Software Safety Risk Evaluation (SSRE)

Process

SAŠA ŠPILER

METHOD ENGINEERING

UTRECHT, APRIL 2014

Content

What is SSRE process?PhasesPDD and exampleRelated literature

Software Safety Risk Evaluation process

Represented in 2010 (18th IEEE International Requirements Engineering Conference)

Based on: SEI Software Risk Evaluation (SRE) developed in 1992

It is a process used for identification, analysis, consolidation and mitigation of software safety risks (Hill & Talley, 2010).

Software Safety Risk Evaluation process

SSRE USAGE:

4 projects at 3 NASA Centres

AUTHORS:

JANICE HILL

SCOTT TILLEY

Works at IV&V Facility at NASA

Professor of Software Engineering in a Department of Computer Sciences at Florida Institute of Technology

Phases

DetectionRisk

specification

Assessment Consolidation Mitigation

2 3 4 51

5

PDD

PHASE 1: DETECTION

ProjectProfile

Safety RelatedQuestions Risks

PHASE 2: RISK SPECIFICATION

Performance Support

Cost Schedule

Project Performance

Support Cost Schedule

ATCS 30 77 33 3

PHASE 3: ASSESSMENT

MAGNITUDE

1 7

Catastrophic

*

IMPACT

Critical

Marginal

Negligible

Likely

LIKELIHOOD

Probable

Possible

Unlikely

Improbable

RISKPROFILE

low high

PHASE 3: ASSESSMENT

Project

1 2 3 4 5 6 7

ATCS 20 23 29 33 16 6 1

low high

PHASE 4: CONSOLIDATION

Risk Candidates

Priority Ranking (1-5)

Project 1 2 3 4 5

ATCS 19 40 51 7 11

Safety Air Traffic Control Procedure

Restart Safety-Critical Assurance

System Hazard Analysis

PHASE 5: MITIGATION

IMPORTANCE

1.

2.

3.

RISK AREA

Related Literature

SEI safety requirements evaluation process

Legacy System Risk Database (LSRD) tool

Questions?