Presentation is loading. Please wait.

Presentation is loading. Please wait.

Protecting the Public, Astronauts and Pilots, the NASA Workforce, and High-Value Equipment and Property Mission Success Starts With Safety Believe it or.

Published bySybil Berry Modified over 8 years ago

Similar presentations

Presentation on theme: "Protecting the Public, Astronauts and Pilots, the NASA Workforce, and High-Value Equipment and Property Mission Success Starts With Safety Believe it or."— Presentation transcript:

1 Protecting the Public, Astronauts and Pilots, the NASA Workforce, and High-Value Equipment and Property Mission Success Starts With Safety Believe it or not, Software Assurance Affects You Too Martha S. Wetherholt NASA Office of Safety & Mission Assurance mwetherh@hq.nasa.gov

2 Success Starts with Safety NASA Office of Safety and Mission Assurance March 7, 2002 (2) What is Software Assurance Software Assurance (SA) includes: Software Quality Engineering Software Assurance of Product and Processes Software Safety Software Independent Verification & Validation (IV&V) Software Reliability It is, Software Risk Management

3 Success Starts with Safety NASA Office of Safety and Mission Assurance March 7, 2002 (3) What Makes Software, Safety Critical? Software that directly or indirectly contributes to the occurrence of a hazardous system state

4 Success Starts with Safety NASA Office of Safety and Mission Assurance March 7, 2002 (4) What Makes Software Hazardous? Software is hazardous if it: Controls hazardous or safety critical hardware Monitors safety critical hardware as part of a hazard control Provides information upon which a safety-related decision is made Performs analysis that impacts automatic or manual hazardous operations Verifies hardware hazard controls Is used to verify safety critical hardware and/or software Is used to model or simulate safety critical applications

5 Success Starts with Safety NASA Office of Safety and Mission Assurance March 7, 2002 (5) Software Safety - Why care? One or more people are injured or worse Regulatory requirements (e.g. OSHA, UL, etc.) NASA requirements Liability if software fails Reputation (business or personal) “Good practice” for mission critical or business critical software

6 Success Starts with Safety NASA Office of Safety and Mission Assurance March 7, 2002 (6) Why Should We Care, What does it have to do with me? Software control of facilities – Wind tunnels – Simulators – Centrifuges – Shake & Bake – EMI testing – Engine Checkout – Etc. Software control and monitoring of safety critical projects which run in changeable labs Labs/Tools – Vibe tables ……..

7 Success Starts with Safety NASA Office of Safety and Mission Assurance March 7, 2002 (7) What should be done Train Area Safety Managers/Health and Safety Personnel Invite Software Assurance along on Facility set up and changes Ask the right Questions – How is this experiment/facility controlled – How is it monitored – What is the human interface – Does software detect and react to safety critical situations How – what is it expected to do – What testing was performed on the Consumer Off the Shelf (COTS) Software Purchased to operate the Facility/Experiment – What software development processes are to be used to develop the software – including Application SW – How are the COTS and Applications written Configuration Managed – Does the Software perform a logging function to track faults, failures, errors, etc. How often is it viewed? By who?

8 Success Starts with Safety NASA Office of Safety and Mission Assurance March 7, 2002 (8) Creating Safer Software & Safer Systems Good SW Development Process Development Tools Appropriate Reviews – Diverse Review Teams – Formal Inspections Communication Appropriate Analysis, both Safety & Development Caveat Emptor

9 Success Starts with Safety NASA Office of Safety and Mission Assurance March 7, 2002 (9) Safety Verification Testing Safety tests designated for each hazard control. Verify partitions, firewalls, or other software constructs that isolate safety critical code. “Fail” the hazard controls in a multi-tolerant system. For example, in a two-fault-tolerant system (three controls), try all combinations of two failures. Verify hazardous commands. Verify software correctly handles out of sequence commands, hazardous commands issued in an incorrect state, and other possible errors. Software Safety (usually SQA) should witness all software safety testing.

