Outline. Outline. Assurance Cases: The Safety Case. Things I Like Safety-Critical Systems. Assurance Case Has To Be Right
|
|
- Alexander Floyd
- 5 years ago
- Views:
Transcription
1 Assurance Cases: New Directions & New Opportunities* John C. Knight University of Virginia February, 2008 *Funded in part by: the National Science Foundation & NASA A summary of several research topics from our group at UVA Topics covered: Assurance argument fallacies Accident investigation Assurance based development Assurance based communication New directions in certification More details available from papers 2 University of Virginia Things I Like Safety-Critical Systems 3 University of Virginia 4 University of Virginia The Safety Case comprehensive and defensible argument that a system is acceptably safe to operate in a particular context. [T. Kelly] The safety case communicates: High-level safety objectives Evidence that objectives have been met Argument linking evidence to objectives Assumptions, justifications, and other context Does it always communicate: Accurately? Completely? 5 University of Virginia Assurance Case Has To Be Right Can we construct arguments that are free of fallacies? Can we check arguments? What is the effect of a fallacy? What should certifiers do with assurance cases? Let s look at some published assurance cases (actually safety cases) 6 University of Virginia
2 Safety Case Survey Eurocontrol RVSM Reduced Vertical Separation Minimum Examined three industry safety cases: Eurocontrol RVSM Pre-Implementation SC Eurocontrol Whole Airspace ATM SC Opalinus Clay Waste Repository SC Fallacy Using the Wrong Reasons Drawing the Wrong Conclusion Red Herring A 5 3 B 5 Total 6 3 Two reviewers noted frequency and nature of fallacies observed in each safety case. Fallacious Use of Language Hasty Inductive Generalization Omission of Key Evidence Total University of Virginia 8 University of Virginia Fallacious Argument Example G2.3 Red What Herring Is Wrong Here? G2.3.. FC RVSM & Transition Training specified. G FC Aircraft Contingency training specified. S2.3.. St2.3. Argue that there is sufficient direct evidence of flight crew training design validity. G Flight planning training specified. Flight crew training design complies with safety requirements. G Hazards and risks controlled and mitigated. S Arguing From Ignorance? Absence of outstanding issues with the potential to compromise safety The current safety analysis, despite a wide range of of assessment cases that were derived in in a careful and methodical way, has not identified any outstanding issues with the potential to to compromise safety. Opalinus Clay Clay Safety Case PISC & PISC University of Virginia 0 University of Virginia Assurance Case Fallacy Taxonomy So go ask the philosophers Circular Reasoning Circular Argument Circular Definition Diversionary Arguments Irrelevant Premise Verbose Argument Fallacious Appeals Appeal to Common Practice Appeal to Improper/Anonymous Authority Appeal to Money Appeal to Novelty Association Fallacy Genetic Fallacy Mathematical Fallacies Faith in Probability Gambler s Fallacy Insufficient Sample Size Pseudo-Precision Unrepresentative Sample Unsupported Assertions Arguing from Ignorance Unjustified Comparison Unjustified Distinction Anecdotal Arguments Correlation Implies Causation Damning the Alternatives Destroying the Exception Destroying the Rule False Dichotomy Omission of Key Evidence Omission of Key Evidence Fallacious Composition Fallacious Division Ignoring Available Counter-Evidence Oversimplification Linguistic Fallacies Ambiguity Equivocation Suppressed Quantification Vacuous Explanation Vagueness University of Virginia 2 University of Virginia
3 C0 System hazard analysis C04 A320 flight envelope G03 Control logic enforces flight envelope constraints on pilot. C03 A320 FCS operating procedures ST0 Argument by addressing all credible hazards G02 Hazard of aircraft exiting flight envelope sufficiently mitigated. G05 Direct control law provides pilot override mechanism. S0 Control logic design G0 Airbus A320 FCS is safe to operate. ST02 Argument for compliance with applicable safety regulations G04 Control logic will not command hazardous maneuver. S02 Model checking analysis C02 DO-78B standard Verification Approach Developer Fallacy Taxonomy Legend G: Goal (property to be shown) C: Context (inclusion indicated by ) ST: Strategy (type of argument being made to support goal) S: Solution (factual basis for the argument) : remains to be supported Certifier Management 3 University of Virginia 4 University of Virginia Suppose Argument Is Wrong Despite verification of assurance case, it might still contain fallacies Effect might be to lead to failure: Accident during