Software failure modes and effects analysi

A.M. Neufelder, Software Failure Mode and Effect Analysis Overview, Soffrel LLC, 2010. www.soffrel.com. 

Software Failure Mode and Effect Analysis from the Reliable Expert, The Omnicon Group Inc., Internet document www.OmniconGroup.com. 

Reifer, 1979) Reifer D.J. (1979) Software Failure Modes and Effects Analysis. IEEE Transactions on Reliability, Vol. R-28, No. 3. 

Failure Modes and Effects Analysis (FMEA) and its variants have been widely used in safety analyses for more than thirty years. With the increase of application domain of software intensive systems there was a natural tendency to extend the use of (originally developed for hardware systems) safety analysis methods to software based systems. 

Cichocki, T. and J. Gorski, Failure Mode and Effect Analysis for Safety-Critical Systems with Software Components, in Floor Koomneef, Meine van der Meulen (eds.) Computer Safety, Reliability and Security, Proceedings of 19th International Conference SAFECOMP 2000, Rotterdam (The Netherlands), October 24—27, 2000, Springer Lecture Notes in Computer Science 1943, p. 382-394. 

The Failure Mode and Effects Analysis (FMEA) is a systematic, bottom-up method of identifying the failure modes of a system, item, function and determining the effects on the higher level. It may be performed at any level within the system (e.g., piece-part, function, blackbox, etc,). Software can also be analyzed qualitatively using a functional FMEA approach. Typically, a FMEA is used to address failure effects resulting from single failures [1]... 

The recommended techniques for preliminary hazard analysis are energy trace and barrier analysis (ETBA) and failure modes and effects analysis (FMEA). Recommended techniques for system and subsystem hazard analyses are FMEA, fault tree analysis (FTA), common cause analysis, sneak circuit analysis (for electrical, electronic, and some hydraulic or pneumatic circuits) and, of course, software hazard analysis for software. 

Based on the results of the PHA, recommendations made by 30% review boards, and guidance provided in the system safety program plan, detailed hazard analyses are made of specified (critical) subsystems. The techniques for these SSHAs are as outlined in the system safety program plan or as selected by the SSWG. Failure modes and effects analysis (FMEA) and/or fault tree analysis (FTA) are generally the techniques of choice. Software hazard analysis, common cause analysis, and/or sneak circuit analysis may also be appropriate. 

FIGURE F.1 Failure mode and effects analysis example. (Software example courtesy of Dyadem.)... 

SEMATECH Failure Modes and Effects Analysis (FMEA Software Tool. Provides just what the title indicates, a software tool to assist in making an FMEA. At http //www.sematech.org, look for Technology Transfer 92091302A-XFR. 

Haapanen P, Helminen A (2002) Failure mode and effect analysis of software-based automation systems. STUK-YTO-TR 190, STUK, Helsinki... 

H. Pentti, H. Atte, Failure Mode and Effect Analysis of Software-Based Automation Systems, VTT Industrial Systems, August 2002. STUK-YTO-TR-190. https //www. julkari.fi/bitstream/handle/10024/124480/stuk-yto-trl90.pdf sequence=l. 

Chapters 5 through 9 describe the different safety analysis tools available. Hazard Analysis, H AZOF, What-If, Fault Tree Analysis, Failure Modes, and Effects Analysis, Human Factors, Software Safety, and other safety tools are described with realistic worked examples. The chapters detail how to use them, give examples, describe common mistakes in using them, and also provide best practices and tips of how to apply them judiciously. 

HAZOP and wAat-iJ/safety checklists, two of the most common safety methods in the chemical industry, are explained. Sample process problems, which engineers face every day at work, are shown. Other safety tools, such as fault tree analysis, failure modes and effects analysis, human factors safety analysis, and software safety, are explained. Examples of the use of these tools are also presented. 

Fault trees, failure modes and effects analysis (FMEA), failure modes effects and criticality analysis (FMECA) and event trees use logic, reliability data (component failure rates), and assessed system failure rates, combined with human error failure rates (using methodologies such as HEART or THERP) and other methodologies such as software reliability assessment, to develop estimates of system failure frequencies, and hence plant accident frequencies. 

In recent years it has become necessary to develope techniques to ensure the safety of computer embedded systems controlling potentially dangerous processes. Some works published last years showed that reliability and safety improvements could be achieved by using FTA 4,5 and FMEA 6 (Failure Mode and Effect Analysis) techniques. This paper attemts to apply and evaluate the FTA method in a software embedded system. Such an application will enable the safety engineer to use one method for the system as a whole without separating the software from the hardware. 

The Halesowen Microcentre s FMEA (Failure Mode and Effect Analysis) software provides a logical methodology to determine all possible ways in which a part or assembly might fail to meet its specifications. Possible failure modes are then analysed according to effect on customer, seriousness of this, potential cause of failure and its likely frequency, and the probability that it will be detected by existing quality checks. The FMEA information is then transferred to a control plan, which is generated by the software, and which sets out how checks are to be implemented. 

For this reason, more and more standards and guidelines for the development of safety-relevant systems demand safety analyses for the system and the software as part of a rigorous development process. Examples of this are lEC 61508 [1], lEC/TR 80002 [2], MISRA safety analysis guidelines [3], and ISO 26262 [4]. ISO 26262 is a committee draft for the development of road vehicles. It defines requirements on the development of electrical and electronic systems and particularly requirements on the development of software, which include qualitative safety analysis for software architecture as well as for software unit design. However performing a qualitative safety analysis technique such as failure mode and effect analysis (FMEA) or fault tree analysis (FTA) on software architectmal design is a complex task. One reason for this is that safety analyses do not fit well with software architectural design and do not... 

Haapanen Pentti, H.A. Failure Mode and Effects Analysis of Software-Based Automation Systems. STUK-Y TO-TR-19 0, vol. 2, p. 2 (August 2002)... 

Haapanen, P., Hehninen, A. Failure mode and effects analysis of software-based automation systems. In Radiation and Nuclear Safety Authority, Helsinki, Finland (2002) Frank Swiderski, W.S. Threat Modeling. Microsoft Press (2004)... 

Some discussion has been generated with regard to the term "Safety . "Safety" for the industrial partners involves the concept of injury, mainly to humans, but also, potentially to the environment. Failure modes and effects analyses on a variety of system models have been initiated to identify the way in which a system can lead to injury. The basis for this work is that failure modes and effects analysis need not, as is currently prevalent, be applied only to physical and component models of a system, but instead can be used in conjunction with software models to determine a qualitative assessment on the effects on human safety. 

This paper describes an approach for the combined analysis of safety and security. The basic FMEA concept is extended to include vulnerabilities and attacks concerning the security of a system. A unified cause and effect model allows examining the combined risks for a system. The following method for a Failure Mode, Vulnerabilities and Effects Analysis (FMVEA) enables the analysis of complex mission critical systems. Similar to a Software-FMEA the benefits are the easier verification and validation and the ability to focus the development effort on critical areas. 

Three nonsafety tools are used in safety analysis failure modes, effects, and criticality analysis (FMECA) human factors analysis and software analysis. Because these techniques are extremely helpful in finding eqnipment failures, human errors, and software mistakes, safety engineers have coupled them to their safety analyses. It is definitely worthwhile to understand how these tools can benefit you. 

---