10 Success Starts with Safety NASA Office of Safety and Mission Assurance March 7, 2002 (10) When COTS Software Is Used SOUP (SW of Uncertain Parentage) Is this a case of Reuse? – Previous environmental criteria may or may not be valid in the new system. Must test COTS for ways it can fail. STAND-ALONE Must test for how system faults/failures affect the COTS and the applications they run on. How does your application software respond to those failures – how does it effect the system, humans, etc.? What of unused portions/features of COTS software? Can they influence the safety critical operations & monitoring. Stand-alone testing of all functionality prior to integration in lab or facility. How much Glue-ware and/or wrappers.

11 Success Starts with Safety NASA Office of Safety and Mission Assurance March 7, 2002 (11) What are we asking you to do? Be AWARE – Know what to look for – What Questions to ask – What are you buying Be Proactive Put Software into Assessment process & plan Train your people Document safety requirements then Test for them Work with SW Assurance

12 Success Starts with Safety NASA Office of Safety and Mission Assurance March 7, 2002 (12) Background/Extras

13 Success Starts with Safety NASA Office of Safety and Mission Assurance March 7, 2002 (13) What Software is included Software Firmware Programmable Logic Devices ASICs - Application Specific Integrated Circuits FPGAs - Field Programmable Gate Arrays COTS Software – Program Logic Control – Databases – Operating Systems – Ad infinitum

14 Success Starts with Safety NASA Office of Safety and Mission Assurance March 7, 2002 (14) Categories of S/W Safety Functions Caution And Warning Functions Failure Detection, Isolation, and R--------- – Recovery – Restart – Reduced operation Automatic safing software – Hot, Warm, Cold Backup Autonomous Decision Making & Operation

15 Success Starts with Safety NASA Office of Safety and Mission Assurance March 7, 2002 (15) Safety critical software is:  Software which controls or monitors safety critical functions including mitigation of hazards  Software which runs on the same system as safety critical software or impacts systems which run safety critical software  Software which handles safety critical data  Software used to verify and validate safety critical hardware and software

16 Success Starts with Safety NASA Office of Safety and Mission Assurance March 7, 2002 (16) Categories of S/W Safety Functions Must work/must not work functions – Mode and State Dependent – Must never work – Must never fail to work Fault tolerance – Redundancy – How many levels and where are they best put Multiple Commanding (Ready, Arm, Fire)

17 Success Starts with Safety NASA Office of Safety and Mission Assurance March 7, 2002 (17) Stability/Reliability Testing How well does the system operate for extended periods of time? System is run in normal mode of operation - occasional peak performance allowed, but not stress testing the system. Can the system handle intermittent bad data? Is there a sensitivity to event sequences? Does memory leakage cause problems after a period of time?

18 Success Starts with Safety NASA Office of Safety and Mission Assurance March 7, 2002 (18) Summary Determine software control and complexity Determine each software portions’ contribution to safety Establish categories with a cross index to hazard level Determine a level of effort needed to assure safer software Further tailor the effort to your particular needs and situation

Download ppt "Protecting the Public, Astronauts and Pilots, the NASA Workforce, and High-Value Equipment and Property Mission Success Starts With Safety Believe it or."

Similar presentations

Configuration Management

Configuration Management
Safety Software QA at BNL’s Collider-Accelerator Department (C-AD) Accelerator Safety Workshop E. Lessard Collider-Accelerator Department August 12-14,

Safety Software QA at BNL’s Collider-Accelerator Department (C-AD) Accelerator Safety Workshop E. Lessard Collider-Accelerator Department August 12-14,
EECE499 Computers and Nuclear Energy Electrical and Computer Eng Howard University Dr. Charles Kim Fall 2013 Webpage: www.mwftr.com/CNE.html.

EECE499 Computers and Nuclear Energy Electrical and Computer Eng Howard University Dr. Charles Kim Fall 2013 Webpage:
System/Software Testing Error detection and removal determine level of reliability well-planned procedure - Test Cases done by independent quality assurance.

