0

awesome-safety-critical

List of resources about programming practices for writing safety-critical software.

官方網站
Github 資源庫
主要指標

Github星跟蹤圖

awesome-safety-critical

Build Status

This is a list of resources about programming practices for writing
safety-critical software.

The starting point for me to create this resource was my interest in a solid
software:

What kind of special training do engineers working on mission-critical software receive? [closed] and its followup on Reddit.

Disclaimer: Resources presented here are not necessarily authoritative or
latest documents on the topic.

Contents

Table of Contents generated with DocToc

Friendly lists

Resilience engineering papers http://resiliencepapers.club

List of free software testing and verification resources

A curated set of links to formal methods involving provable code.

A List of companies that use Formal methods in Software engineering

A curated list of static analysis tools, linters and code quality checkers
for various programming languages

Resources

The European Cooperation for Space Standardization is an initiative established to develop a coherent, single set of user-friendly standards for use in all European space activities.

This list has a number of links from this resource.

The International System Safety Society is a non-profit organization dedicated to supporting the Safety Professional in the application of Systems Engineering and Systems Management to the process of hazard, safety and risk analysis. The Society is international in scope and draws members throughout the world. It is affiliated with major corporations, educational institutions and other agencies in the United States and abroad.

This list has a number of links from this resource.

The NASA Langley's Formal Methods Research Program of the NASA Langley Safety-Critical Avionics Systems Branch develops formal methods technology for the development of mission-critical and safety-critical digital systems of interest to NASA.

Software safety standards

  • IEC 61508

    IEC 61508 is an international standard published by the International
    Electrotechnical Commission of rules applied in industry. It is titled
    Functional Safety of Electrical/Electronic/Programmable Electronic
    Safety-related Systems (E/E/PE, or E/E/PES).

    The ISO 26262 Standard is prepared by the ISO Committee and is a derivative of the IEC 61508 standard listed above. The committee members include the major vehicle manufacturers and suppliers. It is expressly a safety standard, but includes details about Hazard Analysis and Risk Assessment and system design to detect faults and their potential failures.

    • IEC 62279

    IEC 62279 provides a specific interpretation of IEC 61508 for railway applications. It is intended to cover the development of software for railway control and protection including communications, signaling and processing systems.

    • IEC 61513

    IEC 61513 provides requirements and recommendations for the instrumentation
    and control for systems important to safety of nuclear power plants. It
    indicates the general requirements for systems that contain conventional
    hardwired equipment, computer-based equipment or a combination of both types of
    equipment.

  • DO-178C

    DO-178C, Software Considerations in Airborne Systems and
    Equipment Certification is the primary document by which the certification
    authorities such as FAA, EASA and Transport Canada approve all commercial
    software-based aerospace systems. The document is published by
    RTCA, Incorporated, in a joint effort with EUROCAE, and replaces DO-178B.
    The new document is called DO-178C/ED-12C and was completed in November 2011
    and approved by the RTCA in December 2011. It became available for sale and
    use in January 2012.

    The FAA approved AC 20-115C on 19 Jul 2013, making DO-178C a recognized
    "acceptable means, but not the only means, for showing compliance with the
    applicable airworthiness regulations for the software aspects of
    airborne systems and equipment certification." (Wikipedia)

  • ARINC standards

    The ARINC Standards are prepared by the Airlines Electronic Engineering Committee (AEEC) where Rockwell Collins and other aviation suppliers serve as a contributor in support of their airline customer base. (Wikipedia)

    ARINC 653 is a standard Real Time Operating System (RTOS) interface for partitioning of computer resources in the time and space domains. The standard also specifies Application Program Interfaces (APIs) for abstraction of the application from the underlying hardware and software.

  • MIL-STD-882E, System Safety

  • MIL-STD-1472F, Human Engineering

  • NASA-STD-8719.13B, NASA Software Safety Standard

  • ECSS-E-ST-40C, Software

  • ECSS-Q-ST-80C Rev.1 – Software product assurance

Safety handbooks

NASA's Software Safety Guidebook (pdf file). The handbook complement to the
Software Safety Standard.

From the Joint Services Computer Resources Management Group, US Navy, US Army,
And US Air Force (pdf file)

First chapter has an excellent introduction to system safety with a discussion
of the evolution of the DoD Standard 882 (DOD Standard Practice for
System Safety).

Coding guidelines

This document is based on the "C Style Guide" (SEL-94-003). It contains recommendations for C++ implementations that build on, or in some cases replace, the style described in the C style guide.

Topics

Certification

Technology Readiness Levels (TRL) are a type of measurement system used to
assess the maturity level of a particular technology. Each technology project is
evaluated against the parameters for each technology level and is then assigned
a TRL rating based on the projects progress. There are nine technology readiness
levels. TRL 1 is the lowest and TRL 9 is the highest.

