Environmental Engineering Reference
In-Depth Information
The best developed and best known methods of
formalized checks of software are methods based
on formal procedures of logical output, proof
of the correctness of algorithms and programs
(Anderson, 1979), and also FTA- and FME(C)A-
analysis methods that are widely used to analyze
hardware (IEC, 2006, c) and (IEC, 2006, b). The
first of them is based on constructing fault tree and
events analyses. The second is based on analysis
of the fault modes and effects criticality analyses.
The second group of requirements is deter-
mined by the preference of using standardized des-
ignations of variables in software, files of constant
and predefined length, subroutines with minimal
number of parameters (e.g. with one output and
one input), etc. Moreover, this group of require-
ments is related to the need to exclude methods
in programming development that complicate the
software, e.g. complex branches and cycles in the
programs, complex indexes in the files and so
forth. Note that in the methodological normative
documents, which are used in some countries,
requirements are contained regarding the need of
use of systems in software development that are
important for nuclear power plant safety, special
methods that improve its reliability, in particular
the so-called method of defensive programming
(Lawrence, 2002), (Ben-Ari, 2000).
Requirements for tools
used to develop software
reflect two aspects that are related to their usage:
The main principle applicable for the tools is
that tools used to generate code, must pass through
verification with the same requirements as the
I&C software itself.
Requirements for
Software Verification
Software verification is an important part of I&C
software lifecycle. Verification of software is
defined as the process of proving the conformity
of results obtained at a certain stage of software
development with the requirements established
in the preceding stage. As noted earlier, the ma-
jority of requirements for methods and means of
development and verification are uniform. An
important distinguishing feature of this group
of requirements for verification is the necessity
of assuring its independence, that is, carrying it
out by persons who are not direct developers of
the software.
Requirements for verification independence:
The integral requirements of independence are
level of independence of the experts (organiza-
tions) that conduct software verification, and
the agreement of these levels with the software
safety classes.
The following levels of independence are
possible:
1.
Maximum Independence:
Verification is
conducted by experts or organizations that
administratively and/or financially are in-
dependent of the software developers. This
level of independence can be broken down
into two sublevels:
a. Administrative independence.
b. Administrative and financial indepen-
dence. In this case we are speaking of
conducting verification by representa-
tives of a different organization, which
specializes in solving such tasks.
1. Determination of the criteria for selecting
automated development and verification
tools.
2. Degree of verification of these tools.
It should be noted, that in the existing normative
documents the selection criteria of tools are not
given, but the need for the software developer to
provide substantiation of such criteria and dem-
onstrate proof that the devices used conform to
them is postulated.
Search WWH ::
Custom Search