Validation of ultrahigh dependability for software-based systems

  title={Validation of ultrahigh dependability for software-based systems},
  author={Bev Littlewood and Lorenzo Strigini},
  journal={Commun. ACM},
Modern society depends on computers for a number of critical tasks in which failure can have very high costs. As a consequence, high levels of dependability (reliability, safety, etc.) are required from such computers, including their software. Whenever a quantitative approach to risk is adopted, these requirements must be stated in quantitative terms, and a rigorous demonstration of their being attained is necessary. For software used in the most critical roles, such demonstrations are not… 

Tables from this paper

Safety-Critical Software - Quantification of Test Results
An equation that estimates the remaining undetected faults in the software system after testing is calculated, which considers partial test coverage and the concept of entropy also known as Shannon information, which is shown to describe the knowledge gained from a test effort.
Reliability analysis of systems based on software and human resources
The analogies between the processes of software reliability growth due to testing and the related fault removal; improvement of man machine interface due to preliminary operative feedback; and improvement of the operator performances due to his learning activity suggest an effort for a common evaluation approach are considered.
Software Testing for Dependability Assessment
The final goal of a software validation process should be to achieve an objective measure of the confidence that can be put on the software being developed, which is normally the case for safety-critical applications.
Does Software Have to Be Ultra Reliable in Safety Critical Systems?
Higher levels of safety performance can be claimed by taking account of: 1) external mitigation to prevent an accident: 2) the fact that software is corrected once failures are detected in operation.
Software for Dependable Systems: Sufficient Evidence?
It is concluded that better evidence is needed, so that approaches aimed at improving the dependability of software can be objectively assessed, and that, for now, the pursuit of dependability in software systems should focus on the construction and evaluation of evidence.
Practical Limits on Software Dependability: A Case Study
A case study exploration of the practical limitations on software dependability is presented and a software assurance argument for weaknesses is analyzed and a set of limitations including dependence upon correct requirements, dependence upon reliable human-to-human communication, and dependence upon human compliance with protocols are extrapolated.
Model-Driven Dependability Assessment of Software Systems
This book presents cutting-edge model-driven techniques for modeling and analysis of software dependability, based on the use of UML as software specification language, and describes two prominent model-to-model transformation techniques for deriving dependability analysis models from UML specifications.
Software Component Dependability Assessment
This work addresses the problem of assessing component dependability by employing a unique combination of testing and fault injection techniques and uses a unique probabilistic method called the "Squeeze Play" that is proole independent, a characteristic needed for solving this problem.
Testing of Safety-Critical Systems - a Structural Approach to Test Case Design
An overview of the state-of-practice in designing test cases for dependable event-based systems regulated by the IEC 61508 and DO-178B standards is provided and an approach that selects appropriate test techniques by considering issues such as specification techniques, failure taxonomies and quality risks is proposed.


Failure mode assumptions and assumption coverage
  • D. Powell
  • Computer Science
    [1992] Digest of Papers. FTCS-22: The Twenty-Second International Symposium on Fault-Tolerant Computing
  • 1992
Assumption coverage is shown to be extremely important in systems requiring very high dependability and it is shown that the need to increase system redundancy to accommodate more severe modes of component failure can sometimes result in a decrease in dependability.
Software Fault Tolerance: An Evaluation
An analysis of the results shows that use of the software fault tolerance approach yielded a substantial improvement in the reliability of the command and control system.
PODS revisited-a study of software failure behaviour
  • P. BishopF. D. Pullen
  • Engineering
    [1988] The Eighteenth International Symposium on Fault-Tolerant Computing. Digest of Papers
  • 1988
An empirical study of the failure characteristics of software defects detected in the programs developed in the Project on Diverse Software suggests some of the observed positive and negative correlation effects could be explained by failure masking effects, which can be removed by suitable design.
Optimizing Preventive Service of Software Products
It is found that most of the benefit to be realized by preventive service comes from removing a relatively small number of high-rate defects that are found early in the service life of the code.
Certifying the reliability of software
A description is given of a procedure for certifying the reliability of software before its release to users, which includes a life cycle of executable product increments, representative statistical testing, and a standard estimate of the MTTF of the product at the time of its release.
The approach to risk analysis in three industries: nuclear power, space systems, and chemical process
The aerospace, nuclear power, and chemical processing industries are providing much of the incentive for the development and application of advanced risk analysis techniques to engineered systems.
Evaluation of competing software reliability predictions
Some techniques are presented which form the basis of a partial solution to the problem of knowing which, if any, of the competing predictions are trustworthy in a reliability growth context.
Evaluation of safety-critical software
Methods and approaches for testing the reliability and trustworthiness of software remain among the most controversial issues facing this age of high technology. The authors present some of the
Task influences on judgemental forecasting
This study investigates the effect of imminence, time duration and subjective desirability on judgemental forecasts. People were found to be more sure of specified events happening in a one-month
Optimal Statistical Decisions
Foreword.Preface.PART ONE. SURVEY OF PROBABILITY THEORY.Chapter 1. Introduction.Chapter 2. Experiments, Sample Spaces, and Probability.2.1 Experiments and Sample Spaces.2.2 Set Theory.2.3 Events and