Nicht aus der Schweiz? Besuchen Sie lehmanns.de

Justifying the Dependability of Computer-based Systems (eBook)

With Applications in Nuclear Engineering
eBook Download: PDF
2008 | 2008
XVIII, 323 Seiten
Springer London (Verlag)
978-1-84800-372-9 (ISBN)

Lese- und Medienproben

Justifying the Dependability of Computer-based Systems - Pierre-Jacques Courtois
Systemvoraussetzungen
213,99 inkl. MwSt
(CHF 208,95)
Der eBook-Verkauf erfolgt durch die Lehmanns Media GmbH (Berlin) zum Preis in Euro inkl. MwSt.
  • Download sofort lieferbar
  • Zahlungsarten anzeigen
Safety is a paradoxical system property. It remains immaterial, intangible and invisible until a failure, an accident or a catastrophy occurs and, too late, reveals its absence. And yet, a system cannot be relied upon unless its safety can be explained, demonstrated and certified. The practical and difficult questions which motivate this study concern the evidence and the arguments needed to justify the safety of a computer based system, or more generally its dependability. Dependability is a broad concept integrating properties such as safety, reliability, availability, maintainability and other related characteristics of the behaviour of a system in operation. How can we give the users the assurance that the system enjoys the required dependability? How should evidence be presented to certification bodies or regulatory authorities? What best practices should be applied? How should we decide whether there is enough evidence to justify the release of the system? To help answer these daunting questions, a method and a framework are proposed for the justification of the dependability of a computer-based system. The approach specifically aims at dealing with the difficulties raised by the validation of software. Hence, it should be of wide applicability despite being mainly based on the experience of assessing Nuclear Power Plant instrumentation and control systems important to safety. To be viable, a method must rest on a sound theoretical background.

Pierre-Jacques Courtois is a professor of computer science in the engineering department of the Catholic University of Louvain-la-Neuve in Belgium. He has degrees in electrical engineering and nuclear physics, and a doctorate in applied sciences. Formerly with the Philips Research Laboratory in Brussels, he has been working for the last fifteen years at the Belgian authorized inspection agency for nuclear installations, where he is in charge of the assessment of safety critical software based systems used in nuclear power plants. He has served as a consultant to the OECD and to the IAEA for issuing guidance on the design and validation of software important to nuclear safety. He has also served as the chairman of the European Commission nuclear regulator task force on licensing issues of nuclear safety critical software, and he has been active in several European research projects on dependable computer systems and nuclear safety.


Safety is a paradoxical system property. It remains immaterial, intangible and invisible until a failure, an accident or a catastrophy occurs and, too late, reveals its absence. And yet, a system cannot be relied upon unless its safety can be explained, demonstrated and certified. The practical and difficult questions which motivate this study concern the evidence and the arguments needed to justify the safety of a computer based system, or more generally its dependability. Dependability is a broad concept integrating properties such as safety, reliability, availability, maintainability and other related characteristics of the behaviour of a system in operation. How can we give the users the assurance that the system enjoys the required dependability? How should evidence be presented to certification bodies or regulatory authorities? What best practices should be applied? How should we decide whether there is enough evidence to justify the release of the system? To help answer these daunting questions, a method and a framework are proposed for the justification of the dependability of a computer-based system. The approach specifically aims at dealing with the difficulties raised by the validation of software. Hence, it should be of wide applicability despite being mainly based on the experience of assessing Nuclear Power Plant instrumentation and control systems important to safety. To be viable, a method must rest on a sound theoretical background.

Pierre-Jacques Courtois is a professor of computer science in the engineering department of the Catholic University of Louvain-la-Neuve in Belgium. He has degrees in electrical engineering and nuclear physics, and a doctorate in applied sciences. Formerly with the Philips Research Laboratory in Brussels, he has been working for the last fifteen years at the Belgian authorized inspection agency for nuclear installations, where he is in charge of the assessment of safety critical software based systems used in nuclear power plants. He has served as a consultant to the OECD and to the IAEA for issuing guidance on the design and validation of software important to nuclear safety. He has also served as the chairman of the European Commission nuclear regulator task force on licensing issues of nuclear safety critical software, and he has been active in several European research projects on dependable computer systems and nuclear safety.

