skip to main content
10.1145/3520084.3520087acmotherconferencesArticle/Chapter ViewAbstractPublication PagesicsimConference Proceedingsconference-collections
research-article

Hazard Analysis Methods for Software Safety Requirements Engineering

Published: 18 April 2022 Publication History

Abstract

The rise of software-based system control in safety-critical systems has made software safety a critical part of a system safety program. The risk of catastrophic software system failure increases with the growth of safety-critical technologies in autonomous transportation systems, airplanes, traffic control systems, medical surgery equipment, nuclear power centers, power grids, human-assist robotics, and military weaponry. Developing software control in safety-critical systems is challenging because the control needs to be reliable and safe. High-profile system failures in recent years, such as the crashes of the 737 MAX airliners, are constant reminders of the risk of software failure in safety-critical systems. The software quality assurance approaches used in software development today are insufficient for created for assuring software reliability but not safety. Developing functionally safe software requires incorporating a risk-driven approach that focuses on hazard identification, hazard risk anticipation, and mitigation. Software safety methods adoption in practice and across mainstream computer science and software engineering curriculums is still limited. Heeding the call for more publications on the practice of software safety, we present an integrated approach to software safety requirements engineering (SSRE). Engineering safety requirements for software is one of the most important steps in building safe software. First, we provide an overview of SSRE. Then we describe three hazard analysis methods that can be incorporated into a software requirement engineering process. Finally, discuss how we combine these distinct methods into a single SSRE approach to support safety-critical systems development.

