Length: 3 Days
Print Friendly, PDF & Email

Software Safety Training

Software Safety has become an important element of System Safety as more and more hardware and equipment are run and controlled by software.

Once software hazards have been identified, software architects and developers have to design the application architecture to ensure the software components are easy to test, verify and maintain.

In the majority of accidents in which software was used to control actions of components, the cause can be traced to requirement flaws such as incomplete requirements in the specified and implemented software behavior. For example, wrong assumptions were made on how the control system operates in the production environment.

Software system safety is critical in software engineering because it optimizes system safety in the design, development, use and maintenance of software systems and their integration with safety-critical hardware systems in an operational environment.

Software has become responsible for most of the critical functions of complex systems.  It’s everywhere — inside toasters, nuclear power plants, airplanes and spaceships.  Since it controls the system, it has the potential to cause a great deal of harm.

Software can cause harm for two main reasons: it may have been erroneously implemented, or it may have been designed incorrectly.  There is an important distinction between the two.

Software that was designed incorrectly most likely had incorrect requirements; there was something about the system’s environment that the designers didn’t understand or didn’t anticipate.  Erroneously implemented software — software that deviates from the requirements — can produce incorrect responses in know or unknown situations.  Both can cause serious safety problems, and both are nearly impossible to eliminate.

In other words, buggy software presents a barrier to making truly safe systems.  Despite the high reliability of most computer chips, software allows for a new and different set of reliability problems.

It’s generally believed that software systems safety engineering should be given emphasis early in the requirements definition and system conceptual design process in order to achieve an acceptable level of safety, especially for software used in critical applications.

Software safety standards are commonly used to guide the development of safety-critical software systems. The problem is that there are no shortage of software safety standards.

So, given the existence of multiple competing standards, it is critical to select the most appropriate one for a given project.

Some of the common standards include:

  • NASA Software Safety Standard
  • FAA System Safety Handbook
  • MIL-STD-882D (U.S. Department of Defense)
  • DEF-STAN 00-56 (UK Ministry of Defense)
  • DO-178C (Commercial avionics)

Many companies fall into the trap of accepting software solely based on the user acceptance test (UAT), also commonly known as black-box or functional testing in the software industry, where a set of pre-defined scenarios (or functional tests) was applied to the software system to verify actual results obtained against the expected results.

This practice of software acceptance has issues, including:

  • We do not know the risks involved when we deploy a system in a production environment.
  •  We are unsure whether all critical components / modules are appropriately tested.
  • UAT and Systems Integration Test (SIT) do not reveal which part of the program is not tested – there is no visibility of test coverage.

This form of software acceptance has been very common in the Information Technology (IT) industry. The crux of the issue lies with the customers and consumers not understanding the software development life cycle and hence are not knowledgeable enough to know what to ask for or expect from the software house.

Also, economic issues are involved. A more holistic and comprehensive acceptance methodology entails an elaborate development process that weaves in different kinds of testing requirements, procedures, as well as quality assurance and review activities. All these translate into effort and cost.

A preferred method today of software safety testing is white box testing — testing of a software solution’s internal structure, design, and coding. In this type of testing, the code is visible to the tester. It focuses primarily on verifying the flow of inputs and outputs through the application, improving design and usability as well as strengthening security.

Software Safety Training Course by Tonex

Software Safety Training is a 3-day bootcamp course style covering all aspects of Software Safety focusing on philosophies and methods in software safety and its primary objectives: to design, code, test, and support software with the appropriate Level‐of‐Rigor (LOR) to instill a confidence, or the assurance of safe software.

The course also covers defining the necessary safety requirements for the design, code, test, verification, and validation of software that specifically target and mitigate the software “causes” of the defined hazards and mishaps of the system.

Software system safety is a subset of system safety and system engineering and is synonymous with the software engineering aspects of Functional Safety. Workshops are arranged to practice Software Failure Modes and Effects Analysis (FMEA) Software Fault Tree Analysis (FTA), Software Sneak Analysis and Petri Nets to analyze sneak conditions, latent software, or integrated conditions that may cause an unwanted event to occur or may inhibit a desired event and is not caused by software failure.

