This paper introduces a top-down approach to analyzing safety of self-driving vehicles. A System-Theoretic Process Analysis (STPA) is applied to a real case study involving human safety driver interactions, engineering and management interactions, and complex software interactions. Specific software...
Integrated safety and security assurance for complex systems is difficult for many technical and socio-technical reasons such as mismatched processes, inadequate information, differing use of language and philosophies, etc.. Many co-assurance techniques rely on disregarding some of these challenges...
When a system Safety Function fails it is imperative to be able to identify and analyze the potential causal contributors in a timely way and support the conclusion with compelling evidence. Yet experience has shown that this can be a formidable challenge and far too often opinions and unsubstanti...
This tutorial will introduce you to the concept of safety cases. Safety cases are structured arguments that support the claim that a system is safe to be used for a given application in a given environment. Several standards require the production of such safety cases as a prerequisite for ap...
? With the increasing complexity of modern systems, traditional approaches to safety (most of which were created 50-70 years ago) are losing effectiveness and leading to avoidable losses. In this class, you will learn about a new approach based on systems theory and systems thinking. This approach a...
Divergence theory and its practical application as an innovation exercise seeks to ?open the aperture? and first expand the problem space, as opposed to just immediately converging toward a viable solution. This paper shares a use case application of a simple but powerful divergence metho...
(Note: This paper follows on from the paper presented last year at ISSC. This new paper serves to provide more technical detail (the how?) for the integration framework) There are many approaches to solving the safety-security integration problem. Regulatory bodies have also attempted to unify saf...
The course is based on the principles and methodologies presented in the?Redbook, "The Guidelines for Hazard Evaluation Procedures", 3rd Edition?for using the What-If/Checklist hazards analysis method. The Redbook is a?standard industry reference for hazard evaluation procedures published by?the Cen...
This tutorial aims to provide an introduction to the challenges and potential solution routes for the assurance of safety-related robotic and autonomous systems based on the Sense, Understand, Decide, Act (SUDA) characterisation of autonomy. The workshop will introduce the background technologies fo...
Non-deterministic latency and jitter issues have arisen with the increased use of commercial multicore processors (MCP) as the hardware platforms for hosting Department of Defense (DoD) systems. Within the civilian world of avionics flight control, an approach to dealing with non-deterministic laten...
In system security, it is important to be able to analytically investigate a system in a provable, quantitative way. Finding system vulnerabilities should not be left up to guess work. Without a verifiable method of demonstrating weak points, efforts to improve security may simply be wasted. ...
We are able to consider the various risk factors when considering automotive safety: for example, malfunction, imperfect environmental recognition, and security violation. We have standards to treat those hazard types: ISO 26262 (functional safety), ISO/PAS 21448 (SoTIF) and SAE J3061 (security), re...
This tutorial illustrates a step-by-step process to apply a quantitative analysis methodology to mishap data to approximate the distribution of both the probability and severity of a mishap and examine likely behavior of the co-distribution of probability and severity as the risk reduction process i...
Most Fault Tree Analysis (FTA)?guides and tutorials focus on building Fault Tree (FT) models or the development of data/probabilities to quantify the FT model. This tutorial takes a different perspective: How do I review a Fault Tree Analysis (FTA) to ensure it is correct and complete? This question...
