Software safety: why, what, and how (original) (raw)

Authors Info & Claims

Published: 01 June 1986 Publication History

Abstract

Software safety issues become important when computers are used to control real-time, safety-critical processes. This survey attempts to explain why there is a problem, what the problem is, and what is known about how to solve it. Since this is a relatively new software research area, emphasis is placed on delineating the outstanding issues and research topics.

References

[1]

ALFORD, M. 1982. Summary of presentation of validation and verification panel. In Proceedings of the 2nd International Workshop on Safety and Reliability of Industrial Computer Systems (IFAC SAFECOMP '82) (West Lafayette, Ind., Oct.). Pergamon, Elmsford, N.Y.]]

[2]

ALFORD, M. 1985. SREM at the age of eight; The distributed computing design system. IEEE Computer 18, 4 (Apr.), 36-46.]]

[3]

ALLWORTH, S. T. 1981. Introduction to Real-Time Software Design. Springer-Verlag, New York.]]

[4]

ANDERSON, T., AND LEE, P. A. 1981. Fault Tolerance: Principles and Practice. Prentice-Hall, Englewood Cliffs, N.J.]]

[5]

ANDERSON, T., AND WITTY, R. W. 1978. Safe programming. BIT 18, 1-8.]]

[6]

ANONYMOUS 1971. Blown balloons. Aviat. Week Space Technol. (Sept. 20), 17.]]

[7]

ARLAT, J., AND LAPRIE, J. C. 1985. On the dependability evaluation of high safety systems. In Proceedings of the 15th International Symposium on Fault Tolerant Computing (Ann Arbor, Mich., June). IEEE, New York, pp. 318-323.]]

[8]

AVlZIENIS, A. 1985. The N-version approach to fault-tolerant software. IEEE Trans. Softw. Eng. SE-11, 12 (Dec.), 1491-1501.]]

[9]

BASSEN, H., SILBERBERG, J., HOUSTON, F., KNIGHT, W., CHRISTMAN, C., AND GREBERMAN, M. 1985. Computerized medical devices: Usage trends, problems, and safety technology. In Proceedings of the 7th Annual Conference of IEEE Engineering in Medicine and Biology Society (Chicago, Ill., Sept. 27-30). IEEE, New York, pp. 180-185.]]

[10]

BOEBERT, W. E. 1980. Formal verification of embedded software. ACM Softw. Eng. Notes 5, 3 (July), 41-42.]]

[11]

BOEHM, B. W., MCCLEAN, R. L., AND URFIG, D. B. 1975. Some experiences with automated aids to the design of large-scale reliable software. IEEE Trans. Softw. Eng. SE-1, 2, 125-133.]]

[12]

BONNETT, B. J. 1984. Position paper on software safety and security critical systems. In Proceedings of Compcon '84 (Sept). IEEE, New York, p. 191.]]

[13]

BORNING, A. 1985. Computer systems reliability and nuclear war. Tech. Rep., Computer Science Dept., Univ. of Washington, Seattle, Washington.]]

[14]

BROWN, J. R., AND BUCHANAN, H. N. 1973. The Quantitative Measurement of Software Safety and Reliability. TRW, Redondo Beach, Calif., Aug.]]

[15]

BROWNING, R. L. 1980. The Loss Rate Concept in Safety Engineering. Marcel Dekker, New York.]]

[16]

CAMPBELL, R. H., HORTON, K. H., AND BELFORD, G. G. 1979. Simulations of a fault tolerant deadline mechanism. In Proceedings of the 9th International Conference on Fault Tolerant Computing (June). IEEE, New York, pp. 95-101.]]

[17]

CHAMOUX, P., AND SCHMID, O. 1983. PLC's in offshore shut-down systems, In Proceedings of the 3rd International Workshop on Safety and Reliability of Industrial Computer Systems (IFAC SAFECOMP '83). Pergamon, Elmsford, N.Y., pp. 201-205.]]

[18]

CHEUNG, R. C. 1980. A user-oriented software reliability model. IEEE Trans. Softw. Eng. SE-6, 2, 118-125.]]

