A systems-theoretic approach to safety in software-intensive systems

Leveson, Nancy G.

doi:10.1109/tdsc.2004.1

Cited by 91 publications

(66 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Leveson [19], Leveson and Dulac [20] describe an alternative methodology, STAMP, for analysing interactions between heterogeneous systems components. In addition to providing a modelling notation based on systems dynamics, the technique also incorporates a methodology for identifying potential instabilities in system behaviour that may eventually lead to failure.…”

Section: Modelling Socio-technical Systemsmentioning

confidence: 99%

“…In addition to providing a modelling notation based on systems dynamics, the technique also incorporates a methodology for identifying potential instabilities in system behaviour that may eventually lead to failure. Leveson illustrates the technique by re-constructing the causes of the failure of the MilStar Satellite launch in 1999 [19]. A disadvantage is the need for expert application of the method to identify weaknesses.…”

Section: Modelling Socio-technical Systemsmentioning

confidence: 99%

See 1 more Smart Citation

Formalising Responsibility Modelling for Automatic Analysis

Simpson

Storer

2015

Lecture Notes in Business Information Processing

View full text Add to dashboard Cite

Abstract. Modelling the structure of social-technical systems as a basis for informing software system design is a difficult compromise. Formal methods struggle to capture the scale and complexity of the heterogeneous organisations that use technical systems. Conversely, informal approaches lack the rigour needed to inform the software design and construction process or enable automated analysis. We revisit the concept of responsibility modelling, which models social technical systems as a collection of actors who discharge their responsibilities, whilst using and producing resources in the process. Responsibility modelling is formalised as a structured approach for socio-technical system requirements specification and modelling, with well-defined semantics and support for automated structure and validity analysis. The effectiveness of the approach is demonstrated by two case studies of software engineering methodologies.

show abstract

Section: Modelling Socio-technical Systemsmentioning

confidence: 99%

Section: Modelling Socio-technical Systemsmentioning

confidence: 99%

Formalising Responsibility Modelling for Automatic Analysis

Simpson

Storer

2015

Lecture Notes in Business Information Processing

View full text Add to dashboard Cite

show abstract

“…Both FTA and DD are examples of what Leveson describes as "chain-of-event" models of accident causation [9], and posits that these types of models "... cannot account for indirect and nonlinear relationships". Leveson describes that the systems of interest, in accident causation, are typically Open Systems, and maintained in a state of dynamic equilibrium through closed loop control and feedback.…”

Section: The Challenge For Functional Hazard Assessmentmentioning

confidence: 99%

“…Furthermore, this study has been pursued to develop a broader Systems approach towards hazard assessment so as to evaluate hypothetical deviations from declared intent -wherein a behavioural modelling framework is to be styled upon that of a STAMP [9] (Systems Theoretic Accident Model and Processes) based hazard assessment methodology and drawing upon STPA [15,18]. It is proposed that one might combine the associated system models, undertake exploratory dynamic hazard assessment, and conduct this within the context of a Preliminary Aircraft Safety Assessment (PASA); as a possible extension to the process guidelines as described in Aerospace Recommended Practice (ARP) 4754A [3]; as outlined in Figure 1.…”

Section: Introductionmentioning

confidence: 99%

Hazards in advising autonomy: incorporating hazard modelling with system dynamics into the aerospace safety assessment process for UAS

Downes¹,

Chung²

2011

6th IET International Conference on System Safety 2011

View full text Add to dashboard Cite

“…With respect to dependability, StPowla intends to be a bridge between high level analysis, likely those advocated in [27], which may be performed on the workflows, and the subsequent development phases. As usual in a divideand-conquer approach, the properties assessed at the workflow level assume that services offering the required service levels are available, and therefore act as requirements for the software processes procuring such services, let it be by in-house development, out-sourcing, buying, exploiting open source projects, and searching registries.…”

Section: An Approach To Business Flexibilitymentioning

confidence: 99%

Dynamically Evolvable Dependable Software: From Oxymoron to Reality

Ghezzi

Inverardi

Montangero

2008

Concurrency, Graphs and Models

View full text Add to dashboard Cite

Abstract. We analyze the main motivations that lead to the present need for supporting continuous software evolution, and discuss some of the reasons for change requirements. Achieving software that is both dynamically evolvable and dependable is our long-term research goal. We do not attempt here to propose a unified solution to dissolve the apparent oximoron, i.e. to reconcile these apparently conflicting goals. Rather, we enlighten different facets of the problem by distilling our experience through three research experience reports that act as case studies. We discuss the lessons learned from the state of the art and practice exemplified by our approaches and outline the directions of possible future research.

show abstract

A systems-theoretic approach to safety in software-intensive systems

Cited by 91 publications

References 13 publications

Formalising Responsibility Modelling for Automatic Analysis

Formalising Responsibility Modelling for Automatic Analysis

Hazards in advising autonomy: incorporating hazard modelling with system dynamics into the aerospace safety assessment process for UAS

Dynamically Evolvable Dependable Software: From Oxymoron to Reality

Contact Info

Product

Resources

About