sas_08_legacy_safety_hill assurance and recertification of safety critical software in legacy...
DESCRIPTION
SAS_08_Legacy_Safety_Hill Introduction The assurance of legacy systems from a safety perspective is of particular importance when reuse of the system is considered. A problem arises when attempting to carry out the requirements of a software safety standard on real time legacy systems with safety-critical software. We would like to be able to “recertify” these systems for use in other programs, such as Constellation. To do this, we propose to make a “safety case” for these legacy systems.TRANSCRIPT
SAS_08_Legacy_Safety_Hill
Assurance and Recertification of Safety Critical Software In
Legacy Systems
Janie Hill
NASA Kennedy Space Center, [email protected]
SAS_08_Legacy_Safety_Hill
Agenda Introduction Relevance to NASA Accomplishments Legacy Systems Risk Database (LSRD) Technology Readiness of the Work Availability of Data and Case Studies Barriers to Research Near Term Work
SAS_08_Legacy_Safety_Hill
Introduction The assurance of legacy systems from a safety perspective is of
particular importance when reuse of the system is considered.
A problem arises when attempting to carry out the requirements of a software safety standard on real time legacy systems with safety-critical software.
We would like to be able to “recertify” these systems for use in other programs, such as Constellation.
To do this, we propose to make a “safety case” for these legacy systems.
SAS_08_Legacy_Safety_Hill
Introduction
This proposed research is unique because it is designed to address the reverse engineering of the process and the risk of non-performance of safety requirements, for reuse and recertification of legacy software.
The NASA Safety Standard has a specific requirement to address the safety of legacy systems with safety-critical software, however no common methodology has been found to accomplish this requirement.
SAS_08_Legacy_Safety_Hill
Introduction In performing the research we will apply a new methodology
to multiple projects at KSC in order to retrospectively make a ‘safety case’ for real time legacy systems with safety-critical software.
The objective of this research is to test the methodology on multiple legacy systems with safety-critical software, using the NASA Software Safety standard and a component of software risk, to ‘recertify’ the software for safe reuse in a different application.
The proposed end result of the research is a tool that can be used by government and industry to apply safety standards in general to recertify with confidence the use of legacy systems with safety-critical software.
SAS_08_Legacy_Safety_Hill
Relevance to NASA Legacy systems with safety-critical software are abundant throughout NASA
and especially prevalent at KSC.
System Assurance Analyses (SAA) of the ground systems at KSC were performed many years ago. Some, if not all, of these analyses were performed without fully analyzing the software in the context of the system.
At the time the SAA’s were performed, the NASA Software Safety Standard was either not in existence, or was not required by the contract that produced the system.
Additionally, Safety Cases were not prepared for these ground systems.
Now, some of these systems may be candidate for reuse in the Constellation Program. We need to be able to “recertify” these systems as safe, including the software, per our NASA Safety requirements.
SAS_08_Legacy_Safety_Hill
AccomplishmentsJanuary 2008 – September 2008
Co-Authored and presented one paper on parts of the proposed methodology at the ASWEC 2008 in March 2008.
Completed the element and attribute definitions in the Software Safety Risk Taxonomy to complete the taxonomy.
Completed the questions for the Software Safety Taxonomy Based Questionnaire.
Interviewed the KCCS project manager using the TBQ
Developed risk statements based on the answers to the questions.
Analyzed the risks and bucketed the risks into risk areas.
SAS_08_Legacy_Safety_Hill
Accomplishments• Initial Risk Data entry GUI is complete.
• This functionality now allows risks to be created and input into the database during the interviews with the projects.
• Traceability to the Taxonomy can now be created for each risk.
• Initial Safety Requirements GUI is complete.
• Safety requirements can be input into the database.
• Traceability to the Safety Taxonomy can now be created for each Safety Requirement.
SAS_08_Legacy_Safety_Hill
LSRD – Risk Data Entry
Risk to Taxonomy Traceability. Multiple
Attributes can be selected
Total number of risks, by Project. Clicking
an individual row brings the “details” of
the risk above
SAS_08_Legacy_Safety_Hill
LSRD - Safety RequirementsConcept: Multiple Safety Standards will be allowed to be entered into
the tool
Record navigator: Move First, Next, Previous, Move Last, Add, Save, Delete functions
Concept: Field locks will be used to
prevent repetitive typing.
Requirement rationale for each
safety requirement can
be captured
SAS_08_Legacy_Safety_Hill
LSRD – Safety Requirements
Requirement to Taxonomy
Traceability. Multiple Attributes can be
selected
Parent Requirement. Child requirements are displayed and
managed in the grid below
SAS_08_Legacy_Safety_Hill
Technology Readiness of the Work
Technology concept and/or application formulated
Invention begins. Once basic principles are observed, practical applications can be invented. The application is speculative and there is no proof or detailed analysis to support the assumption. Examples are still limited to paper studies.
The estimate of the current TRL of this research results: Between 2 and 3.
Analytical and experimental critical function and/or characteristic proof of concept.
Active research and development is initiated. This includes analytical studies and laboratory studies to physically validate analytical predictions of separate elements of the technology. Examples include components that are not yet integrated or representative.
SAS_08_Legacy_Safety_Hill
Availability of Data and Case Studies
Pilot project data collection was successful because project personnel were willing to participate and had management concurrence.
Case studies are not applicable at this point, because the methodology will create the data that is needed to study.
SAS_08_Legacy_Safety_Hill
Near Term Work Continue with implementation of the Legacy Systems Risk
Database.
Finish the Software Safety TBQ Graphical User Interface.
Finish the Software Requirements Specification for the LSRD.
Update the design documentation for the LSRD.
Work with Donna Smith at Wallops on their projects (October) and Chuck Niles at Langley.
Work with other projects at KSC (FY 09)
SAS_08_Legacy_Safety_Hill
Questions?