Learning Objectives

Software Safety Training helps participants learn the following:

  • The nature of software hazards, root causes, and the methods by which these hazards may be prevented or discovered.
  • The administrative methods and documentation needed to establish and manage a software safety program; have better understanding of providing evidence for a safety case or proof.
  • Software hazard analysis techniques that helps them identify hazards (the critical thinking part)
  • Risk assessment in terms of severity, probability and control
  • Risk mitigation – the problem solving/ solutions/safe designing

Who Should Attend?

Software engineers, project managers, technical admin, safety engineers, system engineers, testing and V&V engineers, analysts and anyone else who is interested to acquire skills in software safety.

Course Content

Introduction to Software Safety

  • Software Engineering and Software System Safety
  • Introduction to the “Systems” Approach
  • The Software Development Life Cycle
  • Principles of system safety in the design, development, use, and maintenance of software systems
  • Integration with safety-critical hardware systems in an operational environment.
  • The Need for Software System Safety (SwSS)
  • Software System Safety Directives, Documents, Policies and Regulations
  • Safety Requirements and Critical Functionalities
  • Hazards and Design Safeguards for Mitigation
  • Safety Critical Functions

System Safety Program Plan 

  • Overview of Software Safety Standards
  • MIL STD 882-E
  • Joint Software Systems Safety Engineering Handbook, 2018
  • IEEE, IEC and ISO Standards
  • AIAA Standards
  • IEEE 1584 Compliant Software for Hazard Analysis
  • MISRA-C and MISRA C++ Software Safety Guidelines
  • Safety verification of Ada programs using software fault trees
  • Software Safety Program Plan
  • Preliminary Hazard List
  • Software Hazard Analysis
  • Safety Critical Functions List
  • Software Safety Checklist
  • Formal Mathematical Models
  • Software Safety Reliability/Maintenance
  • Safety Requirements Criteria Analysis
  • Safety Requirements Verification Report
  • Safety Assessment Report

Introduction to Risk Management and System Safety

  • A Discussion of Risk in Software Safety
  • Types of Risk
  • Areas of Program Risk
  • System Safety Engineering
  • Safety Risk Management

Software Safety Implementation Process and Tasks       

  • Software Safety Process
  • Software Safety Analyses and Tools
  • Software Safety Planning
  • Hazard Identification
  • Tracking
  • Risk Assessment
  • Risk Mitigation
  • Risk Reduction
  • Failure modes, including hardware, software, human and system are addressed in the design of the software
  • Failure Mode Effect Analysis (FMEA)
  • Failure mode, effects and Criticality Analysis (FMECA)
  • Fault Tree Analysis (FTA)
  • Petri net modeling and software safety analysis
  • Software sneak condition analysis
  • Analyzing unwanted event
  • Sneak conditions and improper operation, loss of system availability, program delays, or even death or injury to personnel
  • Methodologies for embedded military applications
  • Sound software engineering practices
  • Safety issues and safety attributes
  • Software with safety critical functionality

Software Safety Engineering Process

  • Software Safety Engineering Process Charts
  • Software Safety Engineering Products and Tools
  • Software Safety Planning Management
  • Planning
  • Management
  • Software Safety Program Milestones
  • Tailoring Generic Safety-Critical Requirements
  • Preliminary Hazard Analysis Development
  • Derive System Safety-Critical Software Requirements
  • Preliminary Software Design, Subsystem Hazard Analysis
  • Module Safety-Criticality Analysis
  • Program Structure Analysis
  • Traceability Analysis
  • Detailed Software Design, Subsystem Hazard Analysis

Software Safety Engineering Process Cross DoD 5000 Lifecycle Activities

  • Software Requirements Hazard Analysis
  • Top-level Design Hazard Analysis
  • Preliminary Design Review (PDR)
  • Detailed Design Hazard Analysis
  • Critical Design Review (CDR)
  • Code-level Software Hazard Analysis
  • Software Safety Testing
  • Software/User Interface Analysis
  • Software Change Hazard Analysis
  • Analysis of Alternatives (AoA)
  • Initial Capabilities Document (ICD)
  • Systems Engineering Plan (SEP)
  • Technology Development Strategy (TDS)
  • Test & Evaluation Strategy (TES)
  • Software Safety Plan (SSP)

