Hazard and Operability (HAZOP) Analysis of Safety-Related Scientific Software

Hazard and operability (HAZOP) analysis technique is used to identify and analyze hazards and operational concerns of a system. It provides a structured framework that can be used to perform a step-by-step safety analysis of a system. This paper details how to apply this method to safety-related scientific software. In this paper, we have developed (1) a nomenclature that singles out 30 primary concepts (2) a canonic set of abstractions of software programming constructs as a function of the primary concepts; (3) a process of translation from an existing design representation to