Physical Systems Rodolfo Pellizzoni.

ECE 720T5 Fall 2012 Cyber-Physical Systems Rodolfo Pellizzoni.
Presented by: Thabet Kacem Spring 2010. Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.

Presented by: Thabet Kacem Spring Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.
® IBM Software Group © 2014 IBM Corporation Innovation for a smarter planet MBSE for Complex Systems Development Dr. Bruce Powel Douglass, Ph.D. Chief.

® IBM Software Group © 2014 IBM Corporation Innovation for a smarter planet MBSE for Complex Systems Development Dr. Bruce Powel Douglass, Ph.D. Chief.
Software Testing and Quality Assurance

Software Testing and Quality Assurance
Software Testing and Quality Assurance

Software Testing and Quality Assurance
Detailed Design Kenneth M. Anderson Lecture 21

Detailed Design Kenneth M. Anderson Lecture 21
1 Solution proposal Exam 19. Mai 2000 No help tools allowed.

1 Solution proposal Exam 19. Mai 2000 No help tools allowed.
Knowledge Acquisitioning. Definition The transfer and transformation of potential problem solving expertise from some knowledge source to a program.

Knowledge Acquisitioning. Definition The transfer and transformation of potential problem solving expertise from some knowledge source to a program.
1 Software Testing and Quality Assurance Lecture 38 – Software Quality Assurance.

1 Software Testing and Quality Assurance Lecture 38 – Software Quality Assurance.
1 SYSTEM and MODULE DESIGN Elements and Definitions.

1 SYSTEM and MODULE DESIGN Elements and Definitions.
Architectural Design Principles. Outline  Architectural level of design The design of the system in terms of components and connectors and their arrangements.

Architectural Design Principles. Outline  Architectural level of design The design of the system in terms of components and connectors and their arrangements.
Title slide PIPELINE QRA SEMINAR. PIPELINE RISK ASSESSMENT INTRODUCTION TO RISK IDENTIFICATION 2.

Title slide PIPELINE QRA SEMINAR. PIPELINE RISK ASSESSMENT INTRODUCTION TO RISK IDENTIFICATION 2.
Quality Risk Management ICH Q9 Annex I: Methods & Tools

Quality Risk Management ICH Q9 Annex I: Methods & Tools
Testing safety-critical software systems

Testing safety-critical software systems
What Exactly are the Techniques of Software Verification and Validation www.softwaretestinggenius.com A Storehouse of Vast Knowledge on Software Testing.

What Exactly are the Techniques of Software Verification and Validation A Storehouse of Vast Knowledge on Software Testing.
Unit 3a Industrial Control Systems

Unit 3a Industrial Control Systems

Similar presentations

Ads by Google