sas_08_legacy_safety_hill assurance and recertification of safety critical software in legacy...

SAS_08_Legacy_Safety_Hill

Assurance and Recertification of Safety Critical Software In

Legacy Systems

Janie Hill

NASA Kennedy Space Center, [email protected]


Agenda Introduction Relevance to NASA Accomplishments Legacy Systems Risk Database (LSRD) Technology Readiness of the Work Availability of Data and Case Studies Barriers to Research Near Term Work


Introduction The assurance of legacy systems from a safety perspective is of

particular importance when reuse of the system is considered.

A problem arises when attempting to carry out the requirements of a software safety standard on real time legacy systems with safety-critical software.

We would like to be able to “recertify” these systems for use in other programs, such as Constellation.

To do this, we propose to make a “safety case” for these legacy systems.


Introduction

This proposed research is unique because it is designed to address the reverse engineering of the process and the risk of non-performance of safety requirements, for reuse and recertification of legacy software.

The NASA Safety Standard has a specific requirement to address the safety of legacy systems with safety-critical software, however no common methodology has been found to accomplish this requirement.


Introduction In performing the research we will apply a new methodology

to multiple projects at KSC in order to retrospectively make a ‘safety case’ for real time legacy systems with safety-critical software.

The objective of this research is to test the methodology on multiple legacy systems with safety-critical software, using the NASA Software Safety standard and a component of software risk, to ‘recertify’ the software for safe reuse in a different application.

The proposed end result of the research is a tool that can be used by government and industry to apply safety standards in general to recertify with confidence the use of legacy systems with safety-critical software.


Relevance to NASA Legacy systems with safety-critical software are abundant throughout NASA

and especially prevalent at KSC.

System Assurance Analyses (SAA) of the ground systems at KSC were performed many years ago. Some, if not all, of these analyses were performed without fully analyzing the software in the context of the system.

At the time the SAA’s were performed, the NASA Software Safety Standard was either not in existence, or was not required by the contract that produced the system.

Additionally, Safety Cases were not prepared for these ground systems.

Now, some of these systems may be candidate for reuse in the Constellation Program. We need to be able to “recertify” these systems as safe, including the software, per our NASA Safety requirements.


AccomplishmentsJanuary 2008 – September 2008

Co-Authored and presented one paper on parts of the proposed methodology at the ASWEC 2008 in March 2008.

Completed the element and attribute definitions in the Software Safety Risk Taxonomy to complete the taxonomy.

Completed the questions for the Software Safety Taxonomy Based Questionnaire.

Interviewed the KCCS project manager using the TBQ

Developed risk statements based on the answers to the questions.

Analyzed the risks and bucketed the risks into risk areas.


Accomplishments• Initial Risk Data entry GUI is complete.

• This functionality now allows risks to be created and input into the database during the interviews with the projects.

• Traceability to the Taxonomy can now be created for each risk.

• Initial Safety Requirements GUI is complete.

• Safety requirements can be input into the database.

• Traceability to the Safety Taxonomy can now be created for each Safety Requirement.


LSRD – Risk Data Entry

Risk to Taxonomy Traceability. Multiple

Attributes can be selected

Total number of risks, by Project. Clicking

an individual row brings the “details” of

the risk above


LSRD - Safety RequirementsConcept: Multiple Safety Standards will be allowed to be entered into

the tool

Record navigator: Move First, Next, Previous, Move Last, Add, Save, Delete functions

Concept: Field locks will be used to

prevent repetitive typing.

Requirement rationale for each

safety requirement can

be captured


LSRD – Safety Requirements

Requirement to Taxonomy

Traceability. Multiple Attributes can be

selected

Parent Requirement. Child requirements are displayed and

managed in the grid below


Technology Readiness of the Work

Technology concept and/or application formulated

Invention begins. Once basic principles are observed, practical applications can be invented. The application is speculative and there is no proof or detailed analysis to support the assumption. Examples are still limited to paper studies.

The estimate of the current TRL of this research results: Between 2 and 3.

Analytical and experimental critical function and/or characteristic proof of concept.

Active research and development is initiated. This includes analytical studies and laboratory studies to physically validate analytical predictions of separate elements of the technology. Examples include components that are not yet integrated or representative.


Availability of Data and Case Studies

Pilot project data collection was successful because project personnel were willing to participate and had management concurrence.

Case studies are not applicable at this point, because the methodology will create the data that is needed to study.


Near Term Work Continue with implementation of the Legacy Systems Risk

Database.

Finish the Software Safety TBQ Graphical User Interface.

Finish the Software Requirements Specification for the LSRD.

Update the design documentation for the LSRD.

Work with Donna Smith at Wallops on their projects (October) and Chuck Niles at Langley.

Work with other projects at KSC (FY 09)


Questions?

sas_08_legacy_safety_hill assurance and recertification of safety critical software in legacy...

Documents