Software Failure Modes and Effects Analysis

Reifer, Donald J.

doi:10.1109/tr.1979.5220578

Cited by 109 publications

(35 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Researchers have investigated the benefits of performing FMEA to find the failure modes of software that are complex to detect [17] [18] [19] . Such approaches can be used in the software design step to verify and validate the software behaviors in isolation.…”

Section: A Failure Mode and Effects Analysis (Fmea)mentioning

confidence: 99%

A Systems Theoretic Approach to the Security Threats in Cyber Physical Systems Applied to Stuxnet

Nourian

Madnick

2018

IEEE Trans. Dependable and Secure Comput.

146

View full text Add to dashboard Cite

Cyber Physical Systems (CPSs) are increasingly being adopted in a wide range of industries such as smart power grids. Even though the rapid proliferation of CPSs brings huge benefits to our society, it also provides potential attackers with many new opportunities to affect the physical world such as disrupting the services controlled by CPSs. Stuxnet is an example of such an attack that was designed to interrupt the Iranian nuclear program. In this paper, we show how the vulnerabilities exploited by Stuxnet could have been addressed at the design level. We utilize a system theoretic approach, based on prior research on system safety, that takes both physical and cyber components into account to analyze the threats exploited by Stuxnet. We conclude that such an approach is capable of identifying cyber threats towards CPSs at the design level and provide practical recommendations that CPS designers can utilize to design a more secure CPS. Index TermsCPS security design, Stuxnet analysis, CPS, STAMP, Security and safety analysis.

show abstract

Section: A Failure Mode and Effects Analysis (Fmea)mentioning

confidence: 99%

A Systems Theoretic Approach to the Security Threats in Cyber Physical Systems Applied to Stuxnet

Nourian

Madnick

2018

IEEE Trans. Dependable and Secure Comput.

146

View full text Add to dashboard Cite

show abstract

“…What should be the criterion for row entries in a software FMEA worksheet? The initial approach was to focus on software "functions" [8,9,10]. Also, an alternative was proposed to consider specific effects due to faulty processing of one input variable at a time [11].…”

Section: Software Fmeamentioning

confidence: 99%

Verifying the completeness of test

Hecht

2008

2008 Ieee Autotestcon

View full text Add to dashboard Cite

show abstract

“…Many errors in software can be traced back to errors in the requirements [43]. Often, the conception of a system is improved as a direct result of the discovery of inadequacies in the current conception.…”

Section: Case Study 2: "It Is Best To Remove Errors During the Early mentioning

confidence: 99%

Model-based tests of truisms

Raffo

Setamanit

Hu³

et al. 2002

Proceedings 17th IEEE International Conference on Automated Software Engineering,

View full text Add to dashboard Cite

Software engineering (SE) truisms capture broadlyapplicable principles of software construction. The trouble with truisms is that such general principles may not apply in specific cases. This paper tests the specificity of two SE truisms: (a) increasing software process level is a desirable goal; and (b) it is best to remove errors during the early parts of a software lifecycle. Our tests are based on two well-established SE models: (1) Boehm et.al.'s COCOMO II cost estimation model; and(2) Raffo's discrete event software process model of a software project life cycle. After extensive simulations of these models, the TAR2 treatment learner was applied to find the model parameters that most improved the potential performance of the real-world systems being modelled.The case studies presented here showed that these truisms are clearly sub-optimal for certain projects since other factors proved to be far more critical. Hence, we advise against truism-based process improvement. This paper offers a general alternative framework for model-based assessment of methods to improve software quality: modelling + validation + simulation + sensitivity. That is, after recording what is known in a model, that model should be validated, explored using simulations, then summarized to find the key factors that most improve model behavior.

show abstract

Software Failure Modes and Effects Analysis

Cited by 109 publications

References 8 publications

A Systems Theoretic Approach to the Security Threats in Cyber Physical Systems Applied to Stuxnet

A Systems Theoretic Approach to the Security Threats in Cyber Physical Systems Applied to Stuxnet

Verifying the completeness of test

Model-based tests of truisms

Contact Info

Product

Resources

About