Projects and Publications - Error Classification and Analysis for High Integrity Software

H. Hecht, D. Wallace, "Error Classification and Analysis for High Integrity Software", The 1996 American Nuclear Society International Topical Meeting on Nuclear Plant Instrumentation, Control and Human- Machine Technology, Pennsylvania State University, USA, May, 1996

High integrity software includes that in aircraft flight control, nuclear reactor safety systems, and portions of the ground based air traffic control. One of the best known specifications for such software establishes a maximum tolerable failure rates for the most severe modes of 10-10/flight-hr.[ FAA88]. Demonstration of the attainment of such low failure rates is not possible by the established methods of software reliability estimation, e. .g, [MUSA87]. Indeed, a large fraction of the development cost of high integrity systems must be devoted to the assessment of their dependability through software quality assurance, inspection and test. Yet most serious students of the field agree that none of the assessment methods and tools currently employed provides an estimate that has a high correlation with the achieved dependability for the required high reliability levels. Because we do not know what and how much the individual steps of the assessment contribute to assurance of freedom from failure (and the validity of the estimate), there is a distinct possibility that the efficiency of the effort could be much improved. Similar uncertainty exists regarding the value of development methodologies and tools for the attainment of extremely high software reliability. The total development and assessment cost for high integrity systems is so large that even a small reduction of the effort by replacement of ineffective with more effective procedures will result in large economic benefits.