DEVELOPING SAFETY CRITICAL SYSTEMS Flashcards
SKILL
A system whose failure may cause human injury or death.
SAFETY CRITICAL SYSTEM
The potential of gaining or losing something of value. Risk can be quantified by three elements: a risk event, the probability of the event happening, and the impact (positive or negative) on the business outcome if the risk does actually occur.
RISK
An estimate of the probability that a risk event will occur over the course of a year. TIMES
ARO - ANUALIZED RATE OF OCCURANCE
The estimated loss that would be incurred if a risk event occurs. DOLLARS
SLE - SINGLE LOSS EXPENTANCY
The estimated loss from a potential risk event over the course of a year. The following equation is used to calculate the annual loss expectancy: ARO× SLE = ALE. Where ARO is the annualized rate of occurrence, an estimate of the probability that this event will occur over the course of a year and SLE is the single loss expectancy, the estimated loss that would be incurred if the event happens. TOTAL LOSS FOR YEAR
ALE - ANNUALIZED LOSS EXPECTANCY
A logging and monitoring system used by safety engineers to track hazards from a project’s start to its finish.
RISK MANAGEMENT
When an organization decides to accept a risk because the cost of avoiding the risk outweighs the potential loss of the risk. A decision to accept a risk can be extremely difficult and controversial when dealing with safety-critical systems because making that determination involves forming personal judgments about the value of human life, assessing potential liability in case of an accident, evaluating the potential impact on the surrounding natural environment, and estimating the system’s costs and benefits.
ACCEPTANCE
The elimination of a vulnerability that gives rise to a particular risk in order to avoid the risk altogether. This is the most effective solution but often not possible due to organizational requirements and factors beyond an organization’s control.
AVOIDANCE
The reduction in either the likelihood or the impact of the occurrence of a risk.
MITIGATION
An approach to minimizing the impact of software errors by independently implementing the same set of user requirements N times (where N could be 2, 3, 4 or more); the N-versions of software are run in parallel; and, if a difference is found, a “voting algorithm” is executed to determine which result to use.
N-VERSION PROGRAMMING
The provision of multiple interchangeable components to perform a single function in order to cope with failures and errors.
REDUNDANCY
A risk management strategy in which the risk, should it happen, does not rest solely on one individual or organization. For example, a common way to accomplish risk transference is for an individual or an organization to purchase insurance, such as auto or business liability insurance. Another way to transfer risk is to outsource the risk by contracting with a third party to manage the risk.
TRANFERENCE
A measure of the rate of failure in a system that would render it unusable over its expected lifetime.
RELIABILITY
A set of standards written to serve as a guide to quality products, services, and management. It provides a set of standardized requirements for a quality management system.
ISO 9001 FAMILY OF STANDARDS
An important technique used to develop ISO 9000-compliant quality systems by both evaluating reliability and determining the effects of system and equipment failures.
FMEA - FAILURE MODE AND EFFECTS ANALYSIS
A description of how a product or process could fail to perform the desired functions described by the customer.
FAILURE MODE
ERROR THAT IF NOT REMOVED COULD CAUSE SOFTWARE FAILURE
DEFECT
