Alastair Faulkner - Academia.edu (original) (raw)
Uploads
Papers by Alastair Faulkner
SSS, 2006
Well-managed data is fundamental to the dependability and operational integrity of a system. Many... more Well-managed data is fundamental to the dependability and operational integrity of a system. Many systems are not only reliant on data, but also the integrity of data. Therefore data should be addressed as part of the system safety case in common with other elements of the system. The system safety argument(s) should address the use of data and the influence of data errors on the system behaviour. However responsibility for data and its associated data integrity is often poorly defined. This lack of clarity allows vendors to abdicate responsibility for data, and its integrity to the client.
Data is all-pervasive and is found in all aspects of modern computer systems, and yet many engine... more Data is all-pervasive and is found in all aspects of modern computer systems, and yet many engineers seem reluctant to recognise the importance of data integrity. The conventional view of data, as simply an aspect of software, underestimates the role played by data errors in the behaviour of the system and their potential effect on the integrity of the overall system. In many cases hazard analysis is not applied to data in the same way that it is applied to other system components. Without data integrity requirements, data development and data provision may not attract the degree of rigour that would be required of other system components of a similar integrity. This omission also has implications for safety assessment where the data is often ignored or neglected. This position becomes self reenforcing, as without integrity requirements the importance of data integrity remains hidden. This research provides a wide-ranging overview of the use (and abuse) of data within safety systems, and proposes a range of strategies and techniques to improve the safety of such systems. A literature review and a survey of industrial practice confirmed the conventional view of data, and showed that there is little consistency in the methods used for data development. To tackle these problems this work proposes a novel paradigm, in which data is considered as a separate and distinct system component. This approach not only ensures that data is given the importance that it deserves, but also simplifies the task of providing guidance that is specific to data. Having developed this conceptual framework for data, the work then goes on to develop lifecycle models to assist with data development, and to propose a range of techniques appropriate for the various lifecycle phases. An important aspect of the development of any safety-related system is the production of a safety argument, and this research looks in some detail at the treatment of data, and data development, within this justification. The industrial survey reveals that in data-intensive systems data is often developed quite separately from other elements of the system. It also reveals that data is often produced by an extended data supply chain that may involve a number of disparate organisations. These characteristics of data distinguish it from other system components and greatly complicate the achievement and demonstration of safety. This research proposes methods of modelling complex data supply chains and proposes techniques for tackling the difficult task of safety justification for such systems.
SSS, 2002
An increasing number of safety-related systems are configured to the application instance through... more An increasing number of safety-related systems are configured to the application instance through the use of data. These systems typically use a static or slowly changing description of the infrastructure, in combination with a command schedule, instantaneous status data and a set of operational conditions. This paper uses the context of a railway control system to identify safety issues in the configuration of the control system and its reliance upon data from the external information systems.
Lecture Notes in Computer Science, 2003
When considering the production of a computerbased system, it is common to partition the arrangem... more When considering the production of a computerbased system, it is common to partition the arrangement into hardware and software elements. The software part of such an arrangement is taken to include both the instructions that are executed by the processor, and the data that is used and produced by these instructions. In some cases, a large amount of data forms an essential element within the system and plays a vital role in ensuring its correct operation. In such situations it is perhaps more appropriate to partition a system into hardware, software and data, to allow appropriate importance to be given to each element. This is particularly appropriate in safety-related applications where the safe operation of the system is dependent upon the correctness of the data. Unfortunately, the various standards and guidelines that relate to the production of critical systems are concerned almost exclusively with methods of ensuring the 'safety' of the hardware and the executable portions of the software of a system, and say almost nothing about the nature, production or testing of the data. This paper looks at the nature of data in a range of safety-critical applications. It then considers the characteristics of data faults and proposes a systematic approach to tackling them.
This chapter considers the analysis of Data-centric systems. It is based on an evidence directed ... more This chapter considers the analysis of Data-centric systems. It is based on an evidence directed approach that relies on scientific evidence for guidance and on decision making to determine the direction of the incident analysis. Root cause analysis can be hybridised with the techniques investigated in Chapter 15.
When considering the production of a computer- based system, it is common to partition the arrang... more When considering the production of a computer- based system, it is common to partition the arrangement into hardware and software elements. The software part of such an arrangement is taken to include both the instructions that are executed by the processor, and the data that is used and produced by these instructions. In some cases, a large amount of data forms an essential element within the system and plays a vital role in ensuring its correct operation. In such situations it is perhaps more appropriate to partition a system into hardware, software and data, to allow appropriate importance to be given to each element. This is particularly appropriate in safety-related applications where the safe operation of the system is dependent upon the correctness of the data. Unfortunately, the various standards and guidelines that relate to the production of critical systems are concerned almost exclusively with methods of ensuring the 'safety' of the hardware and the executable ...
