Learning Outcomes. Systems Engineering. Risk. Risk Management

Similar documents
Developing software which should never compromise the overall safety of a system

System Specification. Objectives

Risk. Risk Categories. Project Risk (aka Development Risk) Technical Risk Business Risk. Lecture 5, Part 1: Risk

Project Management. Massimo Felici Room 1402, JCMB, KB

The portable insulin pump. Developing a dependability. pump

Risk Management (3C05/D22) Unit 3: Risk Management. What is risk?

4. Critical success factors/objectives of the activity/proposal/project being risk assessed

Dependable software development. Programming techniques for building dependable software systems.

A Methodology for Safety Critical Software Systems Planning

Unit 15: Risk Management

Criteria for Flight Project Critical Milestone Reviews

Evaluation and Integration of Risk Management in CMMI and ISO/IEC 15504

Controlling Risks Risk Assessment

Lecture 10: Managing Risk" Risk Management"

Safety Driven Design with UML and STPA M. Rejzek, S. Krauss, Ch. Hilbes. Fourth STAMP Workshop, March 23-26, 2015, MIT Boston

How To Create A Multi Disk Raid

Filing Systems. Filing Systems

Motivations. spm adolfo villafiorita - introduction to software project management

Safety Integrity Levels

Contents. Today Project Management. Project Management. Last Time - Software Development Processes. What is Project Management?

Reliable Software/Hardware Development

Phases, Activities, and Work Products. Object-Oriented Software Development. Project Management. Requirements Gathering

TECH. Tracking Progress. Project Schedule PHASE 1 STEP 1 ACTIVITY 1.1. Activity and Milestone STEP 1 STEP 2 : ACTIVITY 2.2 : ACTIVITY 1.

Introduction to Software Engineering. 9. Project Management

University of Paderborn Software Engineering Group II-25. Dr. Holger Giese. University of Paderborn Software Engineering Group. External facilities

Organizational Requirements Engineering

Non-Technical Issues in Software Development

ASSESSMENT OF THE ISO STANDARD, ROAD VEHICLES FUNCTIONAL SAFETY

Design of High Availability Systems & Software

Software Quality Assurance: II Software Life Cycle

Multiagent Reputation Management to Achieve Robust Software Using Redundancy

Spacecraft Computer Systems. Colonel John E. Keesee

Karunya University Dept. of Information Technology

Edwin Lindsay Principal Consultant. Compliance Solutions (Life Sciences) Ltd, Tel: + 44 (0) elindsay@blueyonder.co.

Software Engineering. Dilbert on Project Planning. Overview CS / COE Reading: chapter 3 in textbook Requirements documents due 9/20

Learning outcomes. Systems Engineering. Software Quality Management. Product reflects Process. Lecture 5. Introduction to Software Quality Management

Risk Assessment for Medical Devices. Linda Braddon, Ph.D. Bring your medical device to market faster 1

Delivering Reliability in the Healthcare System

Overview of IEC Design of electrical / electronic / programmable electronic safety-related systems

Critical Systems Validation. Objectives

Contents. Introduction and System Engineering 1. Introduction 2. Software Process and Methodology 16. System Engineering 53

Software Testing Strategies and Techniques

Topics in Software Reliability

Failure Modes & Effects Analysis

Network Risk Assessment Guideline

Assessment Plan for CS and CIS Degree Programs Computer Science Dept. Texas A&M University - Commerce

Embedded Systems Lecture 9: Reliability & Fault Tolerance. Björn Franke University of Edinburgh

Introduction to Risk Management for Software Projects. Peter Kolb. Distributed and Outsourced Software Engineering, ETH Zurich

Quotes from Object-Oriented Software Construction

Problems that haven t happened yet Why is it hard? Some are wary of bearing bad news. Define a strategy early in your project

Fixing Dental Implant Component Failure and Fracture: Retrieving the Fractured Implant Abutment Screw. Charles A. Mastrovich, DDS

How To Manage Project Management

Implementing an Approximate Probabilistic Algorithm for Error Recovery in Concurrent Processing Systems

應 用 測 試 於 軟 體 發 展 生 命 週 期. Testing In The Software Development Life Cycle

LIABILITY RISK MANAGEMENT PROCESS

Assessment for Master s Degree Program Fall Spring 2011 Computer Science Dept. Texas A&M University - Commerce

Software-based medical devices from defibrillators

University of Ljubljana. Faculty of Computer and Information Science

Schedule Compression

Integrating System Safety and Software Assurance

Software Test Plan (STP) Template

Five Essential Components for Highly Reliable Data Centers

Software testing. Objectives

Richard Martin, Kiran Nagaraja Thu Nguyen and Barbara Ryder. Rutgers University Department of Computer Science. EASY Workshop July 2001

ISO Introduction

DATA RECOVERY SOLUTIONS EXPERT DATA RECOVERY SOLUTIONS FOR ALL DATA LOSS SCENARIOS.

