Software Challenges in Achieving Space Safety

N.G. Leveson (2009), JBIS, 62, 265-272

Refcode: 2009.62.265
Keywords: Spacecraft safety, software safety, spacecraft software engineering, system and control theory, safety-driven design, reliability engineering analysis, STAMP

Techniques developed for hardware reliability and safety do not work on software-intensive systems. This is because software does not satisfy the assumptions underlying these techniques. The new problems and why the current approaches are not effective for complex, software-intensive systems are described in the first part of the article. A new approach to hazard analysis and safety-driven design is then presented. Rather than being based on reliability theory, as most current safety engineering techniques are, the new approach builds on system and control theory.


