A Hazard Analysis Method for Embedded Control Software with STPA
Article Sidebar
Main Article Content
Abstract
This paper proposes an analysis method for hazards that are occurred by interactions between hardware and software when using an apparatus installed an Embedded Control Software (EBSW). Hazard means a state that negatively affects the apparatus when some bad conditions are satisfied. Especially, the purpose of the method is clarifying the EBSW portions that cause the hazards. The outline of the proposed method is as follows; (1)Develop EBSW specifications written in Unified Modeling Language (UML) and accident information, (2) Conduct safety analysis (System-theoretic Process Analysis: STPA) by inputting EBSW specifications and accident information, and generate the list of hazards and hazard scenarios, (3) Develop sequence diagrams corresponding to the hazard scenarios, and clarify program portions (Hazard Causal Factor: HCF) that are causes of the hazards, and (4) Conduct Failure Mode and Effects Analysis (FMEA), and apply countermeasures to avoid occurrences of the hazards. As a result of applying this method to the sample EBSW, we can confirm that the safety EBSW is developed.
Downloads
Article Details
Copyright (c) 2020 Takahashi M, et al.
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
Leveson N (2011) Engineering a Safer World, The MIT Press.
Japanese Standards Association (2017) JIS2304 Medical Device Software - - Software Life Cycle Process, Japanese Standards Associations.
International Electro technical Commission (2006) ICE 62304 Medical Device Software, International Electro technical Commission. Link: https://bit.ly/2IODVVD
International Electrotechnical Commission (2016) ICE 82304-1 Health Software - - Part 1: General Requirements for Product Safety, International Electrotechnical Commission. Link: https://bit.ly/35LWAdv
International Society for Pharmaceutical Engineering (2008) GAMP5 A Risk-Based Approach to Compliant GxP Computerized Systems, International Society for Pharmaceutical Engineering.
International Organization for Standardization (2011) ISO26262 Road vehicles – Functional safety, International Organization for Standardization.
Radio Technical Commission for Aeronautics (2011) DO-178C Software Considerations in Airborne Systems and Equipment Certification, Radio Technical Commission for Aeronautics.
Japan Aerospace Exploration Agency (2008) JAXA JMR001 System Safety Standard, Japan Aerospace Exploration Agency.
Takahashi M, Nanba R, Fukue A (2012) Proposal of Operational Risk Management Method Using FMEA for Drug Manufacturing Computerized System. Transaction of the Society of Instrument and Control Engineers 48: 285-294. Link: https://bit.ly/3pJ9d0E
Weber W, Tondok H, Bachmayer M (2003) Enhancing Software Safety by Fault Trees: Experiences from an Application to Flight Critical SW. Proc of SAFECOMP 289-302. Link: https://bit.ly/3lL3IMI
Leveson N, Harvey PR (1983) Analyzing Software Safety. IEEE Transaction on Software Engineering 9: 569-579. Link: https://bit.ly/2HdVKfV
Leveson N, Cha S, Shineall T (1991) Safety verification of Ada Programs Using Software Fault Trees. IEEE Software 8: 48-59. Link: https://bit.ly/3lQINrK
Takahashi M, Nanba R (2014) A Proposal of Fault Tree Analysis for Control Programs. Proc of SICE Annual Conference 1719-1724. Link: https://bit.ly/35HIB8k
Pai G, Dugan J (2002) Automatic Synthesis of Dynamic Fault Tree from UML System Model. Proc of 13th International Symposium on Software Reliability Engineering. Link: https://bit.ly/3kKF4KX
Information-technology Promotion Agency (2016) The first step of STAMP/STPA - A New Safety Analysis Method based on the System Oriented Thinking. Information-technology Promotion Agency.