Unformatted text preview: . Software System Safety Nancy G. Leveson MIT Aero/Astro Dept. c Copyright by the author, November 2004. VENT GEARBOX CONDENSER CATALYST VAPOR REFLUX COOLING WATER LA LC REACTOR COMPUTER Types of Accidents
Component Failure Accidents
Single or multiple component failures Usually assume random failure System Accidents
Arise in interactions among components
No components may have "failed" Caused by interactive complexity and tight coupling Exacerbated by the introduction of computers.
. . c
� Accident with No Component Failures c
� . . Safety Reliability Accidents in high−tech systems are changing their nature, and we must change our approaches to safety accordingly. . . Confusing Safety and Reliability
From an FAA report on ATC software architectures:
"The FAA’s en route automation meets the criteria for consideration as a safety−critical system. Therefore, en route automation systems must posses ultra−high reliability."...
View Full Document
- Spring '09
- Safety engineering, Hazard Analysis, safety constraints