operation System not safe despite developers thinking it was If fallacy or fallacies remain, assurance case is map for finding it Base accident investigation on assurance case 5 University of Virginia Enhanced Assurance Case Lifecycle Failure Known Fallacies Assurance Case Pandora Fallacy Taxonomy New Fallacies Pandora Accident Investigation Process Lessons 6 University of Virginia Assurance Based Development Primary goal: Focus on the assurance case, not the software Approach: Define top-level goal as to solve the problem Develop the assurance case completely This implies creation of the evidence Part of the evidence is the software development artifacts Not taking this approach leaves assurance in doubt Traditional development is going after the wrong goal 7 University of Virginia 8 University of Virginia
4 Assurance Based Development Requirements Software Development Required Evidence Supplied Evidence Goals Assurance Case Development Software Assurance Case 9 University of Virginia 20 University of Virginia Communications Graph Bringing Things Together Domain Experts Regulators Systems Engineers Software Engineers How crucial is this communication? General Public Content? Notations? Validation? Verification? 2 University of Virginia Make communication during development explicit in the safety/assurance case Establishes necessary communications quality as a goal Develop assurance/safety argument that communications goal will be met Incorporate appropriate techniques: Formal languages, CLEAR, etc. 22 University of Virginia Requirements Argument G. The system is fit for use Better Requirements Argument G. The system is fit for use This is a very different way to look at things G.. Any system that is fit for use G.2. Any system that meets the specification G.3. The system meets the specification G.. Any system that is fit for use G.2. Any system that meets the specification G.3. The system meets the specification G... The technique used to capture requirements produces complete and correct requirements G..2. The technique used to review requirements catches incorrect or missing requirements Legend Assurance claim Is supported by G... The domain experts' understanding of the problem to be solved is complete and correct G..2. The domain experts' understanding of the problem to be solved is adequately conveyed by the requirements document to its readers 23 University of Virginia 24 University of Virginia
5 Determining Airworthiness Of Unmanned Air Systems Project being conducted for Navy Air Command Unmanned Air Systems present new challenges for Navy Air Approach based on safety cases Significant overlap with challenge faced by FDA Challenge: Aircraft come from variety of manufacturers Manufacturers do not develop comprehensive evidence Need to certify because of aircraft s immediate value 25 University of Virginia 26 University of Virginia UAS Airworthiness Challenge Is the FDA similar? Strength of a Safety Case Compelling Argument Navy Airworthiness Certification UAS Manufacturing Construct based on available rather than desired evidence Safety Case Or Or Reveal Necessary Evidence or or Argument Defines Valid Operational Contexts 27 University of Virginia 28 University of Virginia Multiple Safety Cases For Single Aircraft Conclusion Safety Cases Patrol Monitoring Iraq Iraq Marine Surveillance East East Coast Crowd Monitoring Manhattan Assurance of dependability is crucial We need to know that the system will operate properly Presently we hope it is achieved by: Ad hoc methods and experience Prescribed, rigid processes In Assurance Based Development: Assurance case is the focus, not the software Development decisions influenced by impact on assurance Allows a precise selection of development techniques 29 University of Virginia 30 University of Virginia
6 Contact address: For more information see: University of Virginia
Principled Construction of Software Safety Cases
Principled Construction of Software Safety Cases Richard Hawkins, Ibrahim Habli, Tim Kelly Department of Computer Science, University of York, UK Abstract. A small, manageable number of common software
More informationEngineering, Communication, and Safety
Engineering, Communication, and Safety John C. Knight and Patrick J. Graydon Department of Computer Science University of Virginia PO Box 400740, Charlottesville, Virginia 22904-4740, U.S.A {knight graydon}@cs.virginia.edu
More informationMAXIMISING THE ATM POSITIVE CONTRIBUTION TO SAFETY - A
MAXIMISING THE ATM POSITIVE CONTRIBUTION TO SAFETY - A BROADER APPROACH TO SAFETY ASSESSMENT D Fowler*, E Perrin R Pierce * EUROCONTROL, France, derek.fowler.ext@ eurocontrol.int EUROCONTROL, France, eric.perrin@eurocontrol.int