Safety Management Systems (SMS) guidance for organisations

3.0 Risk Assessment and Analysis Techniques and Tools

TRANSPORT FOR LONDON SAFETY, HEALTH AND ENVIRONMENT ASSURANCE COMMITTEE

Safety Critical & High Availability Systems

Securing the Internet of Things WHITEPAPER

Government Degree on the Safety of Nuclear Power Plants 717/2013

large-scale machine learning revisited Léon Bottou Microsoft Research (NYC)

RAID5 versus RAID10. First let's get on the same page so we're all talking about apples.

Safety Risk Impact Analysis of an ATC Runway Incursion Alert System. Sybert Stroeve, Henk Blom, Bert Bakker

SAFETY LIFE-CYCLE HOW TO IMPLEMENT A

Seion. A Statistical Method for Alarm System Optimisation. White Paper. Dr. Tim Butters. Data Assimilation & Numerical Analysis Specialist

4/1/2015. Great Software Development (through iteration) Outline. Motivation. Pleasing the Customer. A view from the research university

B-Trees. Algorithms and data structures for external memory as opposed to the main memory B-Trees. B -trees

Core Syllabus. Version 2.6 C OPERATE KNOWLEDGE AREA: OPERATION AND SUPPORT OF INFORMATION SYSTEMS. June 2006

Design of automatic testing tool for railway signalling systems software safety assessment

Fault Tolerance & Reliability CDA Chapter 3 RAID & Sample Commercial FT Systems

Previous Lectures. B-Trees. External storage. Two types of memory. B-trees. Main principles

ICS 121 Lecture Notes Spring Quarter 96

CS Master Level Courses and Areas COURSE DESCRIPTIONS. CSCI 521 Real-Time Systems. CSCI 522 High Performance Computing

Project Risk Management: IV&V as Insurance for Project Success

Describe the process of parallelization as it relates to problem solving.

TRADITIONAL VS MODERN SOFTWARE ENGINEERING MODELS: A REVIEW

V1.0 - Eurojuris ISO 9001:2008 Certified

Testing Big data is one of the biggest

Effective Application of Software Safety Techniques for Automotive Embedded Control Systems SAE TECHNICAL PAPER SERIES

Development and Evaluation of Point Cloud Compression for the Point Cloud Library

High Availability Design Patterns

Cloud Computing. Up until now

Risk Assessment and Management. Allen L. Burgenson Manager, Regulatory Affairs Lonza Walkersville Inc.

Patterns in Software Engineering

Software Safety Tutorial (Status Update)

Making project management indispensable for business results. Project Management 101

Software Engineering. Reading. Effort estimation CS / COE Finish chapter 3 Start chapter 5

Requirements Management John Hrastar

Transcription:

Systems Engineering Lecture 11 and Criticality Dr. Joanna Bryson Dr. Leon Watts University of Bath Department of Computer Science 1 Learning Outcomes After the lecture and doing the reading, you should be able to: Describe the risk management process and define the concept of risk. Identify common risks in a software project. Perform probabilistic risk analysis Explain what is meant by a critical system, and how risk is incorporated into the development of critical systems. Construct a fault tree analysis diagram. 2 : An unwanted event that may occur with negative consequences exposure =! Probability(event i ) " cost(event i ) Software Engineering considers 3 main forms of risk 1. Project : cost increase (e.g. schedule slippage) 2. Product : quality degradation. includes of Harm (critical systems). 3. Business : risk to organisation. i 3 Management can reflect internal and external factors Management: the process of measuring or assessing risk, and then developing strategies to manage the risk. Management Process: Assessment Control 4

Assessment Control & Monitoring Identification Identify project, product and business risks Analysis / Prioritisation Assess the likelihood and consequences of these risks assessment planning Draw up plans to avoid or minimise the effects of the risk; resolution Implement plans to reduce risk Control Monitoring 5 6 Assessment Determine for each risk Loss associated with event (risk impact). Likelihood an event will occur (risk probability). Degree to which we can change the outcome. Identification (identify risk events) Case Review / Analogy -- read the IT news. Brainstorming Technology risks People risks Organisational risks Requirements risks Estimation risks 7 Boehm s Top 10 Items Identified through empirical study [Boehm 1991]: Software Management: Principles and Practices, IEEE Software, Vol. 8, Issue 1, pp32-41 8