[19]

DANIELS, B. K., BELL, R., AND WRIGHT, R. I. 1983. Safety integrity assessment of programmable electronic systems. In Proceedings of iFAC SAFECOMP '83. Pergamon, Elmsford, N.Y., pp. 1-12.]]

[20]

DAVIS, A. M. 1982. The design of a family of application-oriented languages. IEEE Computer (May), 21-28.]]

[21]

DEAN, E. S. 1981. Software system safety. In Proceedings of the 5th International System Safety Conference (Denver, Colo.), vol. 1, part 1. System Safety $oc., Newport Beach, CaliL, pp. III-A-1 to III-A-8.]]

[22]

DIJKSTRA, E. 1976. A Discipline of Programming. Prentice-Hall, Englewood Cliffs, N.J.]]

[23]

DUNHAM, J. R. 1984. Measuring software safety. In Proceedings of Compcon '84 (Washington D.C., Sept.). IEEE, New York, pp. 192-193.]]

[24]

DUNHAM, J. R., AND KNIGHT, J. C. (Eds.) 1981. Production of reliable flight-crucial software. In Proceedings of Validation Methods Research for Fault-Tolerant Avionics and Control Systems Sub-Working-Group Meeting (Research Triangle Park, N.C., Nov. 2-4). NASA ConferenCe Publication 2222. NASA, Langley, Va.]]

[25]

ENORES, A. B. 1975. An analysis of errors and their causes in software systems. IEEE Trans. So{tw. Eng. SE-1, 2, 140-149.]]

[26]

ERICSON, C. A. 1981. Software and system safety. In Proceedings of the 5th International System Safety Conference (Denver, Colo.), vol. 1, part 1. System Safety Soc., Newport Beach, Calif., pp. III-B-1 to iii-B-11.]]

[27]

FREY, H. H. 1974. Safety evaluation of mass transit systems by reliability analysis. IEEE Trans. Reliability R-23, 3 (Aug.), 161-169.]]

[28]

FREY, H. H. 1979. Safety and reliability--their terms and models of complex systems. In Proceedings of IFAC SAFECOMP '79. Pergamon, Elmsford, N.Y., pp. 3-10.]]

[29]

FRIEDMAN, M. 1986. Modeling the penalty costs of software failure. Ph.D. dissertation, Dept. of Information and Computer Science, Univ. of California, Irvine, Mar.]]

[30]

FROLA, F. R., AND MILLER, C. O. 1984. System Safety in Aircraft Management. Logistics Management Institute, Washington, D.C., Jan.]]

[31]

FULLER, J. G. 1977. We almost lost Detroit. In The Silent Bomb, Peter Faulkner, Ed. Random House, New York, pp. 46-59.]]

[32]

FULLER, J. G. 1984. Death by robot. Omni 6, 6 (Mar.), 45-46, 97-102.]]

[33]

GARMAN, J. R. 1981. The bug heard 'round the world.' ACM Softw. Eng. Notes 6, 5 (Oct.), 3-10.]]

[34]

GLOE, G. 1979. Inspection of process computers for nuclear power plants. In Proceedings of IFAC SAFECOMP '79. Pergamon, Elmsford, N.Y., pp. 213-218.]]

[35]

GLOSS, D. $., AND WARDLE, M. G. 1984. Introduction to Safety Engineering. Wiley, New York.]]

[36]

GRIGGS, J. G. 1981. A method of software safety analysis. In Proceedings of the Safety Conference (Denver, Colo.), vol. 1, part 1. System Safety Soc., Newport Beach, Calif., pp. III-D-1 to III-D-18.]]

[37]

HAMMER, W. 1972. Handbook of System and Product Safety. Prentice-Hall, Englewood Cliffs, N.J.]]

[38]

HAUPTMANN, D. L. 1981. A systems approach to software safety analysis. In Proceedings of the 5th International System Safety Conference (Denver, Colo., July). Systems Safety Soc., Newport Beach, Calif.]]

