High integrity software

Last updated

High-integrity software is software whose failure may cause serious damage with possible "life-threatening consequences." [1] "Integrity is important as it demonstrates the safety, security, and maintainability of... code." [1] Examples of high-integrity software are nuclear reactor control, avionics software, automotive safety-critical software and process control software. [2] [3]

Contents

[H]igh integrity means that the code:

A number of standards are applicable to high-integrity software, including:

See also

Related Research Articles

<span class="mw-page-title-main">Safety-critical system</span> System whose failure would be serious

A safety-critical system or life-critical system is a system whose failure or malfunction may result in one of the following outcomes:

<span class="mw-page-title-main">Drive by wire</span> Automotive technology

Drive by wire or DbW technology in the automotive industry is the use of electronic or electro-mechanical systems in place of mechanical linkages that control driving functions. The concept is similar to fly-by-wire in the aviation industry. Drive-by-wire may refer to just the propulsion of the vehicle through electronic throttle control, or it may refer to electronic control over propulsion as well as steering and braking, which separately are known as steer by wire and brake by wire, along with electronic control over other vehicle driving functions.

In functional safety, safety integrity level (SIL) is defined as the relative level of risk-reduction provided by a safety instrumented function (SIF), i.e. the measurement of the performance required of the SIF.

Information security standards are techniques generally outlined in published materials that attempt to protect a user's or organization's cyber environment. This environment includes users themselves, networks, devices, all software, processes, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks.

IEC 61508 is an international standard published by the International Electrotechnical Commission (IEC) consisting of methods on how to apply, design, deploy and maintain automatic protection systems called safety-related systems. It is titled Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems.

IEC standard 61511 is a technical standard which sets out practices in the engineering of systems that ensure the safety of an industrial process through the use of instrumentation. Such systems are referred to as Safety Instrumented Systems. The title of the standard is "Functional safety - Safety instrumented systems for the process industry sector".

Software safety is an engineering discipline that aims to ensure that software, which is used in safety-related systems, does not contribute to any hazards such a system might pose. There are numerous standards that govern the way how safety-related software should be developed and assured in various domains. Most of them classify software according to their criticality and propose techniques and measures that should be employed during the development and assurance:

In functional safety a safety instrumented system (SIS) is an engineered set of hardware and software controls which provides a protection layer that shuts down a chemical, nuclear, electrical, or mechanical system, or part of it, if a hazardous condition is detected.

<span class="mw-page-title-main">PikeOS</span> Real-time operating system

PikeOS is a commercial hard real-time operating system (RTOS) which features a separation kernel-based hypervisor. This hypervisor supports multiple logical partition types for various operating systems (OS) and applications, each referred to as a GuestOS. PikeOS is engineered to support the creation of certifiable smart devices for the Internet of Things (IoT), ensuring compliance with industry standards for quality, safety, and security across various sectors. In instances where memory management units (MMU) are not present but memory protection units (MPU) are available on controller-based systems, PikeOS for MPU is designed for critical real-time applications and provides up-to-standard safety and security.

MISRA C is a set of software development guidelines for the C programming language developed by The MISRA Consortium. Its aims are to facilitate code safety, security, portability and reliability in the context of embedded systems, specifically those systems programmed in ISO C / C90 / C99.

The Motor Industry Software Reliability Association (MISRA) is an organization that produces guidelines for the software developed for electronic components used in the automotive industry. It is a collaboration between numerous vehicle manufacturers, component suppliers and engineering consultancies.

Functional safety is the part of the overall safety of a system or piece of equipment that depends on automatic protection operating correctly in response to its inputs or failure in a predictable manner (fail-safe). The automatic protection system should be designed to properly handle likely systematic errors, hardware failures and operational/environmental stress.

<span class="mw-page-title-main">LDRA</span> Software companies of the United Kingdom

LDRA, previously known as the Liverpool Data Research Associates, is a privately held company producing software analysis, testing, and requirements traceability tools for the public and private sectors. It is involved static and dynamic software analysis.

ISO 26262, titled "Road vehicles – Functional safety", is an international standard for functional safety of electrical and/or electronic systems that are installed in serial production road vehicles, defined by the International Organization for Standardization (ISO) in 2011, and revised in 2018.

<span class="mw-page-title-main">Parasoft C/C++test</span> Integrated set of tools

Parasoft C/C++test is an integrated set of tools for testing C and C++ source code that software developers use to analyze, test, find defects, and measure the quality and security of their applications. It supports software development practices that are part of development testing, including static code analysis, dynamic code analysis, unit test case generation and execution, code coverage analysis, regression testing, runtime error detection, requirements traceability, and code review. It's a commercial tool that supports operation on Linux, Windows, and Solaris platforms as well as support for on-target embedded testing and cross compilers.

Automotive Safety Integrity Level (ASIL) is a risk classification scheme defined by the ISO 26262 - Functional Safety for Road Vehicles standard. This is an adaptation of the Safety Integrity Level (SIL) used in IEC 61508 for the automotive industry. This classification helps defining the safety requirements necessary to be in line with the ISO 26262 standard. The ASIL is established by performing a risk analysis of a potential hazard by looking at the Severity, Exposure and Controllability of the vehicle operating scenario. The safety goal for that hazard in turn carries the ASIL requirements.

Hercules is a line of ARM architecture-based microcontrollers from Texas Instruments built around one or more ARM Cortex cores. This "Hercules safety microcontroller platform" includes a series of microcontrollers specifically targeted for Functional Safety applications, through such hardware-base fault correction/detection features as dual cores that can run in lock-step, full path ECC, automated self testing of memory and logic, peripheral redundancy, and monitor/checker cores.

Cantata++, commonly referred to as Cantata in newer versions, is a commercial computer program designed for dynamic testing, with a focus on unit testing and integration testing, as well as run time code coverage analysis for C and C++ programs. It is developed and marketed by QA Systems, a multinational company with headquarters in Waiblingen, Germany.

CodeSonar is a static code analysis tool from CodeSecure, Inc. CodeSonar is used to find and fix bugs and security vulnerabilities in source and binary code. It performs whole-program, inter-procedural analysis with abstract interpretation on C, C++, C#, Java, as well as x86 and ARM binary executables and libraries. CodeSonar is typically used by teams developing or assessing software to track their quality or security weaknesses. CodeSonar supports Linux, BSD, FreeBSD, NetBSD, MacOS and Windows hosts and embedded operating systems and compilers.

References

  1. 1 2 3 "What Is Software Integrity? Overview + Software Integrity Best Practices". perforce.com. Retrieved Feb 15, 2022.
  2. Sennett, C.T. (2012). High-Integrity Software. Springer Science & Business Media. p. 1. ISBN   978-1-4684-5777-3 . Retrieved Feb 14, 2022.
  3. Chapman, Rod (September 4, 2024). "Correctness by Construction: The Case for Constructive Static Verification" (PDF). National Institute of Standards and Technology. Archived (PDF) from the original on September 30, 2006. Retrieved September 4, 2024.
  4. "Developing DO-178B/C Compliant Software for Airborne Systems" (PDF). Parasoft. Retrieved Feb 14, 2022.
  5. European Committee for Electrotechnical Standardization (CENELEC). "CENELEC - EN 50128". Engineering360. Retrieved Feb 14, 2022.
  6. Qi Van Eikema, Hommes (January 25, 2012). "ASSESSMENT OF THE ISO 26262 STANDARD, "ROAD VEHICLES – FUNCTIONAL SAFETY"" (PDF). U.S. Department of Transportation Volpe Center. Archived (PDF) from the original on July 14, 2015. Retrieved September 4, 2024.