14-SW Safety, Security & Resilience

Safety Concept Overview

• Safety: Ability of a system to operate without causing human injury or environmental damage.
• Safety-critical Systems: Systems where failure can result in injury or death.

Software in Safety-Critical Systems

• Incorporates software for control, affecting overall safety.
• Example: Monitoring of aircraft engine performance for early failure detection.

Safety vs. Reliability

• Reliability and availability necessary but not sufficient for safety.
• Unsafe Reliable Systems: Can have dormant faults, errors in specifications, or operator errors.

Types of Safety-Critical Systems

• Primary Systems: Embedded software failures directly threaten safety (e.g., insulin pumps).
• Secondary Systems: Failures affect other systems with potential safety risks (e.g., healthcare software).

Benefits of Software Safety

• Enhances monitoring beyond electro-mechanical systems.
• Reduces time spent in hazardous environments.
• Detects operator errors in safety-critical tasks.

Safety Terminology

• Accident: Unplanned event causing harm.
• Hazard: Potential condition for an accident.
• Risk: Measure of probability leading to accidents, influenced by hazard probability and severity.

Safety Achievement Strategies

• Hazard avoidance: Designing systems to prevent certain hazards.
• Hazard detection: Identifying and removing hazards before accidents.
• Damage limitation: Including features to minimize damage from accidents.

Safety Requirements Engineering

• Aim: Identify requirements to prevent system failures that cause harm.
• Use a hazard-driven approach to craft functional safety requirements.

Safety Engineering Processes

• Utilize certified development processes with hazard identification and risk assessment.
• Involve structured safety and security cases for regulatory compliance.

Software Safety Arguments

• Aim to prove systems cannot reach unsafe states using proof by contradiction.

Security Overview

• Security: Protects systems from attacks, essential for reliability and safety.
• Threat Types: Include interception, interruption, modification, and fabrication.

Security Design Strategies

• Implement layered protection at platform, application, and record levels.
• Balance between security, usability, and performance.

Security Testing and Validation

• Involves experience-based and penetration testing methods.

Resilience Engineering

• Focuses on limiting costs due to failures and recovering from them.
• Key activities include recognition of failure signs, resistance strategies, and recovery processes.