The applications of SFTA and SFMEA approaches during software development process: an analytical review

Software fault tree analysis SFTA and software failure modes and effects analysis SFMEA are two well known recommended approaches for the analysis of software induced hazards in the system and are adapted in the software domain by employing the concepts of standard hardware safety approaches namely fault tree analysis FTA and failure modes and effects analysis FMEA respectively. Both SFTA and SFMEA approaches, since their inception in the software domain, have been explored, either individually or jointly, by researchers at different stages of software development. This paper presents the critical review of the published work about the applications of both these approaches in three phases, namely requirements analysis, design and implementation/coding phases of software life cycle. After presenting the analytical review, the paper identifies the problems that are currently faced during the applications of these approaches and guides the directions for carrying out further research.

[1]  Robyn R. Lutz,et al.  Using obstacle analysis to identify contingency requirements on an unpiloted aerial vehicle , 2006, Requirements Engineering.

[2]  Jing Liu,et al.  Safety analysis of software product lines using state-based modeling , 2007, J. Syst. Softw..

[3]  Donald J. Reifer,et al.  Software Failure Modes and Effects Analysis , 1979, IEEE Transactions on Reliability.

[4]  Pierre David,et al.  Towards a better interaction between design and dependability analysis: FMEA derived from UML/SysML models , 2008 .

[5]  Qian Feng,et al.  Bi-directional safety analysis of product lines , 2005, J. Syst. Softw..

[6]  Neal Snooke Model-Based Failure Modes and Effects Analysis of Software , 2004 .

[7]  P. L. Goddard Software FMEA techniques , 2000, Annual Reliability and Maintainability Symposium. 2000 Proceedings. International Symposium on Product Quality and Integrity (Cat. No.00CH37055).

[8]  R. Meeson,et al.  Object-oriented-no panacea for safety , 1996, Proceedings of 11th Annual Conference on Computer Assurance. COMPASS '96.

[9]  Massood Towhidnejad,et al.  Validation of object oriented software design with fault tree analysis , 2003, 28th Annual NASA Goddard Software Engineering Workshop, 2003. Proceedings..

[10]  Josh Dehlinger,et al.  Software fault tree analysis for product lines , 2004, Eighth IEEE International Symposium on High Assurance Systems Engineering, 2004. Proceedings..

[11]  Josh Dehlinger,et al.  PLFaultCAT: A Product-Line Software Fault Tree Analysis Tool , 2006, Automated Software Engineering.

[12]  Shawulu Hunira Nggada,et al.  Software Failure Analysis at Architecture Level using FMEA , 2012 .

[13]  Nancy G. Leveson,et al.  Safety Analysis of Ada Programs Using Fault Trees , 1983, IEEE Transactions on Reliability.

[14]  Anders P. Ravn,et al.  From Safety Analysis to Software Requirements , 1998, IEEE Trans. Software Eng..

[15]  K. Goseva-Popstojanova,et al.  UML based severity analysis methodology , 2005, Annual Reliability and Maintainability Symposium, 2005. Proceedings..

[16]  N. Ozarin,et al.  A process for failure modes and effects analysis of computer software , 2003, Annual Reliability and Maintainability Symposium, 2003..

[17]  Robyn R. Lutz,et al.  Experience Report: Contributions of SFMEA to Requirements Analysis , 1996 .

[18]  Pankaj Vyas,et al.  Operation Level Safety Analysis for Object Oriented Software Design Using SFMEA , 2009, 2009 IEEE International Advance Computing Conference.

[19]  Claude Baron,et al.  UML Based FMECA in Risk Analysis , 2003 .

[20]  Konstantina Georgieva,et al.  Conducting FMEA over the software development process , 2010, SOEN.

[21]  Nancy G Leveson,et al.  Software safety: why, what, and how , 1986, CSUR.

[22]  Janusz Górski,et al.  Deriving real-time requirements for software from safety analysis , 1996, Proceedings of the Eighth Euromicro Workshop on Real-Time Systems.

[23]  Robyn R. Lutz,et al.  Requirements analysis using forward and backward search , 1997, Ann. Softw. Eng..

[24]  Nancy G. Leveson,et al.  Safety verification of Ada programs using software fault trees , 1991, IEEE Software.

[25]  Jan Torin,et al.  Hazard analysis in object oriented design of dependable systems , 2001, 2001 International Conference on Dependable Systems and Networks.

[26]  Wolfgang Weber,et al.  Enhancing software safety by fault trees: experiences from an application to flight critical software , 2005, Reliab. Eng. Syst. Saf..

[27]  Nancy G. Leveson,et al.  Safety analysis tools for requirements specifications , 1996, Proceedings of 11th Annual Conference on Computer Assurance. COMPASS '96.

[28]  Massood Towhidnejad,et al.  Fault tree analysis for software design , 2002, 27th Annual NASA Goddard/IEEE Software Engineering Workshop, 2002. Proceedings..

[29]  N. Ozarin Failure modes and effects analysis during design of computer software , 2004, Annual Symposium Reliability and Maintainability, 2004 - RAMS.

