Location: X9201#, Xipu campus
There are many standards that either directly or indirectly address the development and assurance of safety-critical software (e.g. ISO 26262 for the automotive domain, EN 50128 for the railway domain, and DO-178B/C in the aerospace domain). There are easily observed differences in the details of these standards. For example, DO-178B uses the concept of Development Assurance Levels (DALs) to moderate the objectives of the standard according to the criticality of the software under development, whereas IEC 61508 uses the concept of Safety Integrity Levels (SILs) to make recommendations as to suitable design and assurance techniques according to the criticality of the software under development. The requirements and recommendations for SILs in IEC 61508 are not the same as those for DALs in DO-178B.
However, underlying these differences there are a number of fundamental principles that can be observed in many of the current standards. Using a framework of 4+1 principles of software safety, this talk will discuss the essential features and challenges of current safety-critical software development.
Tim Kelly is Professor of High Integrity Systems within the Department of Computer Science at the University of York. He is perhaps best known for his work on system and software safety case development, particularly his work on refining and extending the Goal Structuring Notation (GSN). His research interests include safety case management, software safety analysis and justification, software architecture safety, certification of adaptive and learning systems, and the dependability of “Systems of Systems”. He has supervised many research projects in these areas with funding and support from Airbus, BAE SYSTEMS, Data Systems and Solutions, DTI, EPSRC, ERA Technology, Ministry of Defence, QinetiQ and Rolls-Royce. He has published over 150 papers on high integrity systems development and justification in international journals and conferences.