References

[1]
737 MAX. 2021. Boeing 737 MAX groundings. Retrieved from https://en.wikipedia.org/wiki/Boeing_737_MAX groundings.
[2]
Martin S. Chizek. 2020. 737 Max System Safety Lessons Learned. A tutorial presented at the 38th International System Safety Conference 2020.
[3]
IEEE 1228. 1994. IEEE Standard for Software Safety Plans, IEEE Computer Society.
[4]
John Hatcliff, Alan Wassyng, Tim Kelly, Cyrille Comar, and Jones Paul. 2014. Certifiably Safe Software-Dependent Systems: Challenges and Directions. In the Proceedings of the Federal Office Systems Expo 2014 (FOSE' 14).
[5]
Luiz E. G. Martins and Tony Gorschek. 2017. Requirements engineering for safety-critical systems: overview and challenges. In IEEE Software.
[6]
Luiz E. G. Martins and Tony Gorschek. 2020. Requirements engineering for safety-critical systems: An interview study with industry practitioners. IEEE Transactions on Software Engineering, 2020.
[7]
Flight 801. 2021. Korean Air Flight 801. Retrieved from https://en.wikipedia.org/wiki/Korean_Air_Flight_801.
[8]
Ariane 5. 2021. The Explosion of the Ariane 5. Retrieved from https://www-users.cse.umn.edu/∼arnold/disasters/ ariane.html
[9]
Patriot Missile. 2021. The Patriot Missile Failure. Retrieved from https://www-users.cse.umn.edu/∼arnold/ disasters/ patriot.html
[10]
Soviet 1983. 2021. 1983 Soviet nuclear false alarm incident. Retrieved from https://en.wikipedia.org/wiki/1983_Soviet_nuclear_false_alarm_incident #:∼:text=On%2026% 20September%2019 83% 2C% 20 the, bases% 20in% 20the%20United% 20States. &text=Investigation% 20of%20the% 20satellite%20warning, the%20system%20had% 20indeed%20malfunctioned.
[11]
Nancy G. Leveson and John P. Thomas. 2018. STPA Handbook. Retrieved from https://psas.scripts.mit.edu/home/get_file.php?name= STPA_handbook.pdf
[12]
MIL-STD-882E. 2012. System Safety. Department of Defense Standard Practice.
[13]
Ann M. Neufelder. 2017. Effective Application of Software Failure Modes Effects Analysis. 2nd Ed.
[14]
V-Model. 2021. V-Model. Retrieved from https://en.wikipedia.org/wiki/V-Model.html.
[15]
Nancy G. Leveson. 2017. The Therac-25: 30 years later. In Computer, vol. 50, no. 11, pp. 8-11, 2017.
[16]
IEEE 1633. 2008. Recommended Practice on Software Reliability, IEEE Reliability Society.
[17]
Ron Moore. 2021. A reliable plant is a safe plant is a cost-effective plant. Retrieved from https://www.lce.com/A-Reliable-Plant-is-a-Safe-Plant-1266.html.
[18]
Editorials. 1981. Reliablity vs. Safety. Transactions on Reliability, Vol R-30, No. 2, June 1981.
[19]
Bev Littlewood & Lorenzo Strigini (1993). Validation of Ultra-High Dependability for Software-based Systems. Communication of the ACM. Vol. 36, No. 11, 1993.
[20]
Ricky W. Butler & George B. Finelli (1993). The Infeasibility of Quantifying the Reliability of Life-Critical Real-Time Software. IEEE Transactions on Software Engineering. Vol. 19, No. 1, 1993.
[21]
Donald Firesmith. 2004. Engineering Safety Requirements, Safety Constraints, and Safety-Critical Requirements. Journal of Object Technology. Vol 3. No 3. March-April 2004.
[22]
IEC 61508-1. 1997. Functional safety of electrical/electronic/programmable electronic safety-related systems – Part 1 General requirements. International Electrotechnical Commission.
[23]
Nancy G. Leveson. 2004. A System-Theoretic Approach to Safety in Software-Intensive Systems.
[24]
JSSSEH. 2010. Joint Software Systems Safety Engineering Handbook. Department of Defense, 2010.
[25]
JS-SSSA. 2018. Software System Safety – Implementation Process and Tasks Supporting MIL-STD-882E. Joint Services – Software Safety Authorities, 2012.
[26]
Vu N. Tran, Long N. Tran, and Viet N. Tran. 2021. Functional Hazard Analysis for Engineering Safe Software Requirements. In the Proceedings of the 4th International Conference on Information and Computer Technologies (ICICT), H.I., USA, 2021 pp. 142-148.
[27]
Vu N. Tran, Long V. Tran, Viet N. Tran, and Dao N. Vu. 2022. Functional Hazard Analysis of an Adaptive Cruise Control System – A Software Safety Requirements Engineering Case Study. In the 68th Annual Reliability and Maintainability Symposium (RAMS). Paper under review.
[28]
STD-882B. 1977. MIL-STD-882B System Safety Program Requirements. Department of Defense, 1977.
[29]
FMEA. 1980. MIL-STD-1629A Procedures for Performing a Failure Mode, Effects and Criticality Analyis.
[30]
IEEE 830. 1998. Recommended Practice for Software Requirements Specifications.
[31]
Lise T. Heeager & Peter A. Nielson (2018). A Conceptual Model of Agile Software Development in a Safety-Critical Context; A Systematic Literature Review. Information and Software Technology.
[32]
Hajou A., Batenburg, R. S., & Jansen, S. (2015). Method ӕ, the Agile Software Development Method Tailored for the Pharmaceutical Industry. Lecture Notes on Software Engineering 3 (4):251.
[33]
Jane Cleland-Huang & Michael Vierhauser (2018). Discovering, Analyzing, and Managing Safety Stories in Agile Projects. In 26th IEEE International Requirements Engineering Conference.

Cited By

View all
  • (2023)On STPA for Distributed Development of Safe Autonomous Driving: An Interview Study2023 49th Euromicro Conference on Software Engineering and Advanced Applications (SEAA)10.1109/SEAA60479.2023.00011(5-12)Online publication date: 6-Sep-2023

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
ICSIM '22: Proceedings of the 2022 5th International Conference on Software Engineering and Information Management
January 2022
247 pages
ISBN:9781450395519
DOI:10.1145/3520084
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 April 2022

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Software safety
  2. safety requirements engineering
  3. software hazard analysis
  4. software hazards

Qualifiers

  • Research-article
  • Research
  • Refereed limited

Conference

ICSIM 2022

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)70
  • Downloads (Last 6 weeks)6
Reflects downloads up to 16 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2023)On STPA for Distributed Development of Safe Autonomous Driving: An Interview Study2023 49th Euromicro Conference on Software Engineering and Advanced Applications (SEAA)10.1109/SEAA60479.2023.00011(5-12)Online publication date: 6-Sep-2023

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format.

HTML Format

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media