More informationDeviational analyses for validating regulations on real systems
REMO2V'06 813 Deviational analyses for validating regulations on real systems Fiona Polack, Thitima Srivatanakul, Tim Kelly, and John Clark Department of Computer Science, University of York, YO10 5DD,
More informationA FLEXIBLE APPROACH TO AUTHORIZATION OF UAS SOFTWARE
A FLEXIBLE APPROACH TO AUTHORIZATION OF UAS SOFTWARE P. Graydon, J. Knight, K. Wasson Department of Computer Science, University of Virginia, Charlottesville, VA Abstract Unmanned Aircraft Systems (UASs)
More informationScientific Certification
Scientific Certification John Rushby Computer Science Laboratory SRI International Menlo Park, California, USA John Rushby, SR I Scientific Certification: 1 Does The Current Approach Work? Fuel emergency
More informationSystem Safety. M12 Safety Cases and Arguments V1.0. Matthew Squair. 12 October 2015
System Safety M12 Safety Cases and Arguments V1.0 Matthew Squair UNSW@Canberra 12 October 2015 1 Matthew Squair M12 Safety Cases and Arguments V1.0 1 Introduction 2 Overview 3 Methodology 4 But do safety
More informationFocusing Software Education on Engineering
Introduction Focusing Software Education on Engineering John C. Knight Department of Computer Science University of Virginia We must decide we want to be engineers not blacksmiths. Peter Amey, Praxis Critical
More informationTowards a multi-view point safety contract Alejandra Ruiz 1, Tim Kelly 2, Huascar Espinoza 1
Author manuscript, published in "SAFECOMP 2013 - Workshop SASSUR (Next Generation of System Assurance Approaches for Safety-Critical Systems) of the 32nd International Conference on Computer Safety, Reliability
More informationCRITICAL READING SKILLS
CRITICAL READING SKILLS (1) ESSAY BASICS: O Title topic + main idea O Thesis topic + main idea + support O Support order, tone, relevance, accuracy O Conclusion reiteration, justification, conclusions,
More informationMy 36 Years in System Safety: Looking Backward, Looking Forward
My 36 Years in System : Looking Backward, Looking Forward Nancy Leveson System safety engineer (Gary Larsen, The Far Side) How I Got Started Topics How I Got Started Looking Backward Looking Forward 2
More informationPreliminary Safety Case for Enhanced Air Traffic Services in Non-Radar Areas using ADS-B surveillance PSC ADS-B-NRA
EUROPEAN ORGANISATION FOR THE SAFETY OF AIR NAVIGATION EUROCONTROL Preliminary Safety Case for Enhanced Air Traffic Services in Non-Radar Areas using ADS-B surveillance PSC ADS-B-NRA Edition : 1.0 Edition
More informationCompliance & Safety. Mark-Alexander Sujan Warwick CSI
Compliance & Safety Mark-Alexander Sujan Warwick CSI What s wrong with this equation? Safe Medical Device #1 + Safe Medical Device #2 = Unsafe System (J. Goldman) 30/04/08 Compliance & Safety 2 Integrated
More informationAssurance Cases The Home for Verification*
Assurance Cases The Home for Verification* (Or What Do We Need To Add To Proof?) John Knight Department of Computer Science & Dependable Computing LLC Charlottesville, Virginia * Computer Assisted A LIMERICK
More informationROI of Dependability Activities
ROI of Dependability Activities Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 June 29, 2008 (Contractors) Don t understand dependability They don t understand how to evaluate
More informationValidation of ultra-high dependability 20 years on
Bev Littlewood, Lorenzo Strigini Centre for Software Reliability, City University, London EC1V 0HB In 1990, we submitted a paper to the Communications of the Association for Computing Machinery, with the
More informationSAFETY CASES: ARGUING THE SAFETY OF AUTONOMOUS SYSTEMS SIMON BURTON DAGSTUHL,
SAFETY CASES: ARGUING THE SAFETY OF AUTONOMOUS SYSTEMS SIMON BURTON DAGSTUHL, 17.02.2017 The need for safety cases Interaction and Security is becoming more than what happens when things break functional
More information1. MacBride s description of reductionist theories of modality
DANIEL VON WACHTER The Ontological Turn Misunderstood: How to Misunderstand David Armstrong s Theory of Possibility T here has been an ontological turn, states Fraser MacBride at the beginning of his article
More informationA FORMAL METHODS APPROACH TO THE ANALYSIS OF MODE CONFUSION
A FORMAL METHODS APPROACH TO THE ANALYSIS OF MODE CONFUSION Ricky W. Butler, NASA Langley Research Center, Hampton, Virginia Steven P. Miller, Rockwell Collins, Cedar Rapids, Iowa James N. Potts, Rockwell
More informationACAS Xu UAS Detect and Avoid Solution
ACAS Xu UAS Detect and Avoid Solution Wes Olson 8 December, 2016 Sponsor: Neal Suchy, TCAS Program Manager, AJM-233 DISTRIBUTION STATEMENT A. Approved for public release: distribution unlimited. Legal
More informationAIRWORTHINESS & SAFETY: ARE WE MISSING A LINK?
