Abstract :
The use of COTS (commercial off-the-shelf software) is not the panacea sometimes implied by procurers. Indeed, for safety-critical systems (SCS), it may increase costs rather than decrease them. This may be true even in the production phase of system procurement, and the risks of the support phase may outweigh any benefits gained in initial purchase costs. However, the use of COTS in SCS should neither be accepted nor rejected out of hand. Instead any proposed use of COTS in an SCS project should involve at least: (a) a cost and risk analysis, to show that there are likely to be economic benefits, and that the identified risks can be mitigated and are tolerable; and (b) the early production of a draft safety case, to be “bought off” with the procurement or certification agency, showing that there is an acceptable approach to certifying the COTS-as well as other software. These actions will not guarantee an economical or risk-free project, but they should counterbalance the frequently encountered and naive view that the use of COTS is necessarily cheaper-even in SCS
