Software safety: relating software assurance and software integrity

Research output: Contribution to journalArticlepeer-review

Abstract

The overall safety integrity of a safety critical system, comprising both software and hardware, is typically specified quantitatively, e.g., in terms of failure rates. However, for software, it is widely accepted that there is a limit on what can be quantitatively demonstrated, e.g., by means of statistical testing and operational experience. To address this limitation, many software standards appeal instead to the quality of the process to assure the sufficient implementation of the software. In this paper, we contend that there is a large inductive gap between the quantitative software integrity required for a safety function and the assurance of the software development process for that function. We propose that this large inductive gap between software integrity and software process assurance could be narrowed down by an explicit definition of a product-based software argument. The role of this argument is to justify the transition from arguing about software integrity to arguing about software assurance by showing how the evidence, in the context of the software product-based argument, provides assurance which is commensurate with the required integrity.
Original languageEnglish
Pages (from-to)364-383
Number of pages20
JournalInternational Journal of Critical Computer-Based Systems
Volume1
Issue number4
DOIs
Publication statusPublished - 2010

Cite this