[39]

HECUT, H., AND HECHT, M. 1982. Use of fault trees for the design of recovery blocks. In Proceedings of the 12th International Conference on Fault Tolerant Computing (Santa Monica, Calif., June). IEEE, New York, pp. 134-139.]]

[40]

HENINGER, K. L. 1980. Specifying software requirements for complex systems: New techniques and their application. IEEE Trans. Softw. Eng. SE-6, 1 (Jan.), 2-12.]]

[41]

HIGGS, J. C. 1983. A high integrity software based turbine governing system. In Proceedings of iFAC SAFECOMP '83. Pergamon, Elmsford, N.Y. pp. 207-218.]]

[42]

HOAGLAND, M. 1982. The pilot's role in automation. In Proceedings of the ALPA Air Safety Workshop. Airline Pilots Assoc.]]

[43]

HOPE, S., et al. 1983. Methodologies for hazard analysis and risk assessment in the petroleum refining and storage industry. Hazard Prevention (journal of the System Safety Society) (July/Aug.), 24-32.]]

[44]

IYER, R. K., AND VELARDI, P. 1985. Hardware related software errors: Measurement and analysis. IEEE Trans. Softw. Eng. SE-11, 2 (Feb.) 223-231.]]

[45]

JAHANIAN, F., AND MOK, A. K. 1986. Safety analysis of timing properties in real-time systems. IEEE Trans. Softw. Eng. SE-12, 9 (Sept.), 890-904.]]

[46]

JOHNSON, W. G. 1973. The management oversight and risk tree. MORT, U.S. Atomic Energy Commission, SAN 821-2, UC-41, 1973. Also available from Marcel Dekker, New York, 1980.]]

[47]

KEMENY, J., et al. 1979. Report of the President's Commission on the accident at Three Mile Island. Govt. Printing Office, Washingon, D.C.]]

[48]

KLETZ, T. 1983. Human problems with computer control. Hazard Prevention (journal of the System Safety Society) (Mar./Apr.), 24-26.]]

[49]

KNIGHT, J. C., AND L~VESON, N. G. 1986a. An experimental evaluation of the assumption of independence in multi-version programming. IEEE Trans. Softw. Eng. SE-12, i (Jan.), 96-109.]]

[50]

KNIGHT, J. C., AND LEVESON, N. G. 1986b. An empirical study of failure probabilities in multiversion software. In Proceedings of the 16th International Symposium on Fault- Tolerant Computing (FTCS-16) (Vienna, Austria, July). IEEE, New York, pp. 165-170.]]

[51]

KONAKOVSKY, R. 1978. Safety evaluation of computer hardware and software. In Proceedings of Compsac '78. IEEE, New York, pp. 559-564.]]

[52]

LANDWEHR, C. 1984. Software safety is redundance. In Proceedings of Compcon '84 (Washington, D.C., Sept.). IEEE, New York, p. 195.]]

[53]

LAPRIE, J. C. 1984. Dependable computing and fault tolerance: Concepts and terminology. Res. Rep. No. 84.035, LAAS, Toulouse, France, June.]]

[54]

LAPRIE, J. C., AND COSTES, A. 1982. Dependability: A unifying concept for reliable computing. In Proceedings of the 12th International Symposium on Fault Tolerant Computing (Santa Monica, Calif., June). IEEE, New York, pp. 18-21.]]

[55]

LAUSER, R. 1980. Strategies for the design and validation of safety-related computer-controlled systems. In Real-time Data Handling and Process Control, G. Meyer, Ed. North-Holland Publ., Amsterdam, pp. 305-310.]]

[56]

LERNER, E. J. 1982. Automating U.S. air lanes: A review. IEEE Spectrum (Nov.), 46-51.]]

[57]

LEVESON, N. G. 1981. Software safety: A definition and some preliminary ideas. Tech. Rep. 174, Computer Science Dept., Univ. of California, Irvine, Apr.]]

[58]

LEVESON, N. G. 1983a. Verification of safety. In Proceedings of IFAC SAFECOMP '83 (Cambridge, England, Sept.). Pergamon, Elmsford, N.Y., pp. 167-174.]]