Boehm s (1991) Top 10 s Analysis 1. Personnel shortfalls 2. Unrealistic schedules and budgets Identified!r"gh 3. Developing the wrong software functions 4. Developing the wrong user interface empi#cal $udy 5. Gold plating 6. Continuing stream of requirements changes 7. Shortfalls in externally performed tasks 8. Shortfalls in externally furnished components 9. Real-time performance shortfalls 10.Straining computer science capabilities 9 Example list of risks 10 Over to you Assessment: Analysis Now prioritise risks according to exposure (PRA) In pairs perform a brief risk assessment (identification and analysis) for your coursework. Y Pick at least 3 risk events (internal or external) you can foresee. Assess the probability of these occurring. Do regression testing? Assess the impact if they do occur. N 11 12

Probabilistic Analysis Planning Y Do regression testing? N Computes risk exposure for various scenarios P=0.80 P=0.20 P=0.80 P=0.20 P=0.96 P=0.04 P=0.55 P=0.45 L=.5m L= 30m L= 0m L=.5m L= 30m L= 0m 0.38m 0.96m 0m 0.22m 10.8m 0m 1.35m 11.02m Avoidance strategies: reduce the probability the risk will arise. Minimisation strategies: reduce the impact of the risk if it does arise. Contingency plans: prepared for the worst -- have a strategy in place to deal with risks that occur. 13 14 Monitoring Critical Systems Development management is an ongoing, iterative process. The risk management process runs hand in hand with your project planning! 15 Three types of critical systems 1. Safety critical systems 2. Mission critical systems 3. Business critical system cost Dependability Availability Reliability Safety Security Cost rises exponentially with dependability. 16 dependability

Identification Description Critical System Specification The specification of critical systems should be risk driven Understand risks and identify root causes Define safety requirements to reduce risks Success metrics: should not versus must not. Analysis & Classification Assessment 17 Decomposition Cause Analysis Reduction Assesment Dependability Requirements Safety Critical Systems s are categorised as: Intolerable. Must never arise or result in an accident. As Low as Reasonably Practical (ALARP). Must minimise the possibility of risk given cost and schedule constraints. Acceptable. The consequences of the risk are acceptable and no extra costs should be incurred to reduce hazard probability. The acceptability of a risk is determined by human, social and political considerations. In most societies, the boundaries between the regions are pushed upwards with time i.e. society is less willing to accept risk assessment can vary by expert (subjective?). s are identified as probable, unlikely, etc. This depends on who is making the assessment. 18 Where to draw the line? Fault Tree Analysis (FTA) Identifying root causes of risk. NASA CR-66559 Developed as part of US MinuteMan Missile program. A deductive top-down technique. Put the risk or hazard at the root of the tree and identify the system states that could lead to that hazard. Where appropriate, link these with and or or conditions. 19 20

Fault Tree Analysis of Insulin Machine [Sommerville 2004] Root Causes Sensor Sensor Incorrect Incorrect sugar level measured measured or Sugar computation Sugar error computation error Incorrect insulin dose administered Incorrect insulin dose administered or Correct dose delivered at wrong at wrong time time Timer Timer Insulin Insulin computation Delivery system Delivery system or Pump signals Pump signals Top-Down Critical Systems Design Strategy Redundancy Diversity For example, of: Replicated subsystems Replicated internal verification routines 21 22 Dependable Programming Dangerous constructs Goto Floating point numbers Pointers Dynamic memory Concurrency and threads Recursion Unbounded arrays Safety enhancing OO Encapsulation Name space management 23 Fault tolerance (1) Run-time fault checking for critical systems Fault free vs. free, e.g. RAID. Four aspects to fault tolerance Fault detection Damage assessment Fault recovery Fault repair N-version programming, recover blocks, redundant systems, code rewrite(!) 24

Fault tolerance (2) Summary Diversity can be achieved by: Including requirements that different approaches to design be used. Requiring that the implementations should be written in different programming languages. Requiring the use of different tools and development environments. Explicitly requiring different algorithms to be used. After doing some reading, you should be able to: Describe the risk management process and define the concept of risk. Identify common risks in a software project. Perform probabilistic risk analysis Explain what is meant by a critical system, and how risk is incorporated into the development of critical systems. Construct a fault tree analysis diagram. 25 26

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information