SSS, 2006
Well-managed data is fundamental to the dependability and operational integrity of a system. Many... more Well-managed data is fundamental to the dependability and operational integrity of a system. Many systems are not only reliant on data, but also the integrity of data. Therefore data should be addressed as part of the system safety case in common with other elements of the system. The system safety argument(s) should address the use of data and the influence of data errors on the system behaviour. However responsibility for data and its associated data integrity is often poorly defined. This lack of clarity allows vendors to abdicate responsibility for data, and its integrity to the client.
Data is all-pervasive and is found in all aspects of modern computer systems, and yet many engine... more Data is all-pervasive and is found in all aspects of modern computer systems, and yet many engineers seem reluctant to recognise the importance of data integrity. The conventional view of data, as simply an aspect of software, underestimates the role played by data errors in the behaviour of the system and their potential effect on the integrity of the overall system. In many cases hazard analysis is not applied to data in the same way that it is applied to other system components. Without data integrity requirements, data development and data provision may not attract the degree of rigour that would be required of other system components of a similar integrity. This omission also has implications for safety assessment where the data is often ignored or neglected. This position becomes self reenforcing, as without integrity requirements the importance of data integrity remains hidden. This research provides a wide-ranging overview of the use (and abuse) of data within safety systems, and proposes a range of strategies and techniques to improve the safety of such systems. A literature review and a survey of industrial practice confirmed the conventional view of data, and showed that there is little consistency in the methods used for data development. To tackle these problems this work proposes a novel paradigm, in which data is considered as a separate and distinct system component. This approach not only ensures that data is given the importance that it deserves, but also simplifies the task of providing guidance that is specific to data. Having developed this conceptual framework for data, the work then goes on to develop lifecycle models to assist with data development, and to propose a range of techniques appropriate for the various lifecycle phases. An important aspect of the development of any safety-related system is the production of a safety argument, and this research looks in some detail at the treatment of data, and data development, within this justification. The industrial survey reveals that in data-intensive systems data is often developed quite separately from other elements of the system. It also reveals that data is often produced by an extended data supply chain that may involve a number of disparate organisations. These characteristics of data distinguish it from other system components and greatly complicate the achievement and demonstration of safety. This research proposes methods of modelling complex data supply chains and proposes techniques for tackling the difficult task of safety justification for such systems.
SSS, 2002
An increasing number of safety-related systems are configured to the application instance through... more An increasing number of safety-related systems are configured to the application instance through the use of data. These systems typically use a static or slowly changing description of the infrastructure, in combination with a command schedule, instantaneous status data and a set of operational conditions. This paper uses the context of a railway control system to identify safety issues in the configuration of the control system and its reliance upon data from the external information systems.
Lecture Notes in Computer Science, 2003
When considering the production of a computerbased system, it is common to partition the arrangem... more When considering the production of a computerbased system, it is common to partition the arrangement into hardware and software elements. The software part of such an arrangement is taken to include both the instructions that are executed by the processor, and the data that is used and produced by these instructions. In some cases, a large amount of data forms an essential element within the system and plays a vital role in ensuring its correct operation. In such situations it is perhaps more appropriate to partition a system into hardware, software and data, to allow appropriate importance to be given to each element. This is particularly appropriate in safety-related applications where the safe operation of the system is dependent upon the correctness of the data. Unfortunately, the various standards and guidelines that relate to the production of critical systems are concerned almost exclusively with methods of ensuring the 'safety' of the hardware and the executable portions of the software of a system, and say almost nothing about the nature, production or testing of the data. This paper looks at the nature of data in a range of safety-critical applications. It then considers the characteristics of data faults and proposes a systematic approach to tackling them.
This chapter considers the analysis of Data-centric systems. It is based on an evidence directed ... more This chapter considers the analysis of Data-centric systems. It is based on an evidence directed approach that relies on scientific evidence for guidance and on decision making to determine the direction of the incident analysis. Root cause analysis can be hybridised with the techniques investigated in Chapter 15.
When considering the production of a computer- based system, it is common to partition the arrang... more When considering the production of a computer- based system, it is common to partition the arrangement into hardware and software elements. The software part of such an arrangement is taken to include both the instructions that are executed by the processor, and the data that is used and produced by these instructions. In some cases, a large amount of data forms an essential element within the system and plays a vital role in ensuring its correct operation. In such situations it is perhaps more appropriate to partition a system into hardware, software and data, to allow appropriate importance to be given to each element. This is particularly appropriate in safety-related applications where the safe operation of the system is dependent upon the correctness of the data. Unfortunately, the various standards and guidelines that relate to the production of critical systems are concerned almost exclusively with methods of ensuring the 'safety' of the hardware and the executable ...