How can Previous Component Use Contribute to Assessing the Use of COTS?

The intuitive notion exists in industry and among regulators that successful use of a commercially available software-based component over some years and within different application environments must imply some affirmative statement about the quality of the component and - in terms of a safety-case - that it should provide evidence to support a specific safety claim for usage of the component in a specific new environment. Yet, so far a method is lacking to investigate quantitatively how such evidence can inform and influence an estimate for example of the component´s probability of failure per demand or per hour, and thus the evidence is not used. Currently there is no blueprint to show us what such evidence contributes to meeting a safety claim. In this paper a route is explored that may allow to make use of such prior evidence and combine it with fresh statistical test data pertaining to the new usage environment. The model proposed is an initial model but it is hoped that it can help to develop over time a framework that can be practically used by regulators and safety assessors to inform a safety case for COTS components containing a software part.