Lean and Agile in Safety-critical Software Development Research and Practice. Henrik Jonsson 21.05.2014

Lean and Agile in Safety-critical Software Development Research and Practice Henrik Jonsson 21.05.2014

About me 2012 Henrik Jonsson Professional Software engineer +13 years Employed by Etteplan Part-time PhD student at Mälardalen University Advisors are Sasikumar Punnekkat and Stig Larsson Studying Agile and Lean in Safety-critical Software development 2018

Agenda Today Overview of my basic research so far Agile values versus safety Agile practices versus EN50128 Lean concept SLR Lean versus safety Workshops tomorrow

Agile a reaction to waterfall System Requirement System Safe Req. A lot of handovers Large batches Long lead times System Design Safe Sw. Req. Sw Requirements Sw. Design & Implement Test Year 1 Year2 Year3 4

The Agile Manifesto and Safety We are uncovering better ways of developing software by doing it and helping others do it. Through this work we have come to value: Individual and Interactions Working Software Customer Collaboration Responding to change over Processes and tools Comprehensive documentation Contract negotiation Following a plan That is, while there is value in the items on the right, we value That is, while there is value in the items on the right, we value the items on the left more. the items on the left more. Agile Agile Regulated Safety-critical sw. dev. http://agilemanifesto.org/

The Agile Umbrella SCRUM Crystal Agile extreme Programming (XP) Kanban FDD Lean Software Development

Agile practices versus EN 50128 [Paper A] EN50128 (ISO61508) Extreme Programming (XP) EN50128

EN50128 : Software for Railway Control Based on ISO61508 Roles Life-cycle phases Quality Assurance Documentation

Agile Practices from Extreme Programming (XP)

Summary of Results Agile Practice Supporting requirements Problematic requirements Test Driven Development Pair Programming Planning Game Testable code Automated tests Source code readable and understandable Taking iterations into account Traceability Independence of tester Tester specifies tests - Details of requirements Change management On-site customer Validation - Continuous Controlled test environment - Integration Automated dynamic verification Refactoring Simpler, readable and maintainable source code Risk to invalidate verification and validation Small releases Validation High burden for formal certification each time Coding standard Coding standards required - Metaphor Architecture and design simple and Not sufficient, too ambiguous understandable Simple design Suitable design method - Balanced size and complexity of source code Sustainable pace - -

Conclusions [Paper A] All agile practices studied supported some of the requirements in EN50128 Most practices must be adapted XP lacks in-build support for documentation and V&V activities Results can guide both development teams and assessors.

But Lean Software Development then Lean product development Lean manufacturing and supply chain 15 (1991,2003) Womack&Jones 5 (2004) Liker 2 (1998) Ohno 1 (2006) Morgan&Liker Lean software development 13 (2003-10) Poppendieck 6 (2010) Andersson 3 (2005) Middleton & Sutton 1 (2010) Coplien & Bjornvig 12

Go see Lean Concepts Identified in Systematic Literature Review Mentorship Supplier integration Integrated functional expertise T-competence Chief engineer Visualization Lean Product Development Technology Value Value stream Adapt tools to human Powerful integrated tools Waste Mistake-proof Flow Set-based engineering Standardized work Respect People Systems Thinking Continuous Improvement Long-term decisions 13

Lean Concepts and Safety - Value Minimize failure stream: What do the customer want to avoid? Customer satisfied Performance Low quality Attractive High quality Must-have Customer dissatisfied

Lean Mistake-proof process Poka yoka fault avoidance Inspections (V&V) not just to find errors but to find means to prevent them in the future Eliminating systematic failures In practice for software development: Static analysis Strongly typed languages Defensive programming (Reviews)

Lean standardization Develop and use checklists (Standard operating procedures) Continuously improved by the workers themselves to avoid waste Coding standards

Lean team work Integrated Product Teams Software + Hardware + Safety + V&V Set-based engineering Develop and evaluate design alternatives objectively Keep options option as long as responsible E.g. timing budgets

Lean and Systems Thinking Safety is clearly a system property have to start at that level Avoid suboptimization of safety Ensure that processes/phases are well-aligned.

Summary Agile values complements plan-driven to achieve real safety Agile practices support certain EN50128 requirements XP weak on documentation and V&V activities Lean core concept may complement agile in SCSD Mistake proofing Standardization Integrated Product Teams Set-based Engineering Systems Thinking

Workshop Topics for Thursday Specifying and verifying safety requirement Integrating System, Safety and Software Engineering in a Agile and Lean Way Agile and safety session Lean Value and Waste in Safety Software Product Development

Lean Safety In Practice: Integrating system, software and safety engineering Based on ideas from agile, lean, own experiences and state-of-the-art research User stories as a starting point Use case scenarios to specify functionality Use case maps to visualize responsibility flow Use HAZOP guidewords to drive safety analysis, safety requirement specification and design Balance safety with other concerns Start at system level then apply recursively

References [Paper A] Jonsson, H, et al (2012) Agile Practices in Regulated Railway Software Development, WoCoCer workshop, ISSR, Dallas [Paper B] : Jonsson, H, et al (2013) Synthesizing a Comprehensive Framework for Lean Software Development, Euromicro SEAA 2013, Santander

Thank you! This work was supported by: Contact: E-mail: henrik.jonsson@etteplan.com Twitter: @hen_jonsson Blog: http://safe-lean-agile.blogspot.se/