Title :
A systems-theoretic approach to safety in software-intensive systems
Author :
Leveson, Nancy G.
Author_Institution :
Dept. of Aeronaut. & Astronaut., Massachusetts Inst. of Technol., Cambridge, MA, USA
Abstract :
Traditional accident models were devised to explain losses caused by failures of physical devices in relatively simple systems. They are less useful for explaining accidents in software-intensive systems and for nontechnical aspects of safety such as organizational culture and human decision-making. This paper describes how systems theory can be used to form new accident models that better explain system accidents (accidents arising from the interactions among components rather than individual component failure), software-related accidents, and the role of human decision-making. Such models consider the social and technical aspects of systems as one integrated process and may be useful for other emergent system properties such as security. The loss of a Milstar satellite being launched by a Titan/Centaur launch vehicle is used as an illustration of the approach.
Keywords :
decision making; safety-critical software; security of data; software fault tolerance; system recovery; accident models; human decision-making; software engineering; software safety; software-intensive systems; software-related accidents; system accidents; system safety; systems-theoretic approach; Air accidents; Automotive engineering; Decision making; Helicopters; Humans; Safety devices; Satellites; Security; Software safety; Systems engineering and theory; 65; Index Terms- Software safety; accident models; software engineering.; system safety;
Journal_Title :
Dependable and Secure Computing, IEEE Transactions on
DOI :
10.1109/TDSC.2004.1