AIRWORTHINESS & SAFETY: ARE WE MISSING A LINK? Dr. Nektarios Karanikas, CEng, PMP, GradIOSH, MRAeS, MIET, Lt. Col. (ret.) Associate Professor of Safety & Human Factors Aviation Academy Cranfield University
More informationA FRAMEWORK FOR PERFORMING V&V WITHIN REUSE-BASED SOFTWARE ENGINEERING
A FRAMEWORK FOR PERFORMING V&V WITHIN REUSE-BASED SOFTWARE ENGINEERING Edward A. Addy eaddy@wvu.edu NASA/WVU Software Research Laboratory ABSTRACT Verification and validation (V&V) is performed during
More informationA New Systems-Theoretic Approach to Safety. Dr. John Thomas
A New Systems-Theoretic Approach to Safety Dr. John Thomas Outline Goals for a systemic approach Foundations New systems approaches to safety Systems-Theoretic Accident Model and Processes STPA (hazard
More informationBackground T
Background» At the 2013 ISSC, the SAE International G-48 System Safety Committee accepted an action to investigate the utility of the Safety Case approach vis-à-vis ANSI/GEIA-STD- 0010-2009.» The Safety
More informationFault Management Architectures and the Challenges of Providing Software Assurance
Fault Management Architectures and the Challenges of Providing Software Assurance Presented to the 31 st Space Symposium Date: 4/14/2015 Presenter: Rhonda Fitz (MPL) Primary Author: Shirley Savarino (TASC)
More informationSAFETY CASE PATTERNS REUSING SUCCESSFUL ARGUMENTS. Tim Kelly, John McDermid
SAFETY CASE PATTERNS REUSING SUCCESSFUL ARGUMENTS Tim Kelly, John McDermid Rolls-Royce Systems and Software Engineering University Technology Centre Department of Computer Science University of York Heslington
More informationHuman Factors Points to Consider for IDE Devices
U.S. FOOD AND DRUG ADMINISTRATION CENTER FOR DEVICES AND RADIOLOGICAL HEALTH Office of Health and Industry Programs Division of Device User Programs and Systems Analysis 1350 Piccard Drive, HFZ-230 Rockville,
More informationThe Privacy Case. Matching Privacy-Protection Goals to Human and Organizational Privacy Concerns. Tudor B. Ionescu, Gerhard Engelbrecht SIEMENS AG
The Privacy Case Matching Privacy-Protection Goals to Human and Organizational Privacy Concerns Tudor B. Ionescu, Gerhard Engelbrecht SIEMENS AG Agenda Introduction Defining the privacy case Privacy-relevant
More informationPutting the Systems in Security Engineering An Overview of NIST
Approved for Public Release; Distribution Unlimited. 16-3797 Putting the Systems in Engineering An Overview of NIST 800-160 Systems Engineering Considerations for a multidisciplinary approach for the engineering
More informationICAO/IMO JOINT WORKING GROUP ON HARMONIZATION OF AERONAUTICAL AND MARITIME SEARCH AND RESCUE (ICAO/IMO JWG-SAR)
International Civil Aviation Organization ICAO/IMO JWG-SAR/13-WP/3 30/6/06 WORKING PAPER ICAO/IMO JOINT WORKING GROUP ON HARMONIZATION OF AERONAUTICAL AND MARITIME SEARCH AND RESCUE (ICAO/IMO JWG-SAR)
More informationARGUING THE SAFETY OF MACHINE LEARNING FOR HIGHLY AUTOMATED DRIVING USING ASSURANCE CASES LYDIA GAUERHOF BOSCH CORPORATE RESEARCH
ARGUING THE SAFETY OF MACHINE LEARNING FOR HIGHLY AUTOMATED DRIVING USING ASSURANCE CASES 14.12.2017 LYDIA GAUERHOF BOSCH CORPORATE RESEARCH Arguing Safety of Machine Learning for Highly Automated Driving
More informationHuman Factors: Unknowns, Knowns and the Forgotten
Human Factors: Unknowns, Knowns and the Forgotten Peter C. Burns Standards Research & Development, Motor Vehicle Safety Transport Canada 2018 SIP-adus Workshop: Human Factors 1 Outline Examples of bad
More informationPotential co-operations between the TCAS and the ASAS
Potential co-operations between the TCAS and the ASAS An Abeloos, Max Mulder, René van Paassen Delft University of Technology, Faculty of Aerospace Engineering, Kluyverweg 1, 2629 HS Delft, the Netherlands
More informationHARMONIZING AUTOMATION, PILOT, AND AIR TRAFFIC CONTROLLER IN THE FUTURE AIR TRAFFIC MANAGEMENT
26 TH INTERNATIONAL CONGRESS OF THE AERONAUTICAL SCIENCES HARMONIZING AUTOMATION, PILOT, AND AIR TRAFFIC CONTROLLER IN THE FUTURE AIR TRAFFIC MANAGEMENT Eri Itoh*, Shinji Suzuki**, and Vu Duong*** * Electronic
More informationEvaluation of the Three-Year Grant Programme: Cross-Border European Market Surveillance Actions ( )
Evaluation of the Three-Year Grant Programme: Cross-Border European Market Surveillance Actions (2000-2002) final report 22 Febuary 2005 ETU/FIF.20040404 Executive Summary Market Surveillance of industrial
More informationTHE USE OF A SAFETY CASE APPROACH TO SUPPORT DECISION MAKING IN DESIGN
THE USE OF A SAFETY CASE APPROACH TO SUPPORT DECISION MAKING IN DESIGN W.A.T. Alder and J. Perkins Binnie Black and Veatch, Redhill, UK In many of the high hazard industries the safety case and safety
More informationTulips, Potatoes, Apples, ISO 9001 and the CMMI
Your Catalyst to Enhanced Awareness Process Technology Results Tulips, Potatoes, Apples, ISO 9001 and the CMMI Nelson Perez July 28, 2009 Topics Influence Enabling Successful Improvement Not Just Man Over
More informationRequirements and Safety Cases
Requirements and Safety Cases Prof. Chris Johnson, School of Computing Science, University of Glasgow. johnson@dcs.gla.ac.uk http://www.dcs.gla.ac.uk/~johnson Introduction Safety Requirements: Functional
More informationFebruary 4, 2004 PROPOSAL FOR DECISION PROCEDURAL HISTORY. Mark Helmueller, Hearings Examiner
February 4, 2004 OIL AND GAS DOCKET NO. 01-0236356 APPLICATION OF L.O. OIL AND GAS, L.L.C., TO CONSIDER AN EXCEPTION TO STATEWIDE RULE 21 TO ALLOW PRODUCTION BY SWABBING, BAILING, OR JETTING OF WELL NO.
