; Hand this in to: ece849-staff+hw@ece.cmu.edu ;Required Readings @misc{leveson86_sw_safety, author = "Leveson, N.G.", title = "Software safety: why, what, and how", journal = "ACM Computing Surveys (CSUR)", year = "1986", volume = "18", number = "2", abstract = "Software safety issues become important when computers are used to control real-time, safety-critical processes. This survey attempts to explain why there is a problem, what the problem is, and what is known about how to solve it. Since this is a relatively new software research area, emphasis is placed on delineating the outstanding issues and research topics", url = "http://doi.acm.org/10.1145/7474.7528", studentname = "", summary = "", contribution1 ="", contribution2 ="", contribution3 ="", contribution4 ="", contribution5 ="", weakness1 = "", weakness2 = "", weakness3 = "", weakness4 = "", weakness5 = "", interesting = "high/med/low", opinions = "", } @article{leveson94_steam, author = "Leveson, N.G.", title = "High-pressure steam engines and computer software,", journal = "IEEE Computer", year = "1994", volume = "27", number = "10", pages = "65--73", abstract = "The introduction of computers into the control of potentially dangerous devices has led to a growing awareness of the possible contribution of software to serious accidents. The number of computer-related accidents so far has been sinall due to the restraint shown in introducing computers into safety-critical control loops. However, as the economic and technological benefits of using computers become more widely accepted, their use is increasing dramatically. We need to ensure that computers are introduced into safety-critical systems in the most responsible way possible and at a speed that does not expose pcople to undue risk. Risk induced by technological innovation existed long before computers: this is not the first timc that humans have come up with an extremely useful new technology that is potentially dangerous. We can learn from the past before wc repeat the same mistakes.", url = "http://dx.doi.org/10.1109/2.318597", studentname = "", summary = "", contribution1 ="", contribution2 ="", contribution3 ="", contribution4 ="", contribution5 ="", weakness1 = "", weakness2 = "", weakness3 = "", weakness4 = "", weakness5 = "", interesting = "high/med/low", opinions = "", } ;Supplemental Reading @Conference{Dalcher99, author = "Dalcher, D. ", title = "Lessons for the future: safety critical systems", inbook = "Proceedings ECBS'99. IEEE Conference and Workshop on Engineering of Computer-Based Systems", year = "1999", pages = "281-93", abstract = "This paper investigates the underlying flaws in the development of the LAS despatch system and compares it with similar attempts from across the globe. The common themes that seem to plague ambulance despatch systems are investigated and put into context and a set of recommendations and lessons is proposed. The question of professionalism and ethics stands out and leads to the recognition of the value of failure analysis in the context of information systems development. Failure it is argued provides a great learning opportunity that may lead, when recognised, to enhanced professionalism and future success", url = "http://ieeexplore.ieee.org/iel4/6101/16322/00755893.pdf", studentname = "", summary = "", contribution1 = "", contribution2 = "", contribution3 = "", contribution4 = "", contribution5 = "", weakness1 = "", weakness2 = "", weakness3 = "", weakness4 = "", weakness5 = "", interesting = "high/med/low", opinions = "", } @article{de Lemos95, author = "de Lemos, R. ; Saeed, A. ; Anderson, T.", title = "Analyzing safety requirements for process-control systems", journal = "IEEE Software 12,", year = "1995", pages = "42-53", number = "3", abstract = "Safety-requirements analysis is typically conducted either ad hoc or with the unbridled use of formal methods. The approach presented in this paper offers the freedom to mix formal and traditional engineering methods and apply them at different abstraction levels to give a higher assurance that the software's contribution to system risk is acceptable", url = "http://ieeexplore.ieee.org/iel1/52/8661/00382183.pdf", studentname = "", summary = "", contribution1 = "", contribution2 = "", contribution3 = "", contribution4 = "", contribution5 = "", weakness1 = "", weakness2 = "", weakness3 = "", weakness4 = "", weakness5 = "", interesting = "high/med/low", opinions = "", } @Conference{Knight02, author = "Knight, J.C. ", title = "Safety critical systems: challenges and directions", inbook = "Proceedings of the 24th International Conference on Software Engineering. ICSE 2002", year = "2002", pages = "547-50", abstract = "Safety-critical systems are those systems whose failure could result