/awesome-safety-critical

List of resources about programming practices for writing safety-critical software.

Primary LanguageMakefileCreative Commons Zero v1.0 UniversalCC0-1.0

awesome-safety-critical

Build Status

This is a list of resources about programming practices for writing safety-critical software.

The starting point for me to create this resource was my interest in a solid software:

What kind of special training do engineers working on mission-critical software receive? [closed] and its followup on Reddit.

Disclaimer: I don't work on safety-critical software. Resources presented here are not necessarily authoritative or latest documents on topic.

Contents

Table of Contents generated with DocToc

Friendly lists

List of free software testing and verification resources

A curated set of links to formal methods involving provable code.

A List of companies that use Formal methods in Software engineering

A curated list of static analysis tools, linters and code quality checkers for various programming languages

Resources

The European Cooperation for Space Standardization is an initiative established to develop a coherent, single set of user-friendly standards for use in all European space activities.

This list has a number of links from this resource.

The International System Safety Society is a non-profit organization dedicated to supporting the Safety Professional in the application of Systems Engineering and Systems Management to the process of hazard, safety and risk analysis. The Society is international in scope and draws members throughout the world. It is affiliated with major corporations, educational institutions and other agencies in the United States and abroad.

This list has a number of links from this resource.

The NASA Langley's Formal Methods Research Program of the NASA Langley Safety-Critical Avionics Systems Branch develops formal methods technology for the development of mission-critical and safety-critical digital systems of interest to NASA.

Software safety standards

IEC 61508 is an international standard published by the International Electrotechnical Commission of rules applied in industry. It is titled Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems (E/E/PE, or E/E/PES).

DO-178C, Software Considerations in Airborne Systems and Equipment Certification is the primary document by which the certification authorities such as FAA, EASA and Transport Canada approve all commercial software-based aerospace systems. The document is published by RTCA, Incorporated, in a joint effort with EUROCAE, and replaces DO-178B. The new document is called DO-178C/ED-12C and was completed in November 2011 and approved by the RTCA in December 2011. It became available for sale and use in January 2012.

The FAA approved AC 20-115C on 19 Jul 2013, making DO-178C a recognized "acceptable means, but not the only means, for showing compliance with the applicable airworthiness regulations for the software aspects of airborne systems and equipment certification." (Wikipedia)

The ARINC Standards are prepared by the Airlines Electronic Engineering Committee (AEEC) where Rockwell Collins and other aviation suppliers serve as a contributor in support of their airline customer base. (Wikipedia)

The ISO 26262 Standard is prepared by the ISO Committee and is a derivative of the IEC 61508 standard listed above. The committee members include the major vehicle manufacturers and suppliers. It is expressly a safety standard, but includes details about Hazard Analysis and Risk Assessment and system design to detect faults and their potential failures.

Safety guidebooks

NASA's Software Safety Guidebook (pdf file). The handbook complement to the Software Safety Standard.

From the Joint Services Computer Resources Management Group, US Navy, US Army, And US Air Force (pdf file)

First chapter has an excellent introduction to system safety with a discussion of the evolution of the DoD Standard 882 (DOD Standard Practice for System Safety).

Coding guidelines

This document is based on the "C Style Guide" (SEL-94-003). It contains recommendations for C++ implementations that build on, or in some cases replace, the style described in the C style guide.

Topics

Certification

Technology Readiness Levels (TRL) are a type of measurement system used to assess the maturity level of a particular technology. Each technology project is evaluated against the parameters for each technology level and is then assigned a TRL rating based on the projects progress. There are nine technology readiness levels. TRL 1 is the lowest and TRL 9 is the highest.

Formal verification

MC/DC

This paper provides a practical 5-step approach for assessing MC/DC for aviation software products, and an analysis of some types of errors expected to be caught when MC/DC is achieved.

This tutorial provides a practical approach to assessing modified condition/decision coverage (MC/DC) for aviation software products that must comply with regulatory guidance for DO-178B level A software.

...In this paper, we present the results of an empirical study that compared functional testing and functional testing augmented with test cases to satisfy MC/DC coverage. The evaluation was performed during the testing of the attitude control software for the HETE-2 (High Energy Transient Explorer) scientific satellite...

Articles

Papers

This white paper lays out some foundational information about different approaches to safety: how various industries differ in their approaches to safety engineering, and a comparison of three general approaches to safety (system safety, industrial safety engineering, and reliability engineering). An attempt is made to lay out the properties of industries and systems that make one approach more appropriate than another.

Accidents

Questions and Answers

- Which languages are used for safety-critical software?

See Which languages are used for safety-critical software? [closed].

- What is the difference between mission-critical and safety-critical software?

This article contains interesting section on what is the difference between mission-critical and safety-critical software: Military COTS-based systems: Not necessarily right off the shelf

- What kind of special training do engineers working on mission-critical software receive?

See What kind of special training do engineers working on mission-critical software receive? [closed] and its followup on Reddit. In the Reddit thread there are 2 expanded answers. The thread is also archived here.

- What are the software safety standards?

See the Software Safety Standards here in this list.

Also see on StackOverflow: Coding for high reliability/availability/security - what standards do I read? and Software Safety Standards

- Safety-critical software and optimising compilers?

Safety-critical software and optimising compilers

- Does Rust have a chance in mission-critical software?

Does Rust have a chance in mission-critical software? (currently Ada and proven C niches)

Books

Videos

CREDC Seminar Series. Presented on November 7, 2016 by Nancy Leveson, Professor of Aeronautics and Astronautics and Engineering Systems, MIT. Cyber Resilient Energy Delivery Consortium (CREDC), http://cred-c.org

Dr. Richard Cook is the Professor of Healthcare Systems Safety and Chairman of the Department of Patient Safety at the Kungliga Techniska Hogskolan (the Royal Institute of Technology) in Stockholm, Sweden. He is a practicing physician, researcher and educator.

See also paper "How Complex Systems Fail".

Marcel Beemster, Solid Sands B.V. http://solidsands.nl/, http://www.LLVM.org/devmtg/2017-03/

This talk will give examples of Airbus use of Formal Methods to verify avionics software, and summarises the integration of Formal Methods in the upcoming ED-12/DO-178 issue C. Firstly, examples of verification based on theorem proving or abstract interpretation will show how Airbus has already taken advantage of the use of Formal Methods to verify avionics software. Secondly, we will show how Formal Method for verification has been introduced in the upcoming issue C of ED-12/DO-178.

Interviews

Safety in Medical Device Software: Questions and Answers

Press

They Write the Right Stuff

This software is the work of 260 women and men based in an anonymous office building across the street from the Johnson Space Center in Clear Lake, Texas, southeast of Houston. They work for the “on-board shuttle group,” a branch of Lockheed Martin Corps space mission systems division, and their prowess is world renowned: the shuttle software group is one of just four outfits in the world to win the coveted Level 5 ranking of the federal governments Software Engineering Institute (SEI) a measure of the sophistication and reliability of the way they do their work. In fact, the SEI based it standards in part from watching the on-board shuttle group do its work.

License

CC0
To the extent possible under law, Stanislav Pankevich has waived all copyright and related or neighboring rights to awesome-safety-critical.

This list's repository contains a backup of all content presented in the list. This is done to ensure availability of these resources in case if their original sources become unavailable. Every link always points to its original source unless it becomes unavailable in which case a resource from a backup is used or a link to web.archive.org if possible. awesome_bot tool is used to check the dead links.