More informationArchitecture-Led Safety Process
Architecture-Led Safety Process Peter H. Feiler Julien Delange David P. Gluch John D. McGregor December 2016 TECHNICAL REPORT CMU/SEI-2016-TR-012 Software Solutions Division http://www.sei.cmu.edu Copyright
More informationV & V of Flight-Critical Systems. Guillaume Brat, NASA ARC
V & V of Flight-Critical Systems Guillaume Brat, NASA ARC NASA Aviation Safety Program Beavercreek, Ohio 15 June 2010 S5 1 NextGen and JPDO By 2025, U.S. air traffic is predicted to increase 2 to 3 times.
More informationLecture 18 - Counting
Lecture 18 - Counting 6.0 - April, 003 One of the most common mathematical problems in computer science is counting the number of elements in a set. This is often the core difficulty in determining a program
More informationDr. Abi-El-Mona/ClinPrac/Sp10
ADDENDUM TO THE CLINICAL PRACTICE TEACHER CANDIDATE PERFORMANCE EVALUATION INDICATORS SPECIFIC TO THE SCIENCE EDUCATION PROGRAM ROWAN UNIVERSITY COLLEGE OF EDUCATION SUBJECT-MATTER EDUCATION SPRING 2010
More informationETSO.DevP.05 1/5. 1 Cf. EASA Web:
Deviations requests for an ETSO approval for CS-ETSO applicable to various aircraft instruments (ETSO-C10b, -C45a, -C46a) and ETSO-2C126 ELT Consultation Paper 1. Introductory note The hereby presented
More informationTHE LABORATORY ANIMAL BREEDERS ASSOCIATION OF GREAT BRITAIN
THE LABORATORY ANIMAL BREEDERS ASSOCIATION OF GREAT BRITAIN www.laba-uk.com Response from Laboratory Animal Breeders Association to House of Lords Inquiry into the Revision of the Directive on the Protection
More informationIntermediate Systems Acquisition Course. Lesson 2.2 Selecting the Best Technical Alternative. Selecting the Best Technical Alternative
Selecting the Best Technical Alternative Science and technology (S&T) play a critical role in protecting our nation from terrorist attacks and natural disasters, as well as recovering from those catastrophic
More informationM&S Requirements and VV&A: What s the Relationship?
M&S Requirements and VV&A: What s the Relationship? Dr. James Elele - NAVAIR David Hall, Mark Davis, David Turner, Allie Farid, Dr. John Madry SURVICE Engineering Outline Verification, Validation and Accreditation
More informationHuman Error and the Failure of Imagination: A Preface to HESSD 2004
Human Error and the Failure of Imagination: A Preface to HESSD 2004 The papers in this collection address the problem of developing systems that support human interaction with complex, safety-critical
More informationTutorial, CPS PI Meeting, DC 3 5 Oct 2013
Tutorial, CPS PI Meeting, DC 3 5 Oct 2013 Formal Verification Technology John Rushby Computer Science Laboratory SRI International Menlo Park, CA John Rushby, SR I Formal Verification Technology: 1 Overview
More informationValue Paper. Are you PAT and QbD Ready? Get up to speed
Value Paper Are you PAT and QbD Ready? Get up to speed PAT and Quality-by-Design As PAT and Quality -by-design (QbD) become an integral part of the regulatory framework, automation group ABB argues more
More informationFinal Project Report. Abstract. Document information
Final Project Report Document information Project Title Safety Research Project Number 16.01.00 Project Manager EUROCONTROL Deliverable Name Final Project Report Deliverable ID D04.017 Edition 00.01.00
More informationGoal-Based Safety Cases for Medical Devices: Opportunities and Challenges
Goal-Based Safety Cases for Medical Devices: Opportunities and Challenges Mark-Alexander Sujan 1, Floor Koornneef 2, and Udo Voges 3 1 Health Sciences Research Institute, University of Warwick, Coventry
More informationNextGen Aviation Safety. Amy Pritchett Director, NASA Aviation Safety Program
NextGen Aviation Safety Amy Pritchett Director, NASA Aviation Safety Program NowGen Started for Safety! System Complexity Has Increased As Safety Has Also Increased! So, When We Talk About NextGen Safety
More informationIntroduction to Design Science Methodology
Introduction to Design Science Methodology Roel Wieringa Slides based on the book Design Science Methodology for Information Systems and Software Engineering, Springer 2014 1 Design science Design science
More informationModeling and Simulation Made Easy with Simulink Carlos Osorio Principal Application Engineer MathWorks Natick, MA
