Safety verification of Ada programs using software fault trees

Author

Leveson, Nancy G. ; Cha, Stephen S. ; Shimeall, T.J.

Author_Institution

California Univ., Irvine, CA, USA

Volume

8

Issue

4

fYear

1991

fDate

7/1/1991 12:00:00 AM

Firstpage

48

Lastpage

59

Abstract

The software fault-tree analysis technique is explained. It is then extended to allow its use on a more complex language involving such features as concurrency and exception handling. Ada is used as the example language because many safety-critical projects are using or planning to use Ada. It also contains complex, real-time programming facilities found in other languages used in these types of projects. Software fault-tree analysis uses failure-mode templates to generate the fault tree. The templates provided can be used to define the procedures for applying the technique to programs written in most other declarative languages. To explain the use of the templates an example Ada program, for a traffic-light-control system, is analyzed. The cost and practicality of the method and its implications for software reuse are assessed. The application of the safety analysis procedures to requirements modeling and specification languages is considered.<>

Keywords

Ada; multiprocessing programs; program verification; real-time systems; software reliability; software reusability; specification languages; system recovery; traffic computer control; Ada; concurrency; declarative languages; exception handling; failure-mode templates; real-time programming; requirements modeling; safety analysis procedures; safety-critical projects; software fault-tree analysis technique; software reuse; specification languages; traffic-light-control system; Accidents; Aerospace electronics; Certification; Fault trees; Government; Injuries; Military aircraft; Process control; Software safety; Software standards;

fLanguage

English

Journal_Title

Software, IEEE

Publisher

ieee

ISSN

0740-7459

Type

jour

DOI

10.1109/52.300036

Filename

300036