Downloaded 125 times
More Related Content
Similar to Critical systems engineering
![Separation of concerns is a design concept [Dij82] that suggests that any com...](https://cdn.slidesharecdn.com/ss_thumbnails/272547621-250624182023-7f9053e3-thumbnail.jpg?width=640&height=640&fit=bounds)
More from sommerville-videos
Critical systems engineering
- 1. Critical systems engineering IanSommerville Critical systems engineering, 2013 Slide 1
- 2. Critical systems • Systems whosefailure or unavailability can lead to loss of life, injury, environmental damage or serious economic consequences for businesses or countries • Almost all public and private sector activities in developed countries now rely on critical, softwareintensive systems • Long-lifetime systems Critical systems engineering, 2013 Slide 2
- 3. Image credit: http://www.barronmccann.com/ Criticalsystems engineering, 2013 Slide 3
- 4. Critical systems engineering •The focus in critical systems engineering is on the use of techniques and methods to develop dependable and secure systems Critical systems engineering, 2013 Slide 4
- 5. • The costs ofcritical system failure are so high that development methods may be used that are not costeffective for other types of system. • A key difference between critical systems engineering and other types of software engineering is often the need to demonstrate compliance to laws and regulations. Critical systems engineering, 2013 Slide 5
- 6. Regulation • Regulators are government-appointedbodies whose job is to ensure that companies and other bodies conform to national and international laws. • This normally involves interpreting the law and government policy and establishing standards and regulations that must be followed by industry. Critical systems engineering, 2013 Slide 6
- 7. UK regulators Critical systemsengineering, 2013 Slide 7
- 8. System certification • Theregulators check that the system is conformant to current regulations and standards and that due care and attention has been paid to making the system safe Critical systems engineering, 2013 Slide 8
- 9. System certification • Somecritical systems have to be ‘certified’ by an external regulator before they can be put into use – Aviation systems – Nuclear systems – Railway systems – (Some) medical systems Critical systems engineering, 2013 Slide 9
- 10. Certification costs • Certification isvery expensive as it involves preparing detailed documents for the regulator • There may be several thousand pages of documentation that must be created and analysed • Certification costs can be comparable or even exceed the system development costs Critical systems engineering, 2013 Slide 10
- 11. • System ownersand developers jointly produce evidence (a safety case or a dependability case) that demonstrates to the regulator that a system is safe and dependable Critical systems engineering, 2013 Slide 11
- 12. Compliance • Even whensystem do not need certification before use, their owners may need to demonstrate compliance with existing laws and regulations • This may involve collecting information about the design and operation of a system Critical systems engineering, 2013 Slide 12
- 13. System stakeholders Customer Critical systems engineering Regulator Systemdeveloper Critical systems engineering, 2013 Slide 13
- 14. Critical systems engineering •System failure costs are high – Additional costs during system development are justified if these reduce the likelihood of failure – Tools and techniques to reduce the chances of failure that are not cost-effective for other systems may be used Critical systems engineering, 2013 Slide 14
- 15. • Systems lasta long time – This requires the use of stable technologies and the development of extensive system documentation Critical systems engineering, 2013 Slide 15
- 16. • Systems mustdemonstrate compliance – Product and process record keeping – Safety and dependability case development Critical systems engineering, 2013 Slide 16
- 17. Critical systems engineering processes •Usually plan-driven processes where each process stage is planned and carefully documented • Agile processes are not suitable for critical systems engineering although some agile practices such as test-first development may be used Critical systems engineering, 2013 Slide 17
- 18. • It isimportantto have a complete description of the system requirements and specification so that they can be checked and analysed before development begins • Disciplined configuration management of all software and hardware is essential Critical systems engineering, 2013 Slide 18
- 19. Dependable systems • Faultavoidance • Fault detection and removal • Fault tolerance • Failure recovery and restart Critical systems engineering, 2013 Slide 19
- 20. Software engineering techniques •Formal methods for systems specification and analysis • Fault detection tools such as model checkers and static analyzers Critical systems engineering, 2013 Slide 20
- 21. Critical systems engineering,2013 Slide 21
- 22. • Fault-tolerant architecturesand software redundancy • Argumentation systems to support the development of dependability cases Critical systems engineering, 2013 Slide 22
- 23. Critical systems engineering,2013 © Adelard 2013 Slide 23
- 24. Summary • Focuses onthe use of techniques and methods to develop dependable and secure systems • The CSE process may have to develop information to satisfy a regulator that a system is safe and compliant with regulations Critical systems engineering, 2013 Slide 24
- 25. • A plan-basedprocess is normally used • Techniques that are not used for other types of system may be cost-effective for critical systems Critical systems engineering, 2013 Slide 25