Challenges in Assuring Highly Complex, High Volume Safety-Critical Software

  • John MacGregorEmail author
  • Simon BurtonEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11094)


Safety standards such as IEC 61508 [1] and ISO 26262 [2] were written assuming that highly complex safety-critical systems were self-contained, capital intensive, one-off products and that the assurance argument was to be renewed with every product change. In this paper, we explain how the increasing complexity, scale, continuous updates and heterogeneous nature of future safety-critical software systems requires a paradigm shift in the software safety qualification and certification processes. We examine existing approaches to software safety argumentation and explain how the essential components of the argumentation can be transferred to future software architectures and development processes. In particular, we discuss the relevance of constructive measures for ensuring safety, evidence collection to demonstrate the effectiveness and integrity of these measures and process approaches to assess the predictability of the overall quality and integrity of the software. Our aim is to provide an industrial perspective on the areas of collaboration required to transfer relevant research results into future standards.


Functional safety Complex software Development lifecycle  Reuse Selection Agile Open-source Integrity Equivalence  Measurement evidence 


  1. 1.
    International Electrotechnical Commission (IEC): Functional safety of electrical/electronic/programmable electronic safety-related systems, 2nd edn. International Electrotechnical Commission, Geneva (2010). ISBN 978-2-88910-524-3Google Scholar
  2. 2.
    ISO. ISO 26262: Road vehicles - Functional Safety. Norm (2011)Google Scholar
  3. 3.
    Beck, K., et al.: Manifesto for Agile Software Development (2001). Agile Alliance. Accessed 14 June 2010Google Scholar
  4. 4.
    OSADL: SIL2LinuxMP Webpage. Accessed 22 May 2018
  5. 5.
    MacGregor, J., et al.: Transferkonzept und Leitfaden für die Anwendung in der Praxis, SPES_XT Report. Accessed 22 May 2018
  6. 6.
    AUTOSAR Project. Accessed 16 May 2018
  7. 7.
    Clements, P., Northrop, P.: Software Product Lines: Practices and Patterns, vol. 3. Addison-Wesley, Reading (2002)Google Scholar
  8. 8.
    VDA QMC Working Group 13/Automotive SIG: Automotive SPICE Process Assessment/Reference Model (2015)Google Scholar
  9. 9.
  10. 10.
    Atlassian: Agile Tools for Software Teams. Accessed 22 May 2018
  11. 11.
    IBM: Collaborating through social coding. Accessed 22 May 2018
  12. 12.
    Doss, O., Kelly, T., Stålhane, T., Haugset, B., Dixon, M.: Integration of the 4 + 1 software safety assurance principles with scrum. In: Stolfa, J., Stolfa, S., O’Connor, R.V., Messnarz, R. (eds.) EuroSPI 2017. CCIS, vol. 748, pp. 72–82. Springer, Cham (2017). Scholar
  13. 13.
    Oliveira, P., Ferreira, A.L., Dias, D., Pereira, T., Monteiro, P., Machado, R.J.: An analysis of the commonality and differences between ASPICE and ISO26262 in the context of software development. In: Stolfa, J., Stolfa, S., O’Connor, R.V., Messnarz, R. (eds.) EuroSPI 2017. CCIS, vol. 748, pp. 216–227. Springer, Cham (2017). Scholar
  14. 14.
    Hawkins, R.: Software safety assurance-what is sufficient? (2009)Google Scholar
  15. 15.
    Ye, F., Kelly, T.: COTS product selection for safety-critical systems. In: Kazman, R., Port, D. (eds.) Proceedings of ICCBSS 2004. LNCS, vol. 2959, pp. 53–62. Springer, Heidelberg (2004). Scholar
  16. 16.
    Boyer, A., et al.: methods and techniques for contract-based safety analysis, SPES_XT Report. Accessed 22 May 2018
  17. 17.
    Platschek, A., Mc Guire, N., Bulwahn, L.: Certifying Linux_ Lessons Learned in Three Years of SIL2LinuxMP. Accessed 22 May 2018
  18. 18.
    Hotz, L., et al.: Configuration in Industrial Product Families: The ConIPF Methodology. IOS Press Inc, Amsterdam (2006)Google Scholar
  19. 19.
    ISO: ISO/IEC 15504 (Information technology — Process assessment). International Organization for Standardization, Geneva, Switzerland (2003)Google Scholar
  20. 20.
    Basili, V.R.: Software modeling and measurement: the Goal/Question/Metric paradigm (1992)Google Scholar
  21. 21.
    Luo, Y., et al.: Metrics design for safety assessment. Inf. Softw. Technol. 73, 151–163 (2016)CrossRefGoogle Scholar
  22. 22.
    ISO/IEC: Systems and Software Engineering –Measurement Process, ISO/IEC 15939:2008. International Organization for Standardization/International Electrotechnical Commission, Geneva, Switzerland (2007)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.Robert Bosch GmbHStuttgartGermany

Personalised recommendations