Safety Engineering with COTS components

Safety-critical systems are becoming more widespread, complex and reliant on software. Increasingly they are engineered through Commercial Off The Shelf (COTS) (Commercial Off The Shelf) components to alleviate the spiralling costs and development time, often in the context of complex supply chains. A parallel increased concern for safety has resulted in a variety of safety standards, with a growing consensus that a safety life cycle is needed which is fully integrated with the design and development life cycle, to ensure that safety has appropriate influence on the design decisions as system development progresses. In this article we explore the application of an integrated approach to safety engineering in which assurance drives the engineering process. The paper re- ports on the outcome of a case study on a live industrial project with a view to evaluate: its suitability for application in a real-world safety engineering setting; its benefits and limitations in counteracting some of the difficulties of safety en- gineering with COTS components across supply chains; and, its effectiveness in generating evidence which can contribute directly to the construction of safety cases

Process of designing robust, dependable, safe and secure software for medical devices: Point of care testing device as a case study

This article has been made available through the Brunel Open Access Publishing Fund.Copyright © 2013 Sivanesan Tulasidas et al. This paper presents a holistic methodology for the design of medical device software, which encompasses of a new way of eliciting requirements, system design process, security design guideline, cloud architecture design, combinatorial testing process and agile project management. The paper uses point of care diagnostics as a case study where the software and hardware must be robust, reliable to provide accurate diagnosis of diseases. As software and software intensive systems are becoming increasingly complex, the impact of failures can lead to significant property damage, or damage to the environment. Within the medical diagnostic device software domain such failures can result in misdiagnosis leading to clinical complications and in some cases death. Software faults can arise due to the interaction among the software, the hardware, third party software and the operating environment. Unanticipated environmental changes and latent coding errors lead to operation faults despite of the fact that usually a significant effort has been expended in the design, verification and validation of the software system. It is becoming increasingly more apparent that one needs to adopt different approaches, which will guarantee that a complex software system meets all safety, security, and reliability requirements, in addition to complying with standards such as IEC 62304. There are many initiatives taken to develop safety and security critical systems, at different development phases and in different contexts, ranging from infrastructure design to device design. Different approaches are implemented to design error free software for safety critical systems. By adopting the strategies and processes presented in this paper one can overcome the challenges in developing error free software for medical devices (or safety critical systems).Brunel Open Access Publishing Fund

Human factors consideration in the automation design of a safety-critical installation

M.Ing. (Engineering Management)Abstract: Human factors consideration should form an integral part of any system’s design. The aim is to ensure the designed system is compatible with human skills and limitations. Benefits of this consideration include reduction in the required level of training once the system is deployed. Unfortunately, even though the requirement of humans in systems design is well known, systems are continuously designed with little or no input from the eventual operators. This study aims to investigate the human factors aspect in the automation design of a safety-critical installation. Automation in its noble form is intended to improve factors such as safety, efficiency, and costs. However, this is not always the case. Part of the problem is that human operators are not always adequately considered during the design. It is the aim of this study to elicit the important human factors that must be considered in the automation design. This is done using a case study method. The case study was undertaken at the major radioisotopes production institution in the Republic of South Africa. The use of this study method is adopted as it provides enough in-depth knowledge that can be used in other safety-critical facilities

Guidelines for Process Safety Hazard Assessment Based on Process Information

In any new chemical process development and design, process safety is a critical aspect to be considered besides economic and technical feasibility of the manufacture of the product. A lack of proper hazard assessment during the design phase may later result in accidents with disastrous consequences to workers, the public as well as the environment. Many methods have been introduced to qualitatively and quantitatively assess the safety level of processes. Despite the availability of a large amount of methods, a systematic framework that details guidelines for hazard identification, risk assessment, safety measure design, and safe critical decision-making is still missing. To address this issue, the main objective of this study was to propose a systematic framework that outlines comprehensive guidelines for assessing the safety performance of processes based on information from the piping and instrumentation diagram (P&ID). Apart from proposing the framework, appropriate strategies for minimizing safety hazards and risks are also recommended. In addition, the user is assisted in selecting the most appropriate assessment method according to his or her needs and the scope and constraints of the assessment. A case study is presented to illustrate the application of the proposed framework

Guidelines for Process Safety Hazard Assessment Based on Process Information

In any new chemical process development and design, process safety is a critical aspect to be considered besides economic and technical feasibility of the manufacture of the product. A lack of proper hazard assessment during the design phase may later result in accidents with disastrous consequences to workers, the public as well as the environment. Many methods have been introduced to qualitatively and quantitatively assess the safety level of processes. Despite the availability of a large amount of methods, a systematic framework that details guidelines for hazard identification, risk assessment, safety measure design, and safe critical decision-making is still missing. To address this issue, the main objective of this study was to propose a systematic framework that outlines comprehensive guidelines for assessing the safety performance of processes based on information from the piping and instrumentation diagram (P&ID). Apart from proposing the framework, appropriate strategies for minimizing safety hazards and risks are also recommended. In addition, the user is assisted in selecting the most appropriate assessment method according to his or her needs and the scope and constraints of the assessment. A case study is presented to illustrate the application of the proposed framework

