requirements and safety
play

Requirements and Safety in SafeScrum Tor Stlhane, IDI / NTNU Thor - PowerPoint PPT Presentation

Oct 16, 2023 •526 likes •860 views

Stepwise refinement of Requirements and Safety in SafeScrum Tor Stlhane, IDI / NTNU Thor Myklebust, ICT / SINTEF Geir K. Hanssen, ICT / SINTEF Brge Haugset, ICT / SINTEF Challenge for all development Understanding 100% Degrees of

  1. Stepwise refinement of Requirements and Safety in SafeScrum Tor Stålhane, IDI / NTNU Thor Myklebust, ICT / SINTEF Geir K. Hanssen, ICT / SINTEF Børge Haugset, ICT / SINTEF

  2. Challenge for all development Understanding 100% Degrees of freedom Time TD

  3. Challenges for safety-critical software Architecture • Important decisions have to be made early in the project when we have little information Safety analysis • Must start as early as possible in a project • Will generate new requirements due to the need to – make required functionality more safe – add barriers to handle unsafe situations

  4. An early start – 1 Safety must be • Considered from day 1 => safety considerations must be part of all decisions • Based on 1. epics and architectural patterns 2. user stories and high level design 3. generic system components Important challenge: Many important decisions are made early, when we have little knowledge of the final system

  5. An early start – 2 The following well-known concepts should be used • Architectural patterns – several exist for most application areas • Generic – Hazard lists – environment and domain specific – e.g., FAA for aerospace – Failure modes – from just a few (e.g. 2) to quite many (e.g. 10) – Fault trees – environment and domain specific – e.g. IMO, building standards

  6. Early safety analysis – 1 1. Write theme and epic – get an overview of what we want to achieve 2. Select an architectural pattern a. Allows us to identify generic components b. Starting-point for next level safety analysis and barriers 3. Apply FMEA to generic components to identify barriers 4. Write detailed system requirements

  7. Early safety analysis – 2 We must be able to involve all types of stakeholders. Safety analysis is not a job only for the safety analysts. The methods we use have to be easy to • Learn – no extensive coursing needed • Use – all categories of stakeholders must be able to contribute

  8. Themes and epics

  9. Preliminary Hazard Analysis – PHA Epics and patterns Hazard Cause Main effect Preventive action

  10. FMEA Generic components Failure description Failure effect on Unit description Recommendation the next level Failure mode Failure cause User stories Function Function description Detection Functional Effects Cause Comments failure mode Current method Generic functional failure modes used as guide-words: Over, Under, No, Intermittent, Unintended

  11. Input Focused FMEA - Stories Generic components List of component input sources: Story ID: Suggested barriers Output failure and new Output Input deviation Component mode requirements failure mode failure description Omission Commission Wrong action Too late

  12. Generic failure modes Be ware: Generic failure modes • Is not a replacement for using your head • Are most useful in the early stages where we still have a lot of choices when it come to – architecture – barrier solutions • Could be used as guide words in the analysis

  13. Generic failure modes – examples Component type Failure mode Software systems - control Omission – something is not system, e.g., a PLC done, no action Commission – something more is done Wrong action Delayed – right action but too late Hardware component, e.g. a No action pump or a sensor Wrong action Delayed action We can use generic failure modes to • simplify the FMEA process • give the FMEA an easy start • promote reuse of FMEAs wherever practical

  14. Generic fault trees – 1 Generic fault trees give information needed to • Get a broad overview on – the consequences of component failures – possible barriers • Create checklists - what – have we included in our system – is left to be handled by others

  15. Generic fault trees – 2

  16. Architectural patters There are several sources for real time software patterns described as e.g. • Message sequence diagrams • UML classes • Architectural patterns. Example follows • State diagrams

  17. Observe-and-react pattern Sensors Observers Analyse Display Reactors Possible weakness - environment not included => No feedback mechanism

  18. Observe-and-react – examples (1) Fire alarm ABS

  19. Observe – React with Leveson’s addition – 1

  20. Observe – React with L eveson’s addition – 2 Allows us to consider the effect of • Process problems – Missing or wrong input – Output that can cause harm – Input that can create unforeseen – e.g. out of range – process disturbances • Model problems – process, automation and interfaces – Inconsistent – Incomplete – incorrect

