Critical System Validation Overview

Questions and Answers

What is the primary property that characterizes critical systems?

• Cost-effectiveness
• Flexibility
• Reliability (correct)
• Complexity

What type of validation concerns the frequency of system failures in delivering services?

• Security validation
• Performance validation
• Reliability validation (correct)
• Safety validation

What is a common cause of failures in critical systems?

• Inadequate product marketing
• Errors in design, coding, or specification (correct)
• Poor customer service
• Faulty user training

Which of the following is an aim of static techniques in critical systems validation?

To improve code quality without execution (C)

What does safety validation ensure about a system?

It prevents faults from occurring (B)

What is a primary focus of dynamic validation techniques?

Observing system behavior to meet specifications (C)

Which of the following is NOT a part of the static reviewing process in safety validation?

Proving the safety of the system through testing (C)

What does hazard avoidance involve during the design stage?

Avoiding design objects that can produce risks (D)

Which technique is specifically aimed at discovering the root of risks in a system?

Hazard analysis (B)

What is the purpose of including safety features in a system as part of damage limitation?

To minimize the impacts of risks if they occur (B)

Which safety feature should be updated whenever the system is modified?

Gas warning system (B)

What action is indicated when the gas level crosses the warning threshold but remains below the danger level?

Take action to reduce the gas level (D)

What is the primary role of the controller in a gas warning system?

To compute the gas level and activate alarms (D)

What is a significant issue with the condition checking code for the gas level?

Gas_level = Danger does not trigger an alarm (A)

In a gas warning system, what represents immediate danger that requires evacuation?

Gas_level exceeding danger level (A)

Which two aspects are common between safety and security in systems?

Both aim to prevent unsafe or unsecured states (D)

What is a possible feature of the gas warning system that helps inform users?

Real-time gas level display (D)

Why is it essential to perform security validation on a system?

To protect the system against potential attacks (B)

Which of the following best describes the 'evacuate level' in a gas warning system?

Immediate danger is present, and evacuation is mandatory (A)

What could happen if the gas sensor's readings are inaccurate?

False alarms may occur, causing confusion (A)

Flashcards

Dynamic Testing

Observing the system's behavior to ensure it meets the specifications. It involves running the software and analyzing its performance. Examples include statistical testing, runtime checking and scenario testing.

Process Validation

Minimizing the probability of errors in the system design and development processes. This involves using robust design methods and quality assurance practices.

Hazard Analysis

A method of analyzing potential safety hazards in a system. It aims to find and eliminate risks, or at least reduce their impact.

Safety Case

A comprehensive document that explains how the system is designed to be safe. It includes all the safety measures implemented and their justification.

Static Technique

A technique where you examine the system's code and design without actually running it. It's useful for detecting potential errors and vulnerabilities.

What is a critical system?

A system considered critical if its failure leads to significant economic losses, physical damage, or threats to human life. This is a type of system that requires high reliability, even as it evolves.

What is dependability in critical systems?

A key characteristic of critical systems is their ability to function dependably. This means they consistently meet performance requirements, remain available when needed, operate safely, and prevent unauthorized access to sensitive data.

Why is critical system validation crucial?

Validation of a critical system needs to consider its reliability, safety, and security. These processes determine if the system meets its intended functions, works without causing harm, and resists malicious intrusions.

What is the purpose of reliability validation in critical systems?

Reliability validation focuses on how often a system fails to deliver expected services. It involves using specialized datasets to evaluate the system's ability to meet reliability specifications and user needs.

What is the goal of safety validation in critical systems?

Safety validation focuses on minimizing the risk of harm from system failures. It ensures that the system operates in a controlled manner, limiting the potential for errors and their consequences. Assessing and specifying safety requirements is a critical aspect of this process.

Safety Validation

Ensuring a system is safe for its intended environment. This involves providing evidence to support its safety claims.

Safety Feature Updates

A safety measure that should be re-evaluated whenever the system is updated or modified.

Gas Warning System

A system designed to detect and warn about potentially hazardous gas levels.

Warning Level (Gas)

A gas level that indicates a potential hazard, requiring action to reduce the danger.

Evacuate Level (Gas)

A gas level indicating immediate danger, requiring immediate evacuation.

Controller (Gas Warning System)

The component of a gas warning system that analyzes air samples and determines if an alarm should be triggered.

Security Validation

The process of verifying that a system's security measures effectively protect it against potential attacks.

Static Security Validation Techniques

Techniques used to assess system security by analyzing code without running it.

Dynamic Security Validation Techniques

Techniques used to assess system security by running the system and observing its behavior under various conditions.

Commonalities between Security and Safety

The overlap between security and safety, where both aim to prevent the system from entering undesirable or dangerous states.