in loss of life, significant property damage or damage to the environment. There are many well-known examples in application areas such as medical devices, aircraft flight control, weapons and nuclear systems. Many modern information systems are becoming safety-critical in a general sense because financial loss and even loss of life can result from their failure. Future safety-critical systems will be more common and more powerful. From a software perspective, developing safety-critical systems in the numbers required and with adequate dependability is going to require significant advances in areas such as specification, architecture, verification and the software process. The very visible problems that have arisen in the area of information system security suggests that security is a major challenge too", url = "http://ieeexplore.ieee.org/iel5/7889/21739/01007998.pdf", studentname = "", summary = "", contribution1 = "", contribution2 = "", contribution3 = "", contribution4 = "", contribution5 = "", weakness1 = "", weakness2 = "", weakness3 = "", weakness4 = "", weakness5 = "", interesting = "high/med/low", opinions = "", } @article{Wallace92, author = "Wallace, D.R. ; Kuhn, D.R. ; Ippolito, L.M.", title = "An analysis of selected software safety standards", journal = "IEEE Aerospace and Electronics Systems Magazine 7,", year = "1992", pages = "3-14", number = "8", abstract = "Standards, draft standards, and guidelines that provide requirements for the assurance of high integrity software are studied. The focus is on identifying the attributes necessary in such documents for providing reasonable assurance for high integrity software, and on identifying the relative strengths and weaknesses of the documents. The documents vary widely in their requirements and the precision with which the requirements are expressed. Security documents tend to have a narrow focus and to be more product oriented, while safety documents tend to be broad in scope and center primarily on the software development process. It is found that overall there is little relationship between the degree of risk and the rigor of applicable standards. Recommendations are provided for a base standard for the assurance of high integrity software", url = "http://ieeexplore.ieee.org/iel3/62/3971/00151140.pdf", studentname = "", summary = "", contribution1 = "", contribution2 = "", contribution3 = "", contribution4 = "", contribution5 = "", weakness1 = "", weakness2 = "", weakness3 = "", weakness4 = "", weakness5 = "", interesting = "high/med/low", opinions = "", } @article{Leveson91, author = "Leveson, N.G.", title = "Software safety in embedded computer systems", journal = "Communications of the ACM 34,", year = "1991", pages = "34-46", number = "2", abstract = "The article proposes an approach and a research direction for software safety that extends and adapts the methods used to control risk in the larger system within which the software is embedded. The approach combines standard software-engineering techniques with proven system-safety engineering techniques and special software-safety techniques. Some of the techniques described are being used on real industrial software projects, others have not yet progressed beyond the stage of research papers. The article provides an introduction to system-safety engineering and outlines the connection between it and software safety. The remainder delineates an approach to verifying software safety", url = "http://doi.acm.org/10.1145/102792.102799", studentname = "", summary = "", contribution1 = "", contribution2 = "", contribution3 = "", contribution4 = "", contribution5 = "", weakness1 = "", weakness2 = "", weakness3 = "", weakness4 = "", weakness5 = "", interesting = "high/med/low", opinions = "", } @article{Parnas90, author = "Parnas, D.L. ; van Schouwen, A.J. ; Shu Po Kwan", title = "Evaluation of safety-critical software", journal = "Communications of the ACM 33,", year = "1990", pages = "636-48", number = "6", abstract = "Methods and approaches for testing the reliability and trustworthiness of software remain among the most controversial issues facing the age of high technology. The authors present some of the crucial questions faced by software programmers and eventual users. What standards must a software product satisfy if it is to be used in safety-critical applications? What documentation should be required? How much testing is needed? How should the software be structured?", url = "http://doi.acm.org/10.1145/78973.78974", studentname = "", summary = "", contribution1 = "", contribution2 = "", contribution3 = "", contribution4 = "", contribution5 = "", weakness1 = "", weakness2 = "", weakness3 = "", weakness4 = "", weakness5 = "", interesting = "high/med/low", opinions = "", }