  21. Barriers

  22. Example – theme and epics Theme: a safer building Epic ID: Fire alarm (1) As a House owner I want To discover fire as quickly as possible So that I can evacuate people as early as possible Epic ID: Fire alarm (2) As a Fire brigade To discover the location of a fire as quickly as I want possible So that I can put out the fire as simple as possible

  23. Generic fault tree for a building – fire fighting

  24. Fire alarm pattern Components: • Fire sensors • Alarm • Alarm display • Sprinkler • Analyser - control unit

  25. Example - PHA Based on Epic 1 and Epic 2 Hazard Cause Main effect Preventive action Alarm system No alarm in No or delayed Periodic testing failure building evacuation UPS Power failure Alarm system Periodic testing failure UPS No alarm to No or delayed Power failure Ping on fire brigade fire brigade Transmission transmission failure lines Alarm system Unnecessary False alarm - failure evacuation

  26. Choosing “The system” There is a tight coupling between • alarm system => discover and inform • fire fighting system => put out or control • the environment – the rest of the building. It is important to decide what is inside and what is outside the system

  27. Our area of concern – inside 3 7 5 4 2 6

  28. The environment – outside Important to define what is inside and what is outside the system

  29. Fire alarm pattern 2 3 Fire sensors 1 Observers Analysis Display 5 6 4 7 Local Remote Emergency Water alarm alarm light supply

  30. From Epic to User stories Epic ID: Fire alarm As a House owner I want To discover fire as quickly as possible So that I can evacuate people as early as possible Story ID: Local alarm – 5 Story ID: Fire display - 2 As a House owner As a House owner I want To be made aware of the To know where the fire is I want fire So that I can evacuate persons in the So that I can start necessary area actions – e.g. call the fire brigade

  31. User story IF-FMEA Based on the observe – react pattern Story ID: Local alarm – 5 List of component input sources: • Analysis Suggested barriers Output failure Alarm and new Output mode Input deviation component requirements failure mode description failure No alarm No alarm Alarm unit Equipment • Omission trigger malfunction Duplication • Lack of power Periodic testing Extra alarm Extra alarm Alarm unit Pinging connection to Commission trigger short-circuit analysis No / false No / false alarm Alarm unit Periodic testing / • Wrong action alarm trigger malfunction maintenance • short-circuit Delayed Alarm delayed Delayed trigger - -

  32. Main conclusions We can start safety analysis early in the development process if we • Get the most important, high level requirements in place early • Decide what is inside and what is outside our system • Use – Generic failure modes and architectural patters – Domain specific fault trees and hazard lists

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

1 Software Safety Specifying safety requirements Safety vs. Reliability Component

1 Software Safety Specifying safety requirements Safety vs. Reliability Component

User requirements CSE 403 Business Requirements Lecture 14 User User Use Cases Requirements Study Safety and Security Requirements Functional Requirements Requirements Documentation Non-functional Requirements Non-functionality

275 views • 3 slides
Nuclear Safety Requirements June 4, 2019 e-Doc 5910724 Nuclear Safety Requirements Canadian

Nuclear Safety Requirements June 4, 2019 e-Doc 5910724 Nuclear Safety Requirements Canadian

Meeting with the UN Special Rapporteur Nuclear Safety Requirements June 4, 2019 e-Doc 5910724 Nuclear Safety Requirements Canadian Nuclear Safety Commission Established in May 2000 under the Nuclear Safety and Control Act regulates

381 views • 23 slides
EUROCONTROL Safety Regulatory Requirements Practical Application European Organisation for the

EUROCONTROL Safety Regulatory Requirements Practical Application European Organisation for the

EUROCONTROL Safety Regulatory Requirements Practical Application European Organisation for the Safety of Air Navigation 1 ESARRs - Overview 1. Requirements for safety regulation by State authorities 2. Safety monitoring and improvement 3.

365 views • 10 slides
Requirements for Requirements for Electronic Safety Equipment used in a Equipment used in a

Requirements for Requirements for Electronic Safety Equipment used in a Equipment used in a

Requirements for Requirements for Electronic Safety Equipment used in a Equipment used in a Hazardous Location By Jim Marquedant Agenda FM Global & FM Approvals Overview Ignition In Hazardous Locations Evolution of Intrinsic

536 views • 19 slides
Food Safety Compliance Food Safety Requirements, Recordkeeping, and Reporting May 2020 Division

Food Safety Compliance Food Safety Requirements, Recordkeeping, and Reporting May 2020 Division

