NASA Software Safety Guidebook.doc

NASA Software Safety Guidebook Forward This document is a product of the NASA Software Program, an Agencywide program to promote the continual improvement of software engineering within NASA. The goals and strategies for this program are documented in the NASA Software Strategic Plan, July 13, 1995. Additional information is available from the Software IVV Facility on the world-wide-web site Contents 1. INTRODUCTION 12 1.1 Scope 12 1.2 Purpose 13 1.3 Acknowledgments 14 1.4 Associated Documents 14 1.5 Roadmap of this Guidebook 14 2. SOFTWARE SAFETY IN A SYSTEM SAFETY CONTEXT 17 2.1 What is a Hazard? 17 2.2 What Makes Software Hazardous? 18 2.2.1 What is Safety Critical Software? 19 2.2.2 How Does Software Control Hazards? 19 2.2.3 What About Hardware Controls? 19 2.2.4 Caveats with Software Controls 20 2.2.5 What is Fault Tolerance? 21 2.3 The System Safety Program 21 2.3.1 Safety Requirements Determination 22 2.4 Preliminary Hazard Analysis (PHA) 23 2.4.1 PHA Approach 24 Identifying Hazards 25 Risk Levels 26 NASA Policy for Hazard Elimination/Control 28 2.4.2 Preliminary Hazard Analysis Process 28 2.4.3 Tools and Methods for PHA 30 2.4.4 PHA is a Living Document 32 2.5 Software Subsystem Hazard Analysis 32 3. SOFTWARE SAFETY PLANNING 33 3.1 Software Development Life-cycle Approach 34 3.2 Scope of Software Subsystem Safety Effort 36 3.2.1 Identify Safety Critical Software 37 3.2.2 Categorize Safety Critical Software Subsystems 38 Software Control Categories 39 Software Hazard Criticality Matrix 40 Determine Extent of Effort 42 Oversight Required 43 Tailoring the Effort 44 .1 “Full” Software Safety Effort 45 .2 “Moderate” Software Safety Effort 45 .3 “Minimum” Software Safety Effort 46 .4 Match the Safety Activities to Meet the Development Effort 46 3.3 Incorporating Software Safety into Software Development 47 4. SAFETY CRITICAL SOFTWARE DEVELOPMENT 55 4.1 Software Concept and Initiation Phase 55 4.2 Software Requirements Phase 56 4.2.1 Development of S