[59]

LEVESON, N. G. 1983b. Software fault tolerance: The case for forward recovery. In Proceedings of the American Institute for Astronautics and Aeronautics (AIAA) Conference on Computers in Aerospace (Hartford, Conn., Oct.). AIAA, New York.]]

[60]

LEVESON, N. G. 1984a. Software safety in computercontrolled systems. IEEE Computer (Feb.), 48- 55.]]

[61]

LEVESON, N. G. 1984b. Murphy: Expecting the worst and preparing for it. In Proceedings of the IEEE Compcon '84 (Washington D.C., Sept.). IEEE, New York, pp. 294-300.]]

[62]

LEVESON, N. G.N.d. The use of fault trees in software development. In preparation.]]

[63]

LEVESON, N. G., AND HARVEY, P. R. 1983. Analyzing software safety. IEEE Trans. Softw. Eng. SE-9, 5 (Sept.), 569-579.]]

[64]

LEVESON, N. G., AND SHIMEALL, T. 1983. Safety assertions for process control systems. In Proceedings of the 13th International Conference on Fault Tolerant Computing (Milan, Italy). IEEE, New York.]]

[65]

LEVESON, N. G., AND STOLZY, g.' L. 1983. Safety analysis of Ada programs using fault trees. IEEE Trans. Reliability R-32, 5 (Dec.), 479-484.]]

[66]

LEVESON, N. G., AND STOLZY, J. L. 1985. Analyzing safety and fault tolerance using Time Petri nets. In TAPSOFT: Joint Conference on Theory and Practice of Software Development (Berlin, East Germany, Mar.). Springer-Verlag, Berlin and New York.]]

[67]

LEVESON, N. G., AND STOLZY, J. L. 1986. Safety analysis using Petri nets. IEEE Trans. So{tw. Eng. In press.]]

[68]

LEVESON, N. G., SHIMEALL, T. J., STOLZY, J. L., AND THOMAS, J. 1983. Design for safe software. In Proceedings of the American Institute for Astronautics and Aeronautics (AIAA) Space Sciences Meeting (Reno, Nev.). AIAA, New York.]]

[69]

LEVINE, S. 1984. Probabilistic risk assessment: Identifying the real risks of nuclear power. Tech. Rev. (Feb./Mar.), 41-44.]]

[70]

LITTLEWOOO, B. 1980. Theories of software reliability: How good are they and how can they be improved? IEEE Trans. Softw. Eng. SE-6, (Sept.), 489-500.]]

[71]

MACKENZIE, J. J. 1984. Finessing the risks of nuclear power. Technol. Rev. (Feb./Mar.), 34-39.]]

[72]

MALASKY, S. W. 1982. System Safety Technology and Application. Garland STPM Press, New York.]]

[73]

MARSHALL, E. 1980. NRC takes a second look at reactor design. Science 207 (Mar. 28), 1445-1448.]]

[74]

MCINTEE, J. W. 1983. Fault tree technique as applied to software (SOFT TREE). BMO/AWS, Norton Air Force Base, Calif. 92409.]]

[75]

MIDDLETON, P. 1983. Nuclear safety cross check analysis. Minutes of the First Software System Safety Working Group Meeting, Andrews Air Force Base, June. Available from Air Force Inspection and Safety Center, Norton Air Force Base, Calif. 92409.]]

[76]

MIL-STD-1574A (USAF) 1979. System Safety Program for Space and Missile Systems (15 Aug.), Dept. of Air Force, Govt. Printing Office, Washington, D.C.]]

[77]

MIL-STD-882B 1984. System Safety Program Requirements (30 March). U.S. Dept. of Defense, U.S. Govt. Printing Office, Washington, D.C.]]

[78]

MIL-STD-SNS (NAVY) 1986. Software nuclear safety (draft) Feb. 25. U.S. Navy. Available from Naval Weapons Evaluation Facility, Kirtland Airforce Base, N.M.]]