Food Safety Compliance Food Safety Requirements, Recordkeeping, and Reporting May 2020 Division of Food and Nutrition Orientation for New Food Service Operators 5/18/20 1 1 Objectives Requirements Identify requirements for school food

420 views • 12 slides
FXLL SAFETY PRESENTATION Director of Safety Darric Milligan Little League Requirements

FXLL SAFETY PRESENTATION Director of Safety Darric Milligan Little League Requirements

2017 FXLL Safety Program FXLL SAFETY PRESENTATION Director of Safety Darric Milligan Little League Requirements Required training in first-aid for coaches Mandatory for at least 1 Manager/Coach per team to attend each year Mandatory

531 views • 27 slides
Tutorial T3 Engineering Safety-Related Requirements for Software-Intensive Systems Donald

Tutorial T3 Engineering Safety-Related Requirements for Software-Intensive Systems Donald

Tutorial T3 Engineering Safety-Related Requirements for Software-Intensive Systems Donald Firesmith, Software Engineering Institute, USA Topics Importance of Safety-Related Requirements Automatic People Mover Example Overview Basic

1.16k views • 77 slides
Considerations for the Practical Application of the Safety Requirements for Nuclear Power Plant

Considerations for the Practical Application of the Safety Requirements for Nuclear Power Plant

International Atomic Energy Agency Considerations for the Practical Application of the Safety Requirements for Nuclear Power Plant Design Joint ICTP-IAEA Essential Knowledge Workshop on Deterministic Safety Analysis and Engineering Aspects

747 views • 31 slides
Non-interventional post-authorisation safety studies: definition, obligations and requirements

Non-interventional post-authorisation safety studies: definition, obligations and requirements

Non-interventional post-authorisation safety studies: definition, obligations and requirements Presented by: Annalisa Rubino, PhD Pharmacovigilance and Risk Management Sector An agency of the European Union Post-authorisation safety studies

702 views • 12 slides
Safety Requirements Date: 09 March 2020 Presenter : Andre Fredericks Enquiry Number : KZN0041/YH

Safety Requirements Date: 09 March 2020 Presenter : Andre Fredericks Enquiry Number : KZN0041/YH

Safety Requirements Date: 09 March 2020 Presenter : Andre Fredericks Enquiry Number : KZN0041/YH Enabling Agreement Electrification Household Connections RISK CATEGORY In terms of 32-726 SHE Commercial Requirements for the Eskom

511 views • 5 slides
Requirements of International Investors as a Environmental, Health & Safety and Social

Requirements of International Investors as a Environmental, Health & Safety and Social

Requirements of International Investors as a Environmental, Health & Safety and Social Management Tool MINEX Central Asia 5 th Forum, Astana 02 April 2014 The worlds leading sustainability consultancy Agenda Introducing ERM

268 views • 11 slides
HLS Checklist Explanation and Examples Health/Life Safety requirements became a part of the

HLS Checklist Explanation and Examples Health/Life Safety requirements became a part of the

HLS Checklist Explanation and Examples Health/Life Safety requirements became a part of the school code in 1875 after the Great Chicago Fire. Our Lady of Angels Fire (Chicago) in 1958 was another tragic fire that triggered life safety

956 views • 74 slides
Non-clinical Assessment Requirements Presented by: Maria Nieto-Gutierrez Safety and Efficacy of

Non-clinical Assessment Requirements Presented by: Maria Nieto-Gutierrez Safety and Efficacy of

Non-clinical Assessment Requirements Presented by: Maria Nieto-Gutierrez Safety and Efficacy of Medicines/ Human Medicines Development and Evaluation An agency of the European Union Non-clinical Assessment Requirements Contents:

503 views • 37 slides
Mine Health and Safety Council STS PRINCIPLES & IMPLEMENTATION REQUIREMENTS Dr Dipalesa

Mine Health and Safety Council STS PRINCIPLES & IMPLEMENTATION REQUIREMENTS Dr Dipalesa

Mine Health and Safety Council STS PRINCIPLES & IMPLEMENTATION REQUIREMENTS Dr Dipalesa Mokoboto OUTLINE WHAT IS STANDARD THRESHOLD SHIFT(STS) HX- SANS 10083- PERIODIC SCREENING BACKGROUND OBJECTIVES IMPORTANT