[30]  Tor Stålhane,et al.  Safety Methods in Software Process Improvement , 2005, EuroSPI.

[31]  Nancy G. Leveson,et al.  Specification and analysis of the requirements for embedded software with an external interaction model , 1990 .

[32]  Amnon Naamad,et al.  Statemate: a working environment for the development of complex reactive systems , 1988, ICSE '88.

[33]  Pankaj Vyas,et al.  Hazard analysis of Unified Modelling Language sequence and state charts using software fault tree analysis , 2013, Int. J. Crit. Comput. Based Syst..

[34]  Atul Gupta,et al.  Software failure analysis in requirement phase , 2012, ISEC.

[35]  Nancy G. Leveson,et al.  Completeness and Consistency in Hierarchical State-Based Requirements , 1996, IEEE Trans. Software Eng..

[36]  Ivar Jacobson,et al.  Unified Modeling Language User Guide, The (2nd Edition) (Addison-Wesley Object Technology Series) , 2005 .

[37]  Robyn R. Lutz,et al.  Safety analysis of requirements for a product family , 1998, Proceedings of IEEE International Symposium on Requirements Engineering: RE '98.

[38]  Alistair Cockburn,et al.  Writing Effective Use Cases , 2000 .

[39]  Janusz Górski,et al.  Failure Mode and Effect Analysis for Safety-Critical Systems with Software Components , 2000, SAFECOMP.

[40]  Xuegao An,et al.  Computer aided software FMEA for unified modeling language based software , 2004, Annual Symposium Reliability and Maintainability, 2004 - RAMS.

[41]  Atul Gupta,et al.  Analysis of Use Case Requirements Using SFTA and SFMEA Techniques , 2012, 2012 IEEE 17th International Conference on Engineering of Complex Computer Systems.

[42]  Claude Baron,et al.  UML based risk analysis - Application to a medical robot , 2004 .

[43]  Nancy G. Leveson,et al.  Requirements Specification for Process-Control Systems , 1994, IEEE Trans. Software Eng..

[44]  Nancy G. Leveson,et al.  Safety verification in MURPHY using fault tree analysis , 1988, Proceedings. [1989] 11th International Conference on Software Engineering.

[45]  Chris Price,et al.  An Automated Software FMEA , 2008 .

[46]  Christoph Lauer,et al.  Fault tree synthesis from UML models for reliability analysis at early design stages , 2011, SOEN.

[47]  P. R. Harvey,et al.  Software fault tree analysis , 1983, J. Syst. Softw..

[48]  J. J. Stadler,et al.  Software failure modes and effects analysis , 2013, 2013 Proceedings Annual Reliability and Maintainability Symposium (RAMS).

[49]  J. B. Bowles,et al.  Software failure modes and effects analysis for a small embedded control system , 2001, Annual Reliability and Maintainability Symposium. 2001 Proceedings. International Symposium on Product Quality and Integrity (Cat. No.01CH37179).

[50]  Doo-Hwan Bae,et al.  Bridging the Gap between Fault Trees and UML State Machine Diagrams for Safety Analysis , 2010, 2010 Asia Pacific Software Engineering Conference.

[51]  Wolfgang A. Halang,et al.  Component-based HazOp and fault tree analysis in developing embedded real-time systems with UML , 2005 .

[52]  P Haapanen,et al.  Failure mode and effects analysis of software-based automation systems , 2002 .

[53]  Neal Snooke,et al.  Model-driven automated software FMEA , 2011, 2011 Proceedings - Annual Reliability and Maintainability Symposium.

[54]  S. Lu,et al.  A component-based approach to specify hazards in the design of safety-critical systems , 2005, INDIN '05. 2005 3rd IEEE International Conference on Industrial Informatics, 2005..

[55]  Vasant Honavar,et al.  A Software Fault Tree Approach to Requirements Analysis of an Intrusion Detection System , 2002, Requirements Engineering.

[56]  Wei-Tek Tsai,et al.  A process for software requirements safety analysis , 1994, Proceedings of 1994 IEEE International Symposium on Software Reliability Engineering.

[57]  Thomas Noll,et al.  Characterization of Failure Effects on AADL Models , 2013, SAFECOMP.

[58]  M. A. Friedman Automated software fault-tree analysis of Pascal programs , 1993, Annual Reliability and Maintainability Symposium 1993 Proceedings.

[59]  Nancy G. Leveson,et al.  Analyzing Software Safety , 1983, IEEE Transactions on Software Engineering.

[60]  Ivar Jacobson,et al.  Object-Oriented Software Engineering , 1991, TOOLS.

[61]  Joanne Bechta Dugan,et al.  Automatic synthesis of dynamic fault trees from UML system models , 2002, 13th International Symposium on Software Reliability Engineering, 2002. Proceedings..

[62]  Zhang Hong,et al.  FMEA for UML-Based Software , 2009, 2009 WRI World Congress on Software Engineering.

[63]  Pankaj Vyas,et al.  Eliciting additional safety requirements from use cases using SFTA , 2012, 2012 1st International Conference on Recent Advances in Information Technology (RAIT).