Guidelines for process safety hazard assessment based on process information

In any new chemical process development and design, process safety is a critical aspect to be considered besides economic and technical feasibility of the manufacture of the product. A lack of proper hazard assessment during the design phase may later result in accidents with disastrous consequences to workers, the public as well as the environment. Many methods have been introduced to qualitatively and quantitatively assess the safety level of processes. Despite the availability of a large amount of methods, a systematic framework that details guidelines for hazard identification, risk assessment, safety measure design, and safe critical decision-making is still missing. To address this issue, the main objective of this study was to propose a systematic framework that outlines comprehensive guidelines for assessing the safety performance of processes based on information from the piping and instrumentation diagram (P&ID). Apart from proposing the framework, appropriate strategies for minimizing safety hazards and risks are also recommended. In addition, the user is assisted in selecting the most appropriate assessment method according to his or her needs and the scope and constraints of the assessment. A case study is presented to illustrate the application of the proposed framework

Quid Pro Quod: Enhancing Patient Safety Via Minimizing Human-Computer Interactions Errors

The present describes an initial research project aiming at enhancing pa- tient safety. The overall goal is to minimize human-computer interactions errors that may occur via the use of Medical Information Systems (MIS) in health care units. The main idea is to extend the approach on design of usability and safety issues of generic medical devices, or safety critical systems design, to the problem domain of patient safety in the design of MIS. An understanding of errors and patient safety issues is presented and how these issues contribute to interaction errors in MIS. A plan of the research programm and related questions is presented. Is is expected that the outcome of a case study will be used for testing an evaluation framework, in development, that will take into account a rapid method for improving these aspects regarding the software development process

ALPACAS: A Language for Parametric Assessment of Critical Architecture Safety

This paper introduces Alpacas, a domain-specific language and algorithms aimed at architecture modeling and safety assessment for critical systems. It allows to study the effects of random and systematic faults on complex critical systems and their reliability. The underlying semantic framework of the language is Stochastic Guarded Transition Systems, for which Alpacas provides a feature-rich declarative modeling language and algorithms for symbolic analysis and Monte-Carlo simulation, allowing to compute safety indicators such as minimal cutsets and reliability. Built as a domain-specific language deeply embedded in Scala 3, Alpacas offers generic modeling capabilities and type-safety unparalleled in other existing safety assessment frameworks. This improved expressive power allows to address complex system modeling tasks, such as formalizing the architectural design space of a critical function, and exploring it to identify the most reliable variant. The features and algorithms of Alpacas are illustrated on a case study of a thrust allocation and power dispatch system for an electric vertical takeoff and landing aircraft

Formalization and Correctness of the PALS Architectural Pattern for Distributed Real-Time Systems

Many Distributed Real-Time Systems (DRTS), such as integrated modular avionics systems and distributed control systems in motor vehicles, are made up of a collection of components communicating asynchronously among themselves and with their environment that must change their state and respond to environment inputs within hard real-time bounds. Such systems are often safety-critical and need to be certi???ed; but their certi???cation is currently very hard due to their distributed nature. The Physically Asynchronous Logically Synchronous (PALS) architectural pattern can greatly reduce the design and veri???cation complexities of achieving virtual synchrony in a DTRS. This work presents a formal speci???cation of PALS as a formal model transformation that maps a synchronous design, together with a set of performance bounds of the underlying infrastructure, to a formal DRTS speci???cation that is semantically equivalent to the synchronous design. This semantic equivalence is proved, showing that the formal veri???cation of temporal logic properties of the DRTS can be reduced to their veri???cation on the much simpler synchronous design. An avionics system case study is used to illustrate the usefulness of PALS for formal verification purposes.unpublishednot peer reviewe

ALPACAS: A Language for Parametric Assessment of Critical Architecture Safety (Artifact)

This artifact contains a virtual machine allowing to use ALPACAS, a domain-specific language and algorithms aimed at architecture modeling and safety assessment for critical systems. ALPACAS allows to study the effects of random and systematic faults on complex critical systems and their reliability. The underlying semantic framework of the language is Stochastic Guarded Transition Systems, for which ALPACAS provides a feature-rich declarative modeling language and algorithms for symbolic analysis and Monte-Carlo simulation, allowing to compute safety indicators such as minimal cutsets and reliability. Built as a domain-specific language deeply embedded in Scala 3, ALPACAS offers generic modeling capabilities and type-safety unparalleled in other existing safety assessment frameworks. This improved expressive power allows to address complex system modeling tasks, such as formalizing the architectural design space of a critical function, and exploring it to identify the most reliable variant. The features and algorithms of ALPACAS are illustrated on a case study of a thrust allocation and power dispatch system for an electric vertical takeoff and landing aircraft