A methodology for analyzing avionics software safety

A software safety analysis methodology for a fighter aircraft weapons employment system is described. The methodology is used to identify safety critical software functions and to isolate safety critical software paths, i.e. identifiable, operational functions or data and/or control paths with process sequences that are individually analyzed and tested by static or dynamic methods. Relationships to functional software test specifications, and procedures related to safety of flight and other safety related requirements for an aircraft weapons system are also discussed. Conclusions address methodology usefulness, cost benefits, and lessons learned. The method will be applied to other systems in the aircraft, as well as to other complex computer systems, especially those that interface via multiple buses and processors where critical signals and data/control information exist and safety is a concern.<>