Abstract
The software implementation of the emergency shutdown feature in a major radiotherapy system was analyzed, using a directed form of code review based on module dependences. Dependences between modules are labelled by particular assumptions; this allows one to trace through the code, and identify those fragments responsible for critical features. An ‘assumption tree’ is constructed in parallel, showing the assumptions which each module makes about others. The root of the assumption tree is the critical feature of interest, and its leaves represent assumptions which, if not valid, might cause the critical feature to fail. The analysis revealed some unexpected assumptions that motivated improvements to the code.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Fenelon, P., Hebbron, B.: Applying HAZOP to software engineering models. Risk Management And Critical Protective Systems. In: Proceedings of SARSS. Altrincham, England. Safety And Reliability Society, pp. 11–116 (October 1994)
Food and Drug Admininstration. FDA Statement on Radiation Overexposures in Panama, Available at http://www.fda.gov/cdrh/ocd/panamaradexp.html
Griswold, W.G.: Coping With Software Change Using Information Transparency. Technical Report CS98-585, Department of Computer Science and Engineering, University of California, San Diego (April 1998) (revised August 1998)
Horwitz, S., Reps, T., Binkley, D.: Interprocedural slicing using dependence graphs. ACM Transactions on Programming Languages and Systems 12, 26–60 (1990)
Jackson, D., Rollins, E.J.: A New Model of Program Dependences for Reverse Engineering. In: Proc. SIGSOFT Conf. on Foundations of Software Engineering, New Orleans (December 1994)
Jackson, D.: Module dependences in software design. In: Monterey Workshop on Radical Innovations of Software and Systems Engineering in the Future, Venice, Italy (October 2002)
Jackson, D.: Dependences and decoupling. Lecture notes, 6170: Laboratory in Software Engineering. Dept. of Electrical Engineering and Computer Science. MIT, Redmond (September 2002), Available at, http://6170.lcs.mit.edu/www-archive/Old-2002-Fall/lectures/lecture-09.pdf
Leveson, N.G., Cha, S.S., Shimeall, T.J.: Safety Verification of Ada Programs Using Software Fault Trees. IEEE Software 8(4), 48–59 (1991)
Leveson, N.G., Turner, C.: An investigation of the therac-25 accidents. IEEE Computer 7(26), 18–41 (1993)
Lutz, R.R., Woodhouse, R.M.: Experience Report: Contributions of SFMEA to Requirements Analysis. pp. 44-51, Available at http://citeseer.nj.nec.com/article/lutz96experience.html
Murphy, G.C., Notkin, D., Sullivan, K.: Software Reflexion Models: Bridging the Gap Between Source and High-Level Models. In: Proceedings of the Third ACM SIGSOFT Symposium on the Foundations of Software Engineering, pp. 18–28 (1995)
O’Callahan, R., Jackson, D.: Lackwit: A program understanding tool based on type inference. In: Proceedings of the 1997 International Conference on Software Engineering (ICSE 1996), Boston, MA (May 1997)
Parnas, D.: Designing Software for Ease of Extension and Contraction. IEEE Transactions on Software Engineering SE-5(2) (1979)
Ricks, R.C., Berger, M.E., Holloway, E.C., Goans, R.E.: REACTS Radiation Accident Registry: Update of Accidents in the United States. International Radiation Protection Association (2000)
Stafford, J.A., Richardson, D.J., Wolf, A.L.: Architecture-Level Dependence Analysis for Software Systems. International Journal of Software Engineering and Knowledge Engineering 11(4), 431–451 (2001)
Red Hat, Inc. 5e Source Navigator IDE. Available at, http://sourcenav.sourceforge.net
Talarian, Inc. SmartSockets, http://www.talarian.com/rtworks.html
Weiser, M.: Program Slicing. IEEE Transactions on Software Engineering SE-10(4), 352–357 (1984)
Wong, K.: Looking at Code With Your Safety Goggles On. In: Asplund, L. (ed.) Ada-Europe 1998. LNCS, vol. 1411, p. 251. Springer, Heidelberg (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Rae, A., Jackson, D., Ramanan, P., Flanz, J., Leyman, D. (2003). Critical Feature Analysis of a Radiotherapy Machine. In: Anderson, S., Felici, M., Littlewood, B. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2003. Lecture Notes in Computer Science, vol 2788. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39878-3_18
Download citation
DOI: https://doi.org/10.1007/978-3-540-39878-3_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20126-7
Online ISBN: 978-3-540-39878-3
eBook Packages: Springer Book Archive