[79]

MINECK, D. W., D~.RR, R. E., LYKKEN, L. O., AND HALL, J. C. 1972. Avionic flight control system for the Lockheed L-1011 Tristar. SAE Aerospace Control and Guidance Systems Meeting No. 30 (San Diego, Calif., Sept.), pp. 27-29.]]

[80]

MORGAN, M. G. 1981a. Probing the question of technology-induced risk. IEEE Spectrum (Nov.), 58-64.]]

[81]

MORGAN, M. G. 1981b. Choosing and managing technology-induced risk. IEEE Spectrum (Dec.), 53-60.]]

[82]

NEUMANN, P. G. 1979. Letter from the Editor. ACM Softw. Eng. Notes 4, 2.]]

[83]

NEUMANN, P. G. 1981. Letter from the Editor. ACM Softw. Eng. Notes 6, 2.]]

[84]

NEUMANN, P. G. 1984. Letter from the Editor. ACM Softw. Eng. Notes 9, 5, 2-7.]]

[85]

NEUMANN, P. G. 1985. Some computer-related disasters and other egregious horrors. ACM Softw. Eng. Notes 10, i (Jan.), 6-7.]]

[86]

NEUMANN, P. G. 1986. On hierarchical designs of computer systems for critical applications. IEEE Trans. Softw. Eng. SE-12, 9 (Sept.), 905-920.]]

[87]

NOBLE, W. B. 1984. Developing safe software for critical airborne applications. In Proceedings of the IEEE 6th Digital Avionics Systems Conference (Baltimore, Md., Dec.). iEEE, New York, pp. 1-5.]]

[88]

OLIVER, J. G., HOAGLAND, M. R., AND TERHUNE, G. J. 1982. Automation of the flight path--the pilot's role. In Proceedings of the 1982 SAE Aerospace Congress and Exhibition (Anaheim, Calif., Oct.). SAE, New York.]]

[89]

PARK, W. T. 1978. Robot safety suggestions. Tech. Note No. 159, SRI International, Palo Alto, Calif., 29 April.]]

[90]

PARNAS, D. 1985. Software aspects of strategic defense systems. Commun. ACM 28, 12 (Dec.), 1326-1335.]]

[91]

PERROW, C. 1984. Normal Accidents: Living with High Risk Technologies. Basic Books, New York.]]

[92]

PETERSEN, D. 1971. Techniques of Safety Management. McGraw-Hill, New York.]]

[93]

PETERSON, J. L. 1981. Petri Net Theory and the Modeling of Systems. Prentice-Hall, Englewood Cliffs, N.J.]]

[94]

REINER, A. 1979. Preventing navigation errors during ocean crossings. Flight Crew (Fall).]]

[95]

RIDLEY, J. 1983. Safety at Work. Butterworths, London.]]

[96]

ROOOERS, W. P. 1971. Introduction to System Safety Engineering. Wiley, New York.]]

[97]

ROLAND, H. E., AND MORIARTY, B. 1983. System Safety Engineering and Management. Wiley, New York.]]

[98]

ROSE, C. W. 1982. The contribution of operating systems to reliability and safety in real-time systems. In Proceedings of IFAC SAFECOMP '82. Pergamon, Elmsford, N.Y.]]

[99]

ROUSE, W. B. 1981. Human-computer interaction in the control of dynamic systems. ACM Cornput. Surv. 13, i (Mar.), 99.]]

[100]

SHIRLEY, R. S. 1982. Four views of the humanprocess interface. In Proceedings of IFAC SAFECOMP '82. Pergamon, Elmsford, N.Y.]]

[101]

SLIWA, A. F. 1984. Panel Proceedings, software in safety and security-critical systems. In Proceedings of Compcon '84 (Washington D.C., Sept.). IEEE, New York.]]

[102]

SOFTWARE SAFETY HANDBOOK (Draft). H.Q. AFISC/ SESD, Norton Air Force Base, Calif. 92409.]]

