The Product Engineering Class in the Software Safety Risk Taxonomy for Building Safety-Critical Systems

When software safety requirements are imposed on legacy safety-critical systems, retrospective safety cases need to be formulated as part of recertifying the systems for further use and risks must be documented and managed to give confidence for reusing the systems. The SEI software development risk taxonomy focuses on general software development issues. It does not, however, cover all the safety risks. The software safety risk taxonomy was developed which provides a construct for eliciting and categorizing software safety risks in a straightforward manner. In this paper, we present extended work on the taxonomy for safety that incorporates the additional issues inherent in the development and maintenance of safety-critical systems with software. An instrument called a software safety risk taxonomy based questionnaire (TBQ) is generated containing questions addressing each safety attribute in the software safety risk taxonomy. Software safety risks are surfaced using the new TBQ and then analyzed. In this paper we give the definitions for the specialized product engineering class within the software safety risk taxonomy. At the end of the paper, we present the tool known as the ´legacy systems risk database tool´ that is used to collect and analyze the data required to show traceability to a particular safety standard.