Study Notes

Critical System Validation

• Critical systems are characterized by high reliability, holding this reliability without increasing costs
• Failures can lead to significant economic losses, physical damage, or threats to human life
• The key property of critical systems is dependability, including factors like safety, security, and availability
• Unreliable, unsafe, and insecure systems are unacceptable to users
• System failures can originate from user errors, hardware design flaws, and software coding issues
• Critical system validation is crucial for ensuring reliability, safety, and security, as validation costs are also significant

Critical System Types

• Critical systems are categorized based on their roles and consequences of failure
• Examples include safety, mission, and business systems

Safety-Critical Systems

• Failures in these systems can cause injury or death to humans. This is the primary focus of this module
• Examples: medical devices, aerospace, civil aviation, military aviation, manned space travel, chemical industry, nuclear power stations, traffic control (railways, air traffic, roads, automobiles), and other military equipment.

Mission-Critical Systems

• Failures result in the failure of goal-directed activities
• Examples: navigational system of a space probe

Business-Critical Systems

• Failures lead to business failures
• Examples include customer account systems within banks, online shopping carts, areas requiring secrecy (e.g., defense and secret services), sensitive company areas, police records, customer data administration, and student records administration

Critical System Validation Perspectives

• Reliability validation measures how frequently the system fails its specified service. A special dataset is needed that is not used during the initial testing. Measurable reliability needs verification against specifications, and ensuring it's sufficient for user needs. Safety validation verifies the system does not have failures with serious consequences
• Security validation protects the system and its data against internal and external attacks

Critical System Validation Techniques

• Static techniques evaluate code quality without running it
  • Design reviews
  • Documentation checks
  • Mathematical proofs to support validation
• Dynamic techniques analyze system behavior during execution
  • Statistical testing
  • Runtime checking
  • Scenario testing
• Process validation minimizes process errors affecting system dependability through good design and development

Safety Validation

• Proving system safety through testing can be difficult and expensive
• Static methods, like checking for correctness, are needed to identify potential unsafe situations and prevent them
• Reviewing intended function, structures, algorithms, and data structures, ensuring consistency, and evaluating testing efficiency are key static validation steps
• Design principles such as system simplicity and effective software development techniques contribute to safety
• Hazard analysis, a key process, helps assess risk by identifying, analyzing, and addressing potential hazards through means such as hazard avoidance, identification and removal, and damage limitation

Safety Case of the System

• Demonstrating and justifying the safety of a system, crucial for transportation, medical, and other critical industries, requires evidence specific to its environment
• Safety features should be continually updated to maintain effectiveness

Gas Warning System Example

• A system that warns of toxic gases with a sensor, controller, and alarm
• Different danger levels determine actions; low level alerts reduce gas levels and high level triggers evacuation

Gas Sensor Control (Example Code and Logic)

• Detailed example code with loops and conditional statements to continuously monitor and report on gas levels
• Gas levels compared with warning and danger thresholds drive actions

Graphical Argument

• Demonstrates the logic for responding to different gas levels by showing paths and how they should lead to specific actions or warnings.

Condition Checking

• A table for checking the code logic in relation to the gas sensor example and verifying the accuracy of logic to respond to different gas levels. Identifying contradictions in the code logic.

Security Validation

• Security focuses on protecting the system and its data against attacks
• Validation can use static and dynamic analysis methods, or experience based validation from teams with high-level expertise
• Techniques include automatic validation through system tools and assessing the system's ability to handle potential attacks

Security Validation Methods

• Experience-based validation: Expert teams evaluate system vulnerabilities
• Tool-based validation: Security tools analyze the system for vulnerabilities
• Tiger teams: Specialized teams simulate attacks to identify system vulnerabilities

Safety vs. Security

• Safety addresses unplanned events and protecting human lives
• Security is focused on planned events, such as attacks, and Protecting the system, data and information, and includes internal and external sources

Reliability Validation

• Assessing the system's reliability determines if it can consistently perform its tasks as expected
• Dynamic techniques involve running the system then observing failures and their time to evaluate reliability
• Statistical tests measure error count from a defined dataset to determine reliability and failure situations
• Identifying threshold levels of failures help define an acceptably reliable system
• A reliability validation process includes establishing an operational profile, building a testing dataset, executing the system, observing failures, and calculating reliability after a statistically significant number of failures

Problems in Reliability Validation

• Establishing an accurate operational profile that matches actual usage can be challenging
• Comprehensive testing of every possible scenario is often cost-prohibitive
• Statistical uncertainty in the dataset makes truly accurate reliability calculations difficult

Formal Method and Validation

• Formal methods improve system quality by finding and mitigating errors via mathematical analysis of the system specification
• Formal methods are computationally costly but can be used for complex systems
• Formal verification methods and complete test case generation are important applications of formal methods
• Mathematical methods are used for system verification and validation

Validation Considerations

• Human judgment remains important for validating simple systems
• Formal methods offer support for complex systems but may be cost-prohibitive
• Formal methods help in verification, checking for desired system behaviors and safety.
• Problems with formal methods include their complexity, difficulty in understanding by experts, and a cost of use that increases with complexity and system size.

Safety Proofs

• Safety proofs aim to demonstrate the system will not reach unsafe states
• Proof by contradiction is used to analyze system behavior, utilizing diagrams