[103]

TAYLOR, D. J., MORGAN, D. E., AND BLACK, J. P. 1980. Redundancy in data structures: Improving software fault tolerance. IEEE Trans. Softw. Eng. SE-6, 6 (Nov.), 585-594.]]

[104]

TAYLOR, J. R. 1981. Logical validation of safety control system specifications against plant models. RISO-M-2292. Available from Riso National Laboratory, DK-4000 Roskilde, Denmark, May.]]

[105]

TAYLOR, J. R. 1982a. Fault tree and cause consequence analysis for control software validation. RISO-M-2326. Available from Riso National Laboratory, DK-4000 Roskilde, Denmark, Jan.]]

[106]

TAYLOR, J. R. 1982b. An integrated approach to the treatment of design and specification errors in electronic systems and software. In Electronic Components and Systems, E. Lauger and J. Motort, Eds. North-Holland, Amsterdam.]]

[107]

TERNHEM, K. E. 1981. Automatic complacency. Flight Crew (Winter), 34-35.]]

[108]

TRAUBOTH, H., AND FREY, H. 1979. Safety considerations in project management of computerized automation systems. In Proceedings of IFAC SAFECOMP '79. Pergamon, Elmsford, N.Y., pp. 41-50.]]

[109]

TUMA, F. 1983. Sneak software analysis. In Minutes of the First Software System Safety Working Group Meeting (Andrews Air Force Base, June). Available from Air Force Inspection and Safety Center, Norton Air Force Base, Calif. 92409.]]

[110]

USAEC 1975. Reactor safety study: An assessment of accident risks in the U.S. Commercial Nuclear Power Plants Report WASH 1400 1975. U.S. Atomic Energy Commission, Washington D.C.]]

[111]

VENDA, V. F., AND LOMOV, B. F. 1980. Human factors leading to engineering safety systems. Hazard Prevention (journal of the System Safety Society) (Mar./Apr.), 6-13.]]

[112]

VESELY, W. E., GOLDBERG, F. F., ROBERTS, N. H., AND HAASL, D. F. 1981. Fault tree handbook. NUREG-0492, U.S. Nuclear Regulatory Commission, Jan.]]

[113]

VOYSEY, H. 1977. Problems of mingling men and machines. New Sci. 18 (Aug.), 416-417.]]

[114]

WATERMAN, H. E. 1978. FAA's certification position on advanced avionics. AIAA Astronaut. Aeronaut. (May), 49-51.]]

[115]

WEAVER, W. W. 1981. Pitfalls in current design requirements. Nucl. Safety 22, 3 (May/June).]]

[116]

WELLBOURNE, D. 1974. Computers for reactor safety systems. Nucl. Eng. Int. (Nov.), 945-950.]]

[117]

WESSON, R., et al. 1980. Scenarios for Evolution of Air Traffic Control. Rand Corporation Rep., Rand Corp., Santa Monica, Calif.]]

[118]

YAU, S. S., AND CHEUNC, R. C. 1975. Design of selfchecking software. In Proceedings of the 1975 International Conference on Reliable Software. ACM, New York, pp. 450-457.]]

[119]

ANDREWS, B. 1979. Using executable assertions for testing and fault tolerance. In Proceedings of the 9th International Symposium on Fault Tolerant Computing. IEEE, New York, pp. 102-105.]]

[120]

BOLOGNA, S., DE AGOSTINO, E., MATrUCCI, A., MONACCI, P., AND PUTiGNAN{, M. G. 1979. An experiment in design and validation of software for a reactor protection system. In Proceedings of the International Workshop on Safety and Reliability of Industrial Computer Systems. (iFA C SAFECOMP '79). Pergamon, Elmsford, N.Y. pp. 103-115.]]

[121]

BROWN, D. B. 1976. Systems Analysis and Design for Safety. Prentice-Hall, Englewood Cliffs, N.J.]]

[122]

BROWN, M. L. 1985. Software safety for complex systems. In Proceedings of the 7th Annual Conference of IEEE Engineering in Medicine and Biology Society (Chicago, Ill., Sept. 27-30). IEEE, New York.]]