600 views • 26 slides
PRESENTATION ON STATUTORY REQUIREMENTS AND COMPLIANCES ON MINE SAFETY FOR CONTRACTOR

PRESENTATION ON STATUTORY REQUIREMENTS AND COMPLIANCES ON MINE SAFETY FOR CONTRACTOR

PRESENTATION ON STATUTORY REQUIREMENTS AND COMPLIANCES ON MINE SAFETY FOR CONTRACTOR WORKERS FOR CONTRACTOR WORKERS by R. T. MANDEKAR DIRECTOR OF MINES SAFETY, DGMS, HQ,DHANBAD 2 OVERVIEW OF MINING IN INDIA MINING IN INDIA

455 views • 44 slides
Key Comparison of Safety Requirements in Europe, North America and Australia for Electronic

Key Comparison of Safety Requirements in Europe, North America and Australia for Electronic

Key Comparison of Safety Requirements in Europe, North America and Australia for Electronic Products Mr. K.F. Siu 15 April, 2010 www.intertek.com 1 Presentation Agenda Standards For Audio/Video Product Europe EN 60065 U.S.A.

729 views • 42 slides
Ral Gmez SDS, vision 1 Sacred Heart Seminary and School of Theology: Your Seminary Good

Ral Gmez SDS, vision 1 Sacred Heart Seminary and School of Theology: Your Seminary Good

Ral Gmez SDS, vision 1 Sacred Heart Seminary and School of Theology: Your Seminary Good morning. Thank you so much Fr. Ed for the invitation to address you, the SCJs here, and your alumni this morning as you begin your provincial assembly.

210 views • 7 slides
S6 Upper School Option Choices January 2020 I N F O R M A T I O N T E C H N O L

S6 Upper School Option Choices January 2020 I N F O R M A T I O N T E C H N O L

S6 Upper School Option Choices January 2020 I N F O R M A T I O N T E C H N O L O G Y S E R V I C E S C A L D E R S I D E A C A D E M Y Areas to be Highlighted Options calendar The S6 curriculum &

645 views • 29 slides
4 th June 2014 Ministerial Commitment Failure is not an Option A common purpose for the delivery

4 th June 2014 Ministerial Commitment Failure is not an Option A common purpose for the delivery

Joe Breen Department of the Environment Northern Ireland 4 th June 2014 Ministerial Commitment Failure is not an Option A common purpose for the delivery of Aichi Targets by 2020 The purpose of this UK Biodiversity Framework is to set a broad

331 views • 19 slides
Presentation to Kildare Joint Policing Committee on 14 th June 2016 Kildare Garda Division

Presentation to Kildare Joint Policing Committee on 14 th June 2016 Kildare Garda Division

Presentation to Kildare Joint Policing Committee on 14 th June 2016 Kildare Garda Division Introductions Crime Figures* *Crime counting rules are applied and incident counts are based on date reported. All Crime figures are for YTD up to 13 th

247 views • 13 slides
Sixth Form Information Evening This evening Student Finance Accepting offers

Sixth Form Information Evening This evening Student Finance Accepting offers

4 th March 2020 Sixth Form Information Evening This evening Student Finance Accepting offers Results day Between now & then Student Fees and Financial Support Jonathan Croall Head of Student Finance Student Finance

1.02k views • 26 slides
Berry Bypass Urban Design Strategy Community Workshop Berry Bridge and Northern Interchange

Berry Bypass Urban Design Strategy Community Workshop Berry Bridge and Northern Interchange

Berry Bypass Urban Design Strategy Community Workshop Berry Bridge and Northern Interchange Precinct 28 March 2012 Contents Berry Bridge Northern Interchange - Philosophy - Philosophy - Vantage Points - Vantage Points - Coordinated

894 views • 54 slides
East Area Planning Committee Presentation 19/01039/FUL 75 Land Adjacent to Randolph Court

East Area Planning Committee Presentation 19/01039/FUL 75 Land Adjacent to Randolph Court

East Area Planning Committee Presentation 19/01039/FUL 75 Land Adjacent to Randolph Court Agenda Item 6 Site Location Plan 76 Existing site/buildings 77 View Along Churchill Drive 78 Rear of existing building looking south 79 View in

457 views • 16 slides
SWSLHD Research Directorate Training Webinar 2 nd October 2019 Andrea Lee Research Ethics and

SWSLHD Research Directorate Training Webinar 2 nd October 2019 Andrea Lee Research Ethics and

SWSLHD Research Directorate Training Webinar 2 nd October 2019 Andrea Lee Research Ethics and Governance Coordinator Research Directorate Research Ethics and Governance Manager Jessica Grundy (oversee all office functions including

529 views • 19 slides

More recommend