The safety of industrially-based controllers incorporating software

Bennett, P. A.

January 1984

This thesis is concerned with the safety of industrial controllers which incorporate software. Software safety is compared with software reliability as a means of discussing the special concerns of safety. Definitions are given for the terms hazard, risk, danger and safe. A relationship between these terms has been attempted and the philosophy of safety is discussed. A formal definition of software safety is given. The factors influencing the development of software are examined. The subjectivity of safety is discussed in the context of safety measurement being a conjoint measurement. Methods of assessing the risk resulting from the use of software are described along with a discussion on the impracticability of using state transition diagrams to isolate catastrophic failure conditions. Categories of danger are discussed and three categories are advanced. The structuring of the software for safety is discussed and the principle of using safety modules and integrity locks is proposed. In discussing the reasons for errors remaining present in the software after testing two methods of measurement are suggested; Plexus and Fallibility Index. The need to declare variables is discussed. An experiment involving 119 volunteers was conducted to examine the influence of the length of variable names'on the correct usage. It was found that variables with a character length of 7 have a better probability of correct interpretation than others. The methods of assessing safety are discussed and the measurements proposed were applied to a commercially available product in the form of a Software Safety Audit. It is concluded that some aspects of the safety of controllers incorporating software can be quantified and that further research is needed.

005

Software performance and safety