Environmental Engineering Reference
In-Depth Information
evaluate functional and general requirements for
software, and also requirements for development
and verification. The indicated requirements are
to be combined in the criteria, which the software
must satisfy, as well as processes of development
and verification.
It is suggested that the following five criteria
be used (Vilkomir, 1999):
For systems of safety class 2 the evaluation must
be performed by a group of experts (organiza-
tion), which is administratively and/or materially
independent of the experts (organizations) which
developed the software. For systems of safety
class 3 the development and verification must
be carried out by different specialists, however
the administrative and financial independence is
not required.
Software satisfies the criterion of successful-
ness if the inspection was successfully completed
before beginning of system usage and if by that
time all discovered defects and deficiencies have
been analyzed and eliminated.
The criteria are an important part of the overall
system of software evaluation. Conformity of the
criteria and evaluated requirements can be given
in the form of a matrix, which contains particular
evaluations of the meeting individual requirements
and summary evaluations based on the criteria. At
the outset the evaluation in accordance with each
of the five previously described criteria is formed
on the basis of analyzing individual requirements,
and then a concluding evaluation is produced.
Along with the general principles of systems
approach and expert knowledge additional prin-
ciples shall be implemented in the expert evalu-
ation of software:
• Completeness
• Documentation
• Accessibility
•
Independence
•
Successfulness
Software meets the criterion of completeness
if its specifications completely correspond to the
specifications of the I&C system and the software
meets general and functional requirements of the
specification, including requirements for develop-
ment and verification.
Software meets the criterion of documentation,
if the composition and structure of the documents
developed for all stages of design, verification
and operation, correspond to requirements of
standards, norms and rules. The documentation
criteria and completeness are interconnected:
in accordance with the completeness criterion
the content aspect of software development is
analyzed; in accordance with the documenta-
tion criterion the formal aspect of evaluation is
evaluated.
Software meets the criterion of accessibility
if the documentation for development and veri-
fication of software is presented in a form that is
clear and understandable to experts, who do not
participate directly in their development. More-
over, in accordance with this criterion traceability
(transparency, verifiability, checkability) of step
by step execution of requirements for software at
different stages of the lifecycle must be assured.
Software meets the criterion of independence
if the degree of independence of software check-
ing corresponds to the safety class of the system.
1. The principle of diversity of methods,
hardware, actions of experts, methods of
generating expert evaluations of software.
This requirement determines the internal
diversity of the evaluation process, thereby
supplementing external diversity, which
results in the fact that the expert evaluation
and independent verification assure increas-
ing reliability of software evaluation.
2. The principle of asymmetry of efforts dis-
tribution. A particular feature of software
evaluation is the fact that due to its complex-
ity it is impossible to assure complete testing
of the behavior of software for all theoreti-
cally possible sets of input data. Therefore,
Search WWH ::
Custom Search