For systems engineering, another "bible" (costing ~500USD new):
Amazon.com: Buying Choices: Safety Critical Computer Systems
PS: Look at the price, new! :)
Mostrar mensagens com a etiqueta Safety Critical. Mostrar todas as mensagens
Mostrar mensagens com a etiqueta Safety Critical. Mostrar todas as mensagens
segunda-feira, 22 de julho de 2019
quarta-feira, 5 de setembro de 2018
Traceability: Drilling errors?
Well not software, this is hardware but last week there was a 2mm leak in the ISS (one of the greatest engineering achievements of mankind, with lots of software in it as you might imagine). This stresses the importance of traceability (to resources):
https://arstechnica.com/science/2018/09/russian-space-chief-vows-to-find-full-name-of-technician-who-caused-iss-leak/
There's a person who drilled the capsule wrongly and did not report it. Fixed with... Glue.
Quoting:
"“We are able to narrow down the cause to a technological mistake of a technician. We can see the mark where the drill bit slid along the surface of the hull,” Dmitry Rogozin, head of the Russian space agency Roscosmos, told RIA Novosti. (A translation of the Russian articles in this story was provided to Ars by Robinson Mitchell). “We want to find out the full name of who is at fault—and we will.”"
quinta-feira, 23 de agosto de 2018
BOOK: The Agile Safety Case
https://www.researchgate.net/publication/320518036_The_Agile_Safety_Case
https://www.springer.com/us/book/9783319702643
Quoting:
"The safety case (SC) is one of the railway industry’s most important deliverables for creating confidence in their systems. This is the first book on how to write an SC, based on the standard EN 50129:2003. Experience has shown that preparing and understanding an SC is difficult and time consuming, and as such the book provides insights that enhance the training for writing an SC. The book discusses both "regular" safety cases and agile safety cases, which avoid too much documentation, improve communication between the stakeholders, allow quicker approval of the system, and which are important in the light of rapidly changing technology. In addition, it discusses the necessity of frequently updating software due to market requirements, changes in requirements and increased cyber-security threats. After a general introduction to SCs and agile thinking in chapter 1, chapter 2 describes the majority of the roles that are relevant when developing railway-signaling systems. Next, chapter 3 provides information related to the assessment of signaling systems, to certifications based on IEC 61508 and to the authorization of signaling systems. Chapter 4 then explains how an agile safety plan satisfying the requirements given in EN 50126-1:1999 can be developed, while chapter 5 provides a brief introduction to safety case patterns and notations. Lastly, chapter 6 combines all this and describes how an (agile) SC can be developed and what it should include. To ensure that infrastructure managers, suppliers, consultants and others can take full advantage of the agile mind-set, the book includes concrete examples and presents relevant agile practices. Although the scope of the book is limited to signaling systems, the basic foundations for (agile) SCs are clearly described so that they can also be applied in other cases.
(PDF) The Agile Safety Case. Available from: https://www.researchgate.net/publication/320518036_The_Agile_Safety_Case [accessed Aug 24 2018]."
BOOK: Agile and safety-critical?
https://www.amazon.com/Agile-Methods-Safety-Critical-Systems-Examples/dp/1717543146
Quoting:
"Product description
This book, packed with real-world insights and direct experiences, is for managers who want the benefits of Agile but also must address regulatory compliance, integration of software with other disciplines, and product safety. In it, we combine our understanding of Agile development, hardware/software integration, and regulatory requirements. We know that Agile is simple but not easy; leadership is crucial to make this change spread. We aim to show how you can navigate the transition."
Documentation: Safety-critical
An article on safety-critical, with a contribution of Nuno Silva (who works for CRITICAL):
https://increment.com/documentation/the-complex-world-of-life-saving-safety-critical-software/
Quoting:
"Most of the programs you use every day, from word processors to smartphone apps, need oversight to ensure their usability and security, no matter how much planning and testing went into their production. For the narrow slice of systems and software that lives depend on, dubbed “safety-critical,” the requisite oversight comes alongside strict government, industry, and trade organization-mandated standards that prove the software is safe to use in high-stakes applications.
Today, software deemed safety-critical controls very complex hardware, from medical devices and cars to aircraft and nuclear reactors. Safety-critical software has unique requirements in each field, some of which are more regulated than others, but in general, regulatory agencies require extensive documentation to help ensure that the software is certifiably safe. This can equate to many times more documentation—including fastidious risk management documentation—than a comparably sized consumer software might need, given the extensive planning and testing that safety-critical software must undergo to meet certification standards. Through this documentation, teams must prove that their software is safe to use and has a very, very low chance of endangering human life."
(...)
"Safety-critical regulators have been slow to welcome emerging technologies and methodologies that are prevalent in the wider tech industry, like agile software development. Myklebust and his colleague Tor Stålhane wrote a book, The Agile Safety Case, that lays out how teams using agile development can meet compliance requirements and satisfy safety-critical standards assessors. Their plan limits the number of documents that need to be revised when updating software, which would speed up the process considerably. In the railway industry, where Myklebust primarily operates, it might take six months from writing the last line of code on a project to when it’s implemented on a track or signaling system; he reckons it should only take a week or so."
terça-feira, 31 de outubro de 2017
Standards: Safety Critical what?