[123]

BRUCH, C. W., et al. 1982. Report by the Task Force on computers and software as medical devices, Bureau of Medical Devices. Food and Drug Administration, Washington, D.C., Jan.]]

[124]

DAHLL, G., AND LAHTI, J. 1979. An investigation of methods for production and verification of highly reliable software. In Proceedings of IFAC SAFECOMP '79. Pergamon, Elmsford, N.Y., pp. 89-94.]]

[125]

DANIELS, B. K., AITKEN, A., AND SMITH, I. C. 1979. Experience with computers in some U.K. power plants. In Proceedings of iFAC SAFE- COMP '79. Pergamon, Elmsford, N.Y., pp. 11-32.]]

[126]

EHRENBERGER, W. D. 1980. Aspects of development and verification of reliable process computer software. In Proceedings of the 6th IFAC/IFIP Conference on Digital Computer Applications to Process Control (Dusseldorf, Germany, Oct.). Pergamon, Elmsford, N.Y.]]

[127]

EHRENBERGER, W. D., AND BOLOGNA, S. 1979. Safety program validation by means of control checking. In Proceedings of IFAC SAFECOMP '79. Pergamon. Elmsford, N.Y., pp. 120-137.]]

[128]

EPHRATH, A. R., AND YOUNG, L. R. 1981. Monitoring vs. man-in-the-loop detection of aircraft control failures. In Human Detection and Diagnosis of System Failures, J. Rasmussen and W. B. Rouse, Eds. Plenum Press, New York.]]

[129]

GmEM, P. D. 1982. Reliability and safety considerations in operating systems for process control. In Proceedings of IFAC SAFECOMP '82. Pergamon, Elmsford, N.Y.]]

[130]

GUSMANN, B., Nielsen, O. F., and Hansen, R. 1983. Safety-critical fast-real-time systems. Software {or Avionics, AGARD Conference Proceedings No. 330 (Jan.). NATO.]]

[131]

JORGENS, J., BRUCH, C. W., AND HOUSTON, F. 1982. FDA regulation of computerized medical devices. Byte (Sept.).]]

[132]

KRONLUND, J. 1979. Organising for safety. New Sci. 82, 1159 (14 July), 899-901.]]

[133]

LEVENE, A. A. 1979. Guidelines for the documentation of safety related computer systems. In Proceedings of IFAC SAFECOMP '79. Pergamon, Elmsford, N.Y., pp. 33-39.]]

[134]

MARSHALL, G. 1982. Safety Engineering. Brooks/ Cole Engineering Division, Monterey, Calif.]]

[135]

MELLIAR-SMITH, P. M., AND SCHWARTZ, R. L. 1982. Formal specification and mechanical vetification of SIFT: A fault-tolerant flight control system. IEEE Trans. Comput. C-31, 7 (July), 616-630.]]

[136]

MULAZZANI, M. 1985. Reliability versus safety, in Proceedings of SAFECOMP '85 (Lake Como, Italy). Pergamon, Elmsford, N.Y.]]

[137]

NAVORD. NAVORD OD 44942, Chapter 7, Hazard Analysis Techniques. U.S. Navy. U.S. Govt. Printing Office, Washington, D.C.]]

[138]

RAMAMOORTHY, C. V., Ho, G. S., AND HAN, Y. W. 1977. Fault tree analysis of computer systems. In Proceedings of the National Computer Conference. IEEE, New York, pp. 13-17.]]

[139]

RASMUSSEN, J., AND ROUSE, W. B. 1981. Human Detection and Diagnosis of System Failures. Plenum, New York.]]

[140]

ROGERS, R. J., AND MCKENZIE, W. J. 1978. Software fault tree analysis of OMS purge ascent and entry critical function. Interim Tech. Rep. 78:2511.1-101, TRW, Redondo Beach, Calif., Dec.]]

[141]

THOMAS, N. C., AND STRAKER, E. A. 1982. Experiences in verification and validation of digital systems used in nuclear applications. In Proceedings of IFAC SAFECOMP '82. Pergamon, Elmsford, N.Y.]]