Formal verification

MC/DC

This paper provides a practical 5-step approach for assessing MC/DC for
aviation software products, and an analysis of some types of errors expected
to be caught when MC/DC is achieved.

This tutorial provides a practical approach to assessing modified
condition/decision coverage (MC/DC) for aviation software products that must
comply with regulatory guidance for DO-178B level A software.

...In this paper, we present the results of an empirical study that compared
functional testing and functional testing augmented with test cases to satisfy
MC/DC coverage. The evaluation was performed during the testing of the
attitude control software for the HETE-2 (High Energy Transient Explorer)
scientific satellite...

Articles

Papers

This white paper lays out some foundational information about different
approaches to safety: how various industries differ in their approaches to
safety engineering, and a comparison of three general approaches to safety
(system safety, industrial safety engineering, and reliability engineering).
An attempt is made to lay out the properties of industries and systems that
make one approach more appropriate than another.

Reports

Common position of international nuclear regulators and authorised technical support organisations

Van Eikema Hommes, Q. D. (2016, June). Assessment of safety standards for
automotive electronic control systems. (Report No. DOT HS 812 285).
Washington, DC: National Highway Traffic Safety Administration.

Accidents

Questions and Answers

- Which languages are used for safety-critical software?

See Which languages are used for safety-critical software? [closed].

- What is the difference between mission-critical and safety-critical software?

This article contains interesting section on what is the difference between
mission-critical and safety-critical software: Military COTS-based systems: Not necessarily right off the shelf

- What kind of special training do engineers working on mission-critical software receive?

See What kind of special training do engineers working on mission-critical software receive? [closed] and its followup on Reddit. In the Reddit thread there are 2 expanded answers. The thread is also archived here.

- What are the software safety standards?

See the Software Safety Standards here in this list.

Also see on StackOverflow: Coding for high reliability/availability/security - what standards do I read?
and Software Safety Standards

- Safety-critical software and optimising compilers?

Safety-critical software and optimising compilers

- Does Rust have a chance in mission-critical software?

Does Rust have a chance in mission-critical software? (currently Ada and proven C niches)

Books

Videos

CREDC Seminar Series. Presented on November 7, 2016 by Nancy Leveson,
Professor of Aeronautics and Astronautics and Engineering Systems, MIT.
Cyber Resilient Energy Delivery Consortium (CREDC), http://cred-c.org

Dr. Richard Cook is the Professor of Healthcare Systems Safety and Chairman of the Department of Patient Safety at the Kungliga Techniska Hogskolan (the Royal Institute of Technology) in Stockholm, Sweden. He is a practicing physician, researcher and educator.

See also paper "How Complex Systems Fail".

Marcel Beemster, Solid Sands B.V. http://solidsands.nl/, http://www.LLVM.org/devmtg/2017-03/

This talk will give examples of Airbus use of Formal Methods to verify
avionics software, and summarises the integration of Formal Methods in the
upcoming ED-12/DO-178 issue C. Firstly, examples of verification based on
theorem proving or abstract interpretation will show how Airbus has already
taken advantage of the use of Formal Methods to verify avionics software.
Secondly, we will show how Formal Method for verification has been introduced
in the upcoming issue C of ED-12/DO-178.

Interviews

Safety in Medical Device Software: Questions and Answers

Press

They Write the Right Stuff

This software is the work of 260 women and men based in an anonymous office
building across the street from the Johnson Space Center in Clear Lake, Texas,
southeast of Houston. They work for the “on-board shuttle group,” a branch of
Lockheed Martin Corps space mission systems division, and their prowess is
world renowned: the shuttle software group is one of just four outfits in
the world to win the coveted Level 5 ranking of the federal governments
Software Engineering Institute (SEI) a measure of the sophistication and
reliability of the way they do their work. In fact, the SEI based it standards
in part from watching the on-board shuttle group do its work.

License





To the extent possible under law,

Stanislav Pankevich
has waived all copyright and related or neighboring rights to
awesome-safety-critical.

This list's repository contains a backup of all content presented in the list.
This is done to ensure availability of these resources in case if their original
sources become unavailable. Every link always points to its original source
unless it becomes unavailable in which case a resource from a backup is used
or a link to web.archive.org if possible.
awesome_bot tool is used to check the dead links.

主要指標

概覽
名稱與所有者stanislaw/awesome-safety-critical
主編程語言Python
編程語言Makefile (語言數: 3)
平台
許可證Creative Commons Zero v1.0 Universal
所有者活动
創建於2017-03-02 12:58:04
推送於2025-03-11 23:06:58
最后一次提交2025-03-12 00:06:35
發布數0
用户参与
星數1.6k
關注者數61
派生數93
提交數269
已啟用問題?
問題數5
打開的問題數0
拉請求數58
打開的拉請求數0
關閉的拉請求數4
项目设置
已啟用Wiki?
已存檔?
是復刻?
已鎖定?
是鏡像?
是私有?