Open Architecture: What System Safety?

A Starting Point for Open Architecture Safety Requirements?

An open architecture requires the integration of a common computing environment, common user functions, and unique user functions; consequently, there are common physical, functional, and operational safety requirements to enable system of system integration[1]; consider including:

• Modular design to enable integration of common user functions, and unique user functions

• Modular and hierarchy segregation between high-level and low-level safety-critical functions?

• On-going safety certification to enable system of system integration and safety assurance

• Common system safety validation and verification methods for software, firmware, hardware, environment, and human-related hazard controls

• Consistent safety-related testing: regression tests, stress tests, decision tests, go/no-go tests, static and dynamic tests, integration tests, safety V&V tests, operational tests, functional tests

• Common standardized system safety analyses methods and techniques

• The acquiring data and information concerning past history, service history, past use, intended use, accidents, and incidents

• Compatibility with interfacing operating systems

• Isolation and protection for safety-critical systems

• Assurance of continued integrity of safety-critical functions

• Assurance of communication to and from safety-critical systems: handshaking, security controls, conformation

• Limit and reasonableness checks

• Boundary checks, data expectation, format and value limitations

• Throughput, latency, and timing checks

• Health monitoring of system: hardware and firmware

• Self correction, self repair of safety –critical functions and systems

• Data flow sequence verification

• Failsafe designs in the event of failure, error, malfunction, anomaly

• Consistent data typing, naming conventions

• Standard interface protocol

• Architecturally based testing, more testing based upon compatibility between computing environments, operating systems

• Memory protection

• Failure propagation prevention

• Real-time system state status indication?

• Real-time feedback to operators

• Command and control protocols prior to initiation of hazardous function

• Use of interlocks, lockins, safety devices

• Protection against inadvertent operation

• Progressive quality engineering

• Configuration and logistical control

• Verification of human interface

• Physical protection from environment

• Multi-level hazard control

• Consistent documentation throughout system life cycle

• Behavioral-based safety controls throughout system life cycle

• Error tolerance controls throughout system life cycle

[1]?Many of the controls that address OA design have been discussed within the following presentation: Naylor, W., Shank, B., McVae, L., Maintaining Safety in an Open Architecture Environment, System Engineering Advisory Group (SEAG) Symposium 2009,??May 2009.