Safe Comp 95 pp 419-436 | Cite as

Safety Cases for Software Application Reuse

  • P. Fenelon
  • T. P. Kelly
  • J. A. McDermid


In traditional engineering industries it is common to reuse tried and trusted components as one of the means of ensuring safety. Some low-level software components, e.g. libraries, are reused, but there are difficulties in justifying the reuse of software due to the complexity of interactions in a typical software system. This paper addresses the issue of reusing software applications by considering how to extend the safety case for the use of software in one application based on its use in another. It proposes an approach to analysing the change between two contexts of use of a software system, including analysing small changes in the software, and illustrates this through some examples based on an analysis of a reactor protection system.


Failure Mode Consequential Change Goal Structure Fault Tree Analysis Safety Case 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [Ball89]
    Preparation of Fully Developed Safety Cases in Response to the NΠ Safety Audit, P W Ball, The Nuclear Engineer, Vol. 30, No. 2, pp34–40, 1989.Google Scholar
  2. [Clarke89]
    Magnox Safety Review: Extending the Life of Britain’s Work Horses, Nuclear Energy, Vol. 28, No. 4, pp215–220, 1989.Google Scholar
  3. [Bondavalli90]
    Failure Classification with respect to Detection, A Bondavalli, L Simoncini, First Year Report: ESPRIT BRA Project 3092: Predictably Dependable Computing Systems, May 1990.Google Scholar
  4. [Fenelon93]
    An Integrated Toolset for Software Safety Analysis, P Fenelon, J A McDermid, Journal of Systems and Software, Vol. 13, pp2–16, 1993.Google Scholar
  5. [Hogberg94]
    Shutting down five reactors: reasons why and lessons learnt, L Hogberg, Nuclear Europe Worldscan, Vol. 1, No. 2, pp42–43, 1994.Google Scholar
  6. [HSE92]
    Safety assessment principles for nuclear plants, Health and Safety Executive, 1992.Google Scholar
  7. [Leveson83]
    Software Fault Tree Analysis, N Leveson, P R Harvey, Journal of Systems and Software, Vol. 3, ppl73–181, 1983.CrossRefGoogle Scholar
  8. [McDermid94]
    Support for Safety Cases and Safety Arguments using SAM, J A McDermid, Reliability Engineering and System Safety, Vol. 43, No. 2, pp111–127, 1994.CrossRefGoogle Scholar
  9. [NE91]
    Stage 9 Submission, Dungeness ‘B’ Power Station, Single Channel trip System Reliability, Nuclear Electric 1991 (Private Communication).Google Scholar
  10. [Pumfrey94]
    A Development of Hazard Analysis to Aid Software Design, D J Pumfrey, J A McDermid, In Proc. of COMPASS’94, IEEE, pp17–25, 1994.Google Scholar
  11. [Queener94]
    Reports, Standards and Safety Guides, D S Queener, Nuclear Safety, Vol. 35, No. 2, pp339–344, 1994.Google Scholar
  12. [Wilson95a]
    No more spineless safety cases: a structured method and comprehensive tool support, S P Wilson, J A McDermid, P Fenelon, P Kirkham, Proceedings of INEC’95: Second International Conference on Control and Instrumentation in Nuclear Installations, Institute of Nuclear Engineers, 1995.Google Scholar
  13. [Wilson95b]
    ASAM II User Guide, S Wilson, ASAMII/UDOC/95.1, 1995. (Available from the authors.)Google Scholar

Copyright information

© Springer-Verlag London 1995

Authors and Affiliations

  • P. Fenelon
    • 1
  • T. P. Kelly
    • 1
  • J. A. McDermid
    • 1
  1. 1.High Integrity Systems Engineering GroupUniversity of YorkHeslington, YorkUK

Personalised recommendations