Preface 8
Acknowledgements 10
Contents 12
PART I The Context 18
1 Introduction 19
2 Current Practices 24
3 Axiomatic Justification and Uncertainty 27
4 Justification and Dependability Case 31
4.1 Cost Minimization and the Proportionality Principle 32
4.2 Risk-based Assessment 33
4.3 Two Illustrative Case Studies: A Process Instrumentation (SIP) and a Radioactive Materials Handling System 33
PART II Prescriptions 35
5 Requirements, Claims and Evidence 36
5.1 Where to Start? The First Foundation of Dependability Justification 36
5.2 The Initial Dependability Requirements (CLM0) 37
5.3 The Other Foundation: The System Input-Output Preliminary Requirements 41
5.4 Primary Claims 42
5.5 Differences Between Dependability Requirements and Claims 43
5.6 Evidence and Model Assumptions. 45
5.7 How to Organize Evidence? A Four-level Structure 46
5.8 How Are the Four Levels Related? Levels of Causality 49
5.9 Examples 52
6 Arguments, Syntax and Semantics 54
6.1 Claim Assertions 54
6.2 White, Grey and Black Claims 55
6.3 The Inductive Justification Process 56
6.4 The Conjunctive Property 59
6.5 The Syntax of an Argument 62
6.6 Claim and Argument Semantic Aspects 65
7 Axiomatic Principles and Limits 71
7.1 Claim Justifiability 71
7.2 Evidence Plausibility and Weight 73
7.3 The Ineluctability of Consensus 74
7.4 Epistemic Versus Stochastic Uncertainty 76
7.5 Claims on Product Versus Evidence from Process 79
7.6 Logics of Prevention, Precaution and Enlightened Catastrophism 80
7.7 Concluding Remarks on Claims, Arguments, Evidence 81
PART III Descriptions 83
8 Structures and Interpretations 84
8.1 The Roles of Models in Dependability Assessment 85
8.2 Basic Model Notions 86
8.3 On Descriptions and Interpretations 90
8.4 Mathematical Structures 92
8.5 System Structures 93
8.6 L-Interpretations 95
8.7 The Formal Definition of a Model 96
8.8 Validation and Satisfiability Obligations 97
8.9 Interdependencies Between Structures of Different Levels 111
8.10 Interdependencies Between Languages of Different Levels 118
8.11 The Tree of Sub-structures Dependencies 121
8.12 A General Multi-level Justification Framework 122
8.13 Design Abstractions 123
8.14 Recommendations for Design and Validation Models 124
9 Embedded Computer System Structures 127
9.1 States, Events and Other Basic Notions 128
9.2 Notation 130
9.3 Level -0. Environment Requirements, Events and Constraints 131
9.4 Level -1. System-Environment Interface 133
9.5 Level-2. Computer System Architecture 161
9.6 Level-3. Design 197
9.7 Structure of the Operation Control 226
9.8 Guidance Provided by the System Substructure Tree 248
9.9 Concluding Remarks: Model Inter-relations and Preservation Properties 249
PART IV Methodological Implications 253
10 Pre-existing Systems and Components 254
10.1 Pre-existing Components 255
10.2 Composability and Re-use of Arguments 255
10.3 Guaranteed Services and Rely Conditions 257
10.4 The System-Component Interface Substructures 259
10.5 Documentation 272
10.6 Concluding Remarks and Justification Issues 274
10.7 Criticality Degrees and Integrity Levels 277
11 Construction Methods 278
11.1 Dependability Case Construction Rules 278
11.2 FFP (Functions/Failures/Properties) Method 287
12 Postface 292
Appendix A The SIP System 296
A.1 Description 296
A.2 Plant, Technology and Safety Replacement Constraints 298
A.3 Dependability Requirements (CLM0) and Primary Claims 299
A.4 Primary Claims on Software CCF’s 300
A.5 Software Architecture and Design. Claims and Evidence 301
Appendix B Automated Material Handling System 304
B.1. Description 304
B.2 Dependability Requirements (CLM0) 305
B.3 Constraints and Postulated Initiating Events 307
B.4 Preliminary Specifications and Primary Claims 307
References 317
Index 324

Erscheint lt. Verlag 17.8.2008
Reihe/Serie Springer Series in Reliability Engineering
Springer Series in Reliability Engineering
Zusatzinfo XVIII, 323 p. 24 illus.
Verlagsort London
Sprache englisch
Themenwelt Mathematik / Informatik Informatik Netzwerke
Informatik Theorie / Studium Künstliche Intelligenz / Robotik
Informatik Weitere Themen Hardware
Naturwissenschaften Physik / Astronomie
Technik Bauwesen
Technik Maschinenbau
Schlagworte Computer systems • Natur • Nuclear Engineering • Quality Control, Reliability, Safety and Risk • Reliability • Reliability Engineering • safety critical systems • Safety Evaluation • Software • Software engineering
ISBN-10 1-84800-372-2 / 1848003722
ISBN-13 978-1-84800-372-9 / 9781848003729
Haben Sie eine Frage zum Produkt?
PDFPDF (Wasserzeichen)
Größe: 5,0 MB

DRM: Digitales Wasserzeichen
Dieses eBook enthält ein digitales Wasser­zeichen und ist damit für Sie persona­lisiert. Bei einer missbräuch­lichen Weiter­gabe des eBooks an Dritte ist eine Rück­ver­folgung an die Quelle möglich.

Dateiformat: PDF (Portable Document Format)
Mit einem festen Seiten­layout eignet sich die PDF besonders für Fach­bücher mit Spalten, Tabellen und Abbild­ungen. Eine PDF kann auf fast allen Geräten ange­zeigt werden, ist aber für kleine Displays (Smart­phone, eReader) nur einge­schränkt geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür einen PDF-Viewer - z.B. den Adobe Reader oder Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür einen PDF-Viewer - z.B. die kostenlose Adobe Digital Editions-App.

Zusätzliches Feature: Online Lesen
Dieses eBook können Sie zusätzlich zum Download auch online im Webbrowser lesen.

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Mehr entdecken
aus dem Bereich
der Praxis-Guide für Künstliche Intelligenz in Unternehmen - Chancen …

von Thomas R. Köhler; Julia Finkeissen

eBook Download (2024)
Campus Verlag
CHF 37,95
Wie du KI richtig nutzt - schreiben, recherchieren, Bilder erstellen, …

von Rainer Hattenhauer

eBook Download (2023)
Rheinwerk Computing (Verlag)
CHF 16,95