Development Assurance process software verification

Abstract. Modern safety-critical systems are increasingly reliant on software. Software safety is an important aspect in developing safety-critical systems, and it must be considered in the context of the system level into which the software wiU be embedded. STPA (System-Theoretic Process Analysis) is a modern safety analysis approach which aims to identify the potential hazardous causes in complex safety-critical systems at the system level. To assure that these hazardous causes of an unsafe software s behaviour cannot happen, safety verification involves demonstrating whether the software fulfills those safety requirements and will not result in a hazardous state. We propose a method for verifying of software safety requirements which are derived at the system level to provide evidence that the hazardous causes cannot occur (or reduce the associated risk to a low acceptable level). We applied the method to a cruise control prototype to show the feasibility of the proposed method. 

Commensurate levels of assurance are required for each part of the development process. Therefore, whilst verification of code by static analysis, for example, meets a clear need, it does not address systems issues at all. Experience has shown that, particularly with real-time or reactive systems, that the difficult design issues do not arise in the software itself the complexities of synchronisation and interference exist... 

---