System/Software Testing Error detection and removal determine level of reliability well-planned procedure - Test Cases done by independent quality assurance.
Software Quality Assurance Plan

Software Quality Assurance Plan
Software Quality Assurance (SQA). Recap SQA goal, attributes and metrics SQA plan Formal Technical Review (FTR) Statistical SQA – Six Sigma – Identifying.

Software Quality Assurance (SQA). Recap SQA goal, attributes and metrics SQA plan Formal Technical Review (FTR) Statistical SQA – Six Sigma – Identifying.
Ask Pete Acquired Software Knowledge Project - Estimation- Tool - Effort Presented to the NASA OSMA SAS ‘01 NASA IV&V Facility September 5-7, 2001 Tim.

Ask Pete Acquired Software Knowledge Project - Estimation- Tool - Effort Presented to the NASA OSMA SAS ‘01 NASA IV&V Facility September 5-7, 2001 Tim.
Integration of Quality Into Accident Investigation Processes ASQ Columbia Basin Section 614 John Cornelison January 2008.

Integration of Quality Into Accident Investigation Processes ASQ Columbia Basin Section 614 John Cornelison January 2008.
1 Independent Verification and Validation Current Status, Challenges, and Research Opportunities Dan McCaugherty IV&V Program Manager Titan Systems Corporation.

1 Independent Verification and Validation Current Status, Challenges, and Research Opportunities Dan McCaugherty IV&V Program Manager Titan Systems Corporation.
Chapter 19: Network Management Business Data Communications, 4e.

Chapter 19: Network Management Business Data Communications, 4e.
Reliability and Safety Lessons Learned. Ways to Prevent Problems Good computer systems Good computer systems Good training Good training Accountability.

Reliability and Safety Lessons Learned. Ways to Prevent Problems Good computer systems Good computer systems Good training Good training Accountability.
COMP8130 and 4130Adrian Marshall 8130 and 4130 Test Execution and Reporting Adrian Marshall.

COMP8130 and 4130Adrian Marshall 8130 and 4130 Test Execution and Reporting Adrian Marshall.
Software Engineering for Safety : A Roadmap Presentation by: Manu D Vij CS 599 Software Engineering for Embedded Systems.

Software Engineering for Safety : A Roadmap Presentation by: Manu D Vij CS 599 Software Engineering for Embedded Systems.
Verification and Validation of Programmable Logic Devices James A. Cercone Ph.D., P.E.,James A. Cercone Ph.D., P.E., Chair and Professor of Computer ScienceChair.

Verification and Validation of Programmable Logic Devices James A. Cercone Ph.D., P.E.,James A. Cercone Ph.D., P.E., Chair and Professor of Computer ScienceChair.
OHT 3.1 Galin, SQA from theory to implementation © Pearson Education Limited 2004 The need for comprehensive software quality requirements Classification.

OHT 3.1 Galin, SQA from theory to implementation © Pearson Education Limited 2004 The need for comprehensive software quality requirements Classification.
Software Fault Injection Kalynnda Berens Science Applications International Corporation NASA Glenn Research Center.

Software Fault Injection Kalynnda Berens Science Applications International Corporation NASA Glenn Research Center.
IV&V Facility Model-based Design Verification IVV Annual Workshop September, 2009 Tom Hempler.

IV&V Facility Model-based Design Verification IVV Annual Workshop September, 2009 Tom Hempler.
Effective Methods for Software and Systems Integration

Effective Methods for Software and Systems Integration
CYPRESS PNSQC (15-17 Oct. 2001) 1 Testing a Bluetooth Product With Web and Embedded Software Rick Clements cypress.com Cypress Semiconductors 9125.

CYPRESS PNSQC (15-17 Oct. 2001) 1 Testing a Bluetooth Product With Web and Embedded Software Rick Clements cypress.com Cypress Semiconductors 9125.
Security Operations. 2 Domain Objectives Protection and Control of Data Processing Resources Media Management Backups and Recovery Change Control Privileged.

Security Operations. 2 Domain Objectives Protection and Control of Data Processing Resources Media Management Backups and Recovery Change Control Privileged.

Similar presentations

Ads by Google