About safety critical and the most common standards to comply with:
"The Safety Critical technical area addresses the analysis, development, verification and validation of software and systems that are classified as either safety- or mission-critical.
Systems classified as safety-critical are those where failure may lead to personal injuries, fatalities or harmful effects to the environment. Airborne systems in aircraft and signalling systems in railway are traditionally the best-known cases of safety-critical systems. Systems controlling industrial processes in chemical, petrochemical and nuclear plants are also in this category.
Mission-critical systems are those where failure may lead to either loss or major degradation of the mission performance. Traditionally the best known cases of mission-critical systems are unmanned space missions such as telecommunications and scientific satellites, and the energy production and distribution infrastructure.
Enterprise systems in banking, retail and other industries may also be considered mission-critical though we prefer to designate them ‘business-critical’.
The services delivered by the Safety Critical technical area aggregate a set of disciplines and technology that is closely related to international safety standards. These standards are a daily reference in the work performed by the Safety Critical technical area. The most common standards used are for aerospace: ARP-4754, ARP-4761, DO-178B and DO-178C, and DO-254; for railway: EN-501216, EN-50128 and EN-50129; for space ECSS-E-ST-40C and ECSS-Q-ST-80C; for automotive the ISO 26262 and for industrial systems in general IEC 61508.
The work performed by the Safety Critical technical area is characterised by the rigour of the engineering processes. The main challenge faced is to comply with that rigour in the most economically efficient way. The projects and activities developed by the Safety Critical technical area fall into the following categories:
Typical projects include certification support for railway signalling systems, support for airborne software and hardware certification and training on standards such as DO-178C. The work in the Safety Critical technical area requires interest in safety aspects, the ability to analyse systems as a whole, to know that there is more than just software development and, of course, good reading and writing skills."
[INTERNAL] Source: CSW-QMS-2000-CPD-0174, VERSION: 13, 2017-08-09, Annex B.
"The Safety Critical technical area addresses the analysis, development, verification and validation of software and systems that are classified as either safety- or mission-critical.
Systems classified as safety-critical are those where failure may lead to personal injuries, fatalities or harmful effects to the environment. Airborne systems in aircraft and signalling systems in railway are traditionally the best-known cases of safety-critical systems. Systems controlling industrial processes in chemical, petrochemical and nuclear plants are also in this category.
Mission-critical systems are those where failure may lead to either loss or major degradation of the mission performance. Traditionally the best known cases of mission-critical systems are unmanned space missions such as telecommunications and scientific satellites, and the energy production and distribution infrastructure.
Enterprise systems in banking, retail and other industries may also be considered mission-critical though we prefer to designate them ‘business-critical’.
The services delivered by the Safety Critical technical area aggregate a set of disciplines and technology that is closely related to international safety standards. These standards are a daily reference in the work performed by the Safety Critical technical area. The most common standards used are for aerospace: ARP-4754, ARP-4761, DO-178B and DO-178C, and DO-254; for railway: EN-501216, EN-50128 and EN-50129; for space ECSS-E-ST-40C and ECSS-Q-ST-80C; for automotive the ISO 26262 and for industrial systems in general IEC 61508.
The work performed by the Safety Critical technical area is characterised by the rigour of the engineering processes. The main challenge faced is to comply with that rigour in the most economically efficient way. The projects and activities developed by the Safety Critical technical area fall into the following categories:
- • Development of real-time embedded software in either full life-cycle, from requirements to final acceptance, or in partial life-cycle. Often the development entails close co-operation with the customer and in some cases members of the project team may work at the customer’s premises while interacting with the project team at home. The SW will typically be developed in either C or Ada and requires knowledge of real-time operating systems, microprocessor architectures and low-level communication protocols.
- • Verification and validation of real-time embedded software, from requirements and code reviews, to unit tests, integration and system tests. A full life-cycle embedded software development also includes V&V but this type of service is often delivered as specific projects, where we verify and validate software developed by the customer or a third party. The V&V services include not only testing software but also testing with hardware-in-the-loop. Typical tools used include VectorCAST, LDRA and bespoke validation facilities.
- • Development of integrated electronic systems comprising the software and the hardware that supports it. This requires competencies in both software and electronics, including the ability to procure and integrate COTS components. Typical systems developed include validation facilities with HW-in-the-loop and solutions for military C&C systems.
- • Functional safety assessment and reliability prediction (known as RAMS). This entails analysing the failure modes of systems using techniques such as Fault Tree Analysis (FTA) and Failure Mode Effects Analysis (FMEA). This analysis may contribute to both allocate criticalities to components and to reformulate the system design to minimise the number of critical components.
- Certification support to help our customers comply with safety-critical standards and training on those standards. This implies a wide body of knowledge in the technical, normative and application domain.
Typical projects include certification support for railway signalling systems, support for airborne software and hardware certification and training on standards such as DO-178C. The work in the Safety Critical technical area requires interest in safety aspects, the ability to analyse systems as a whole, to know that there is more than just software development and, of course, good reading and writing skills."
[INTERNAL] Source: CSW-QMS-2000-CPD-0174, VERSION: 13, 2017-08-09, Annex B.
Subscrever:
Comentários (Atom)