[142]

WEI, A. Y., HIRAISHI, K. H., CHENG, R., AND CAMPBELL, R. H. 1980. Application of the fault-tolerant deadline mechanism to a satellite onboard computer system. In Proceedings of the l Oth International Symposium on Fault Tolerant Computing. IEEE, New York, pp. 107-109.]]

[143]

WEINER, E. L. 1985. Beyond the sterile cockpit. Human Factors 27, 1, 75-90.]]

[144]

WOODS, D. 1982. Comments on man/machine interface session. In Proceedings of IFA C SAFECOMP '82. Pergamon, Elmsford, N.Y.]]

[145]

YAU, S. S., CHEN, F. C., AND YAU, K. H. 1978. An approach to real-time control flow checking, in Proceedings of Compsac '78. IEEE, New York, pp. 163-168.]]

[146]

ZELLWEGER, A. G. 1984. FAA perspective on software safety and security. In Proceedings of Compcon '84 (Washington, D.C., Sept.). IEEE, New York, pp. 200-201.]]

Information & Contributors

Information

Published In

ACM Computing Surveys Volume 18, Issue 2

June 1986

96 pages

Copyright © 1986 ACM.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 June 1986

Published in CSUR Volume 18, Issue 2

Permissions

Request permissions for this article.

Check for updates

Qualifiers

• Article

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

• View Citations
• Downloads (Last 12 months)530
• Downloads (Last 6 weeks)46

Reflects downloads up to 26 Dec 2024

Other Metrics

Citations

• Abdelzaher TBaruah SBate IBurns ADavis RHu Y(2023)Scheduling Classifiers for Real-Time Hazard Perception Considering Functional UncertaintyProceedings of the 31st International Conference on Real-Time Networks and Systems10.1145/3575757.3593649(143-154)Online publication date: 7-Jun-2023
• Di Sorbo AZampetti FVisaggio ADi Penta MPanichella S(2023)Automated Identification and Qualitative Characterization of Safety Concerns Reported in UAV Software PlatformsACM Transactions on Software Engineering and Methodology10.1145/356482132:3(1-37)Online publication date: 26-Apr-2023
• (2023)BibliographiesTime-Dependent Reliability Theory and Its Applications10.1016/B978-0-323-85882-3.00014-3(581-608)Online publication date: 2023
• Li CYang W(2023)Reliability-based service life predictionTime-Dependent Reliability Theory and Its Applications10.1016/B978-0-323-85882-3.00010-6(397-457)Online publication date: 2023
• (2023)ReferencesComputers as Components10.1016/B978-0-323-85128-2.16001-3(505-518)Online publication date: 2023
• Khin Khin Oo NRakthin S(2022)Integrative Review of Absorptive Capacity’s Role in Fostering Organizational Resilience and Research AgendaSustainability10.3390/su14191257014:19(12570)Online publication date: 2-Oct-2022
• Falco MRobiolo G(2022)Trends and Findings in Measuring Software Quality Metrics in the Industry2022 IEEE Biennial Congress of Argentina (ARGENCON)10.1109/ARGENCON55245.2022.9939935(1-8)Online publication date: 7-Sep-2022
• Bansal SBansal RArora K(2022)Energy Conscious Scheduling for Fault-Tolerant Real-Time Distributed Computing SystemsRole of Data-Intensive Distributed Computing Systems in Designing Data Solutions10.1007/978-3-031-15542-0_1(3-20)Online publication date: 1-Sep-2022
• Castellanos Ardila JGallina BUl Muram F(2022)Compliance checking of software processesJournal of Software: Evolution and Process10.1002/smr.244034:5Online publication date: 1-May-2022
• McInerney CScott BJohnson O(2021)Are Regulations Safe? Reflections From Developing a Digital Cancer Decision-Support ToolJCO Clinical Cancer Informatics10.1200/CCI.20.00148(353-363)Online publication date: Dec-2021
• Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Sign in

Full Access

Media

Figures

Other

Tables

Affiliations

Nancy G. Leveson

Univ. of California, Irvine