The application of software safety standards as part of the development of safety critical software is usually considered an essential element of any safety program. Yet it is fairly rare for safety practitioners to step back and critically evaluate both the effectiveness and limitations of such standards. Naive implementations of safety standards can lead to over reliance on weak inductive arguments as to the safety of the software. Whilst incorrect requirements have been identified as a major cause of software accidents it appears that current software safety standards do not place a proportionate emphasis upon this causal factor. Additionally focusing upon the definition of process as opposed to the documentation of lessons learned the majority of software safety standards also appear inadequate to serve as repositories of the 'state of the art'. This paper examines the limitations, practical problems and issues associated with the use of current software safety standards. The evolution of software safety standards is reviewed and contrasted to the safety standards of other engineering disciplines. The paper then goes onto discuss problems with the current process based software safety standards and considers whether these standards in fact address the real causes of software related accidents. Finally the often overlooked pragmatic issues of applying safety standards are discussed. Due to space considerations the primary standards discussed are DEF-STAN 00-55 and 00-56, MIL-STD-882C, ARP 4761, ARP 4754, IEC 61508, DEF AUST 5679 and RTCA/DO-178B1.
|Cite as: Squair, M.J. (2005). Issues in the Application of Software Safety Standards. In Proc. Tenth Australian Workshop on Safety-Related Programmable Systems (SCS 2005), Sydney, Australia. CRPIT, 55. Cant, T., Ed. ACS. 13-26. |
(local if available)