The safety of software-reliant systems becomes critical when they interact with the physical world, leading to potentially life-threatening consequences. Aircraft, cars, trains, nuclear reactors, certain medical devices, and other physical objects rely on or are controlled by software. Systems in which software components closely interact with physical processes are known as cyber-physical systems. In this blog post, I discuss an SEI project that has shown promising results in assuring the safety of cyber-physical systems.
The consequences of failure in a cyber-physical system can be fatal, so certification authorities, such as the Federal Aviation Administration (FAA) and the Food and Drug Administration (FDA), require a high level of confidence from the methods used to assure safe functioning of these systems. These certification authorities have recognized the value provided by formal methods to provide a high level of assurance. However, formal methods not only don’t scale to large systems, they also tend to focus on only some, but by no means all, of the relevant aspects of a system.
For example, in the passenger airbag of a car, the software must inflate the airbag every time it detects a crash and there is an adult in the seat. A formal method that looks only at the value transformations in the software would verify that when the software receives as an input crash=true and adult=true, the output would always be airbag-inflation=true. Unfortunately, this analysis is insufficient to ensure safety: If the output occurs 10 minutes after the crash, it is obviously too late. It is also necessary to ensure that the software finishes by the required time—20 milliseconds after the crash, leaving enough time for the inflation process to complete, say, 15 milliseconds after the crash.
The SEI has been working on the Rapid Certifiable Trust (RCT) project to address the scalability of formal methods and the interactions among the different aspects of these methods. Core to the approach developed in the RCT project is
This article is purposely trimmed, please visit the source to read the full article.
The post Accelerating Safety Assurance appeared first on Carnegie Mellon University's Software Engineering Institute Blog.