Software Hazard Analysis Process

  • Software Safety Testing & Risk Assessment
  • Software Safety Test Planning
  • Software Safety Test Analysis
  • Software Standards and Criteria Assessment
  • Software Safety Residual Risk Assessment
  • Safety Assessment Report
  • Safety Assessment
  • Planning and Management
  • Task Implementation
  • Software Risk Assessment and Acceptance

Software Planning Interfaces 

  • Engineering Management
  • Design Engineering
  • Systems Engineering
  • Software System Safety Handbook
  • Software Development
  • Integrated Logistics Support
  • Other Engineering Support

Meetings and Reviews 

  • Program Management Reviews
  • Integrated Product Team Meetings
  • System Requirements Reviews
  • System/Subsystem Design Reviews
  • Preliminary Design Review
  • Critical Design Review
  • Test Readiness Review
  • Functional Configuration Audit
  • Physical Configuration Audit
  • Resource Allocation
  • Safety Personnel
  • Safety Schedules and Milestones
  • Safety Tools and Training
  • Required Hardware and Software

Software Safety Program Plans 

  • Risk Management Plan
  • Quality Assurance Plan
  • Reliability Engineering Plan
  • Software Development Plan
  • Systems Engineering Management Plan
  • Test and Evaluation Master Plan
  • Software Test Plan
  • Software Installation Plan
  • Software Transition Plan

Types of Safety Requirements and Procedures

  • Hardware and Human Interface Requirements
  • Interface Requirements
  • Operations and Support Requirements
  • Safety/Warning Device Requirements
  • Protective Equipment Requirements
  • Procedures and Training Requirements
  • Determination of Safety Critical Computing System Functions
  • Design and Development Process Requirements And Guidelines
  • Configuration Control
  • Software Quality Assurance Program
  • Software Design Verification and Validation
  • System Design Requirements and Guidelines
  • Designed Safe States

Software Safety Requirements Verification   

  • Hierarchy Tree Example
  • Detailed Software Design Analysis
  • Verification Methods
  • Example of a Data Flow Diagram
  • Flow Chart Examples
  • System Hazard Analysis
  • Example of a System Hazard Analysis Interface Analysis
  • Documentation of Interface Hazards and Safety Requirements
  • Documenting Evidence of Hazard Mitigation
  • Software Safety Test Planning
  • Software Safety Testing and Analysis
  • Software Requirements Verification
  • Residual Safety Risk Assessment
  • SSHA & SHA Hazard Record Example
  • Hazard Requirement Verification Document Example
  • Software Safety SOW Paragraphs
  • Hazard Severity
  • Hazard Probability
  • Table HRI Matrix
  • Process Tradeoff Analyses
  • Example of a Software Safety Requirements Verification Matrix
  • Safety critical Function Matrix

Workshop and Case Studies

  • Software Safety Activities
  • Tasks and Methods
  • Requirements Hazard Analysis
  • Architectural Design Hazard Analysis
  • Detailed Design Hazard Analysis
  • Code Hazard Analysis
  • System Safety Analysis Techniques
  • FMEA and FMECA
  • FTA
  • Working with Software Safety Analysis Techniques
  • Software FMEA/FMECA
  • Software HAZOP
  • Software FTA
  • Comparison of Software Safety Analysis Methods
  • Sample System Safety Requirements
  • Sample Software Safety Requirements
  • Software and System Hazard Analysis (SHA)
  • System hazard analysis (SHA)
  • Sample Software Requirements Hazard Analysis
  • Sample Software FMEA and FMECA Analysis
  • Sample Software Fault Tree Analysis (FTA)
  • Software Sneak Analysis
  • MISRA-C and MISRA-C++ Overview

Software Safety Training

Request More Information

Please enter contact information followed by your questions, comments and/or request(s):
  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.