Modeling and Simulation Made Easy with Simulink Carlos Osorio Principal Application Engineer MathWorks Natick, MA 2013 The MathWorks, Inc. 1 Questions covered in this presentation 1. Why do we do modeling
More informationPresentation of DANETV Danish Centre for Verification of Climate and Environmental technologies
Presentation of DANETV Danish Centre for Verification of Climate and Environmental technologies Meeting between DANETV and ETV China, 7th November 2011 By Thorkild Q Frandsen, DANETV Our understanding
More informationSystem of Systems Software Assurance
System of Systems Software Assurance Introduction Under DoD sponsorship, the Software Engineering Institute has initiated a research project on system of systems (SoS) software assurance. The project s
More informationMIL-STD-882E: Implementation Challenges. Jeff Walker, Booz Allen Hamilton NDIA Systems Engineering Conference Arlington, VA
16267 - MIL-STD-882E: Implementation Challenges Jeff Walker, Booz Allen Hamilton NDIA Systems Engineering Conference Arlington, VA October 30, 2013 Agenda Introduction MIL-STD-882 Background Implementation
More informationSMR Regulators Forum. Pilot Project Report. Report from Working Group on Graded Approach
SMR Regulators Forum Pilot Project Report Report from Working Group on Graded Approach January 2018 APPENDIX II - REPORT FROM WORKING GROUP ON GRADED APPROACH Executive Summary SMR REGULATORS FORUM GRADED
More informationWhen Formal Systems Kill. Computer Ethics and Formal Methods
When Formal System Kill: Computer Ethics and Formal Methods (presenting) 1 Darren Abramson 2 1 Galois Inc. leepike@galois.com 2 Department of Philosophy, Dalhousie University July 27, 2007 North American
More informationSUMMARY REPORT AND RECOMMENDATIONS ON THE PREVENTION OF MARINE OIL POLLUTION IN THE ARCTIC.
Arctic Council Open Access Repository Arctic Council http://www.arctic-council.org/ 1.8 Sweden Chairmanship I (May 2011 - May 2013) 4. SAO Meeting, March 2013, Stockholm, Sweden SUMMARY REPORT AND RECOMMENDATIONS
More informationThe Army s Future Tactical UAS Technology Demonstrator Program
The Army s Future Tactical UAS Technology Demonstrator Program This information product has been reviewed and approved for public release, distribution A (Unlimited). Review completed by the AMRDEC Public
More informationAn introduction to software development. Dr. C. Constantinides, P.Eng. Computer Science and Software Engineering Concordia University
An introduction to software development Dr. C. Constantinides, P.Eng. Computer Science and Software Engineering Concordia University What type of projects? Small-scale projects Can be built (normally)
More informationSmall Airplane Approach for Enhancing Safety Through Technology. Federal Aviation Administration
Small Airplane Approach for Enhancing Safety Through Technology Objectives Communicate Our Experiences Managing Risk & Incremental Improvement Discuss How Our Experience Might Benefit the Rotorcraft Community
More informationEvidence Engineering. Audris Mockus University of Tennessee and Avaya Labs Research [ ]
Evidence Engineering Audris Mockus University of Tennessee and Avaya Labs Research audris@{utk.edu,avaya.com} [2015-02-20] How we got here: selected memories 70 s giant systems Thousands of people, single
More informationUsing MIL-STD-882 as a WHS Compliance Tool for Acquisition
Using MIL-STD-882 as a WHS Compliance Tool for Acquisition Or what is This Due Diligence thing anyway? Matthew Squair Jacobs Australia 28-29 May 2015 1 ASSC 2015: Brisbane 28-29 May 2015 Or what is This
More informationThe Next Generation Science Standards Grades 6-8
A Correlation of The Next Generation Science Standards Grades 6-8 To Oregon Edition A Correlation of to Interactive Science, Oregon Edition, Chapter 1 DNA: The Code of Life Pages 2-41 Performance Expectations
More informationERAU the FAA Research CEH Tools Qualification
ERAU the FAA Research 2007-2009 CEH Tools Qualification Contract DTFACT-07-C-00010 Dr. Andrew J. Kornecki, Dr. Brian Butka Embry Riddle Aeronautical University Dr. Janusz Zalewski Florida Gulf Coast University
More information28/01/1439. Heba A. Kurdi Associate Professor CS Department, KSU, SA Research Fellow AeroAstro Department, MIT, US. Present the Paper.
Heba A. Kurdi Associate Professor CS Department, KSU, SA Research Fellow AeroAstro Department, MIT, US O Why read? O Why s books? O Types of scientific s O Paper organisation O Reading steps How to read
More informationUse of the Graded Approach in Regulation
Use of the Graded Approach in Regulation New Major Facilities Licensing Division Directorate of Regulatory Improvement and Major Projects Management Background Information for Meeting of the Office for
More informationGCSE MARKING SCHEME AUTUMN 2016 MATHEMATICS (NEW) UNIT 1 - FOUNDATION TIER 3300U10-1. WJEC CBAC Ltd.
GCSE MARKING SCHEME AUTUMN 016 MATHEMATICS (NEW) UNIT 1 - FOUNDATION TIER 3300U10-1 INTRODUCTION This marking scheme was used by WJEC for the 016 examination. It was finalised after detailed discussion
More informationprogressive assurance using Evidence-based Development
progressive assurance using Evidence-based Development JeremyDick@integratebiz Summer Software Symposium 2008 University of Minnisota Assuring Confidence in Predictable Quality of Complex Medical Devices
More informationProbabilityTestingaComponentofAdvanceSoftwareTesting
Global Journal of Computer Science and Technology: H Information & Technology Volume 16 Issue 3 Version 1.0 Year 2016 Type: Double Blind Peer Reviewed International Research Journal Publisher: Global Journals
More informationResilience Engineering: The history of safety
Resilience Engineering: The history of safety Professor & Industrial Safety Chair MINES ParisTech Sophia Antipolis, France Erik Hollnagel E-mail: erik.hollnagel@gmail.com Professor II NTNU Trondheim, Norge
More informationAircraft Structure Service Life Extension Program (SLEP) Planning, Development, and Implementation
Structures Bulletin AFLCMC/EZ Bldg. 28, 2145 Monohan Way WPAFB, OH 45433-7101 Phone 937-255-5312 Number: EZ-SB-16-001 Date: 3 February 2016 Subject: Aircraft Structure Service Life Extension Program (SLEP)
More informationCopyrighted Material - Taylor & Francis
22 Traffic Alert and Collision Avoidance System II (TCAS II) Steve Henely Rockwell Collins 22. Introduction...22-22.2 Components...22-2 22.3 Surveillance...22-3 22. Protected Airspace...22-3 22. Collision
More informationLimits to Dependability Assurance - A Controversy Revisited (Or: A Question of Confidence )
Limits to Dependability Assurance - A Controversy Revisited (Or: A Question of Confidence ) Bev Littlewood Centre for Software Reliability, City University, London b.littlewood@csr.city.ac.uk [Work reported
More informationFormal Methods: Use and Relevance for the Development of Safety-Critical Systems
Formal Methods: Use and Relevance for the Development of Safety-Critical Systems L. M. BARROCA 1 AND J. A. McDERMID 2 * 'Department of Computer Science, University of York, York YO1 5DD 2 University of
More informationProcessing Skills Connections English Language Arts - Social Studies
2A compare and contrast differences in similar themes expressed in different time periods 2C relate the figurative language of a literary work to its historical and cultural setting 5B analyze differences
More informationLearning Goals and Related Course Outcomes Applied To 14 Core Requirements
Learning Goals and Related Course Outcomes Applied To 14 Core Requirements Fundamentals (Normally to be taken during the first year of college study) 1. Towson Seminar (3 credit hours) Applicable Learning
More informationIntroduction to Design Science Methodology
Introduction to Design Science Methodology Roel Wieringa Slides based on the book Design Science Methodology for Information Systems and Software Engineering, Springer 2014 1 Design science Design science
More informationBest of luck on the exam!
CS103 Handout 18 Fall 2014 October 20, 2014 Practice Midterm Exam This practice exam is closed-book and closed-computer but open-note. You may have a doublesided, 8.5 11 sheet of notes with you when you
More informationDisplaying Visual Evidence in Scientific Research:
Displaying Visual Evidence in Scientific Research: Help viewers make valid scientific decisions Steve Lee, PhD CLIMB Program Assistant Director April 2013 Our CLIMB curriculum of workshops on communication
More informationThe Active Flutter Suppression (AFS) Technology Evaluation Project
1 The Active Flutter Suppression (AFS) Technology Evaluation Project Eli Livne, Ph.D. The William E. Boeing Department of Aeronautics and Astronautics University of Washington, Seattle, WA eli@aa.washington.edu
More informationIntroduction to PBN and RNP
Introduction to PBN and RNP Rick Farnworth ATM/RDS/NAV SDM PBN workshop 19 th October 2017 Summary What is PBN? Some History The ICAO PBN Manual The Benefits of PBN Some Examples PBN Approaches PBN and
More informationLOGICAL FLAWS IN INDONESIAN STUDENTS ARGUMENTATIVE ESSAYS ON GLOBAL ISSUES
Subtheme: Foreign Language Teaching in the Asian Contexts LOGICAL FLAWS IN INDONESIAN STUDENTS ARGUMENTATIVE ESSAYS ON GLOBAL ISSUES Rohmani Nur Indah English Letters and Language Department Maulana Malik
More informationSafety Case Construction and Reuse using Patterns. Abstract
Safety Case Construction and Reuse using Patterns T P Kelly, J A McDermid High Integrity Systems Engineering Group Department of Computer Science University of York York YO1 5DD E-mail: tpk jam@cs.york.ac.uk
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Navy Date: February 2015 1319: Research, elopment, Test & Evaluation, Navy / BA 3: Advanced Technology elopment (ATD) COST ($ in Millions) Prior Years
More informationIntro to Systems Theory and STAMP John Thomas and Nancy Leveson. All rights reserved.
Intro to Systems Theory and STAMP 1 Why do we need something different? Fast pace of technological change Reduced ability to learn from experience Changing nature of accidents New types of hazards Increasing
More informationAC 20.IMA and RTCA/DO- 297, Integrated Modular Avionics (IMA) Development Guidance Certification and Considerations
AC 20.IMA and RTCA/DO- 297, Integrated Modular Avionics (IMA) Development Guidance Certification and Considerations Issues involved with invoking RTCA/DO-297 as an Acceptable Means of Compliance for IMA
More informationPREFERRED RELIABILITY PRACTICES. Practice:
PREFERRED RELIABILITY PRACTICES PRACTICE NO. PD-AP-1314 PAGE 1 OF 5 October 1995 SNEAK CIRCUIT ANALYSIS GUIDELINE FOR ELECTRO- MECHANICAL SYSTEMS Practice: Sneak circuit analysis is used in safety critical
More informationStanding Committee on the Law of Patents
E ORIGINAL: ENGLISH DATE: DECEMBER 5, 2011 Standing Committee on the Law of Patents Seventeenth Session Geneva, December 5 to 9, 2011 PROPOSAL BY THE DELEGATION OF THE UNITED STATES OF AMERICA Document
More informationIncluding Safety during Early Development Phases of Future ATM Concepts
Including Safety during Early Development Phases of Future ATM Concepts Cody H. Fleming & Nancy G. Leveson 23 June 2015 11 th USA/EUROPE ATM R&D Seminar Motivation Cost, Effectiveness 1 80% of Safety Decisions
More informationChanged Product Rule. International Implementation Team Outreach Meeting With European Industry. September 23, 2009 Cologne, Germany
Changed Product Rule International Implementation Team Outreach Meeting With European Industry September 23, 2009 Cologne, Germany IIT Composition Organization Participants European Aviation Safety Agency:
More informationA standardized Interoperability Platform for collaborative ATM Validation and Training
SHARED VIRTUAL SKY A standardized Interoperability Platform for collaborative ATM Validation and Training 1 SVS Conference World ATM Congress March 10th, 2015 AGENDA TO GET IT REAL, MAKE IT VIRTUAL! How
More informationELEVENTH AIR NAVIGATION CONFERENCE. Montreal, 22 September to 3 October 2003 INTEGRATION OF GNSS AND INERTIAL NAVIGATION SYSTEMS
14/8/03 ELEVENTH AIR NAVIGATION CONFERENCE Montreal, 22 September to 3 October 2003 Agenda Item 6 : Aeronautical navigation issues INTEGRATION OF GNSS AND INERTIAL NAVIGATION SYSTEMS (Presented by the
More informationEvolutionary Safety Analysis: Motivations from the Air Traffic Management Domain
Evolutionary Safety Analysis: Motivations from the Air Traffic Management Domain Massimo Felici LFCS, School of Informatics, The University of Edinburgh, Edinburgh EH9 3JZ, UK mfelici@inf.ed.ac.uk http://homepages.inf.ed.ac.uk/mfelici/
More informationEvaluation of ATC Working practice from a Safety and Human Factor perspective
direction des services de la Navigation aérienne direction de la Technique et de l Innovation Evaluation of ATC Working practice from a Safety and Human Factor perspective Karim Mehadhebi Philippe Averty
More informationMasao Mukaidono Emeritus Professor, Meiji University
Provisional Translation Document 1 Second Meeting Working Group on Voluntary Efforts and Continuous Improvement of Nuclear Safety, Advisory Committee for Natural Resources and Energy 2012-8-15 Working
More informationStrict Finitism Refuted? Ofra Magidor ( Preprint of paper forthcoming Proceedings of the Aristotelian Society 2007)
Strict Finitism Refuted? Ofra Magidor ( Preprint of paper forthcoming Proceedings of the Aristotelian Society 2007) Abstract: In his paper Wang s paradox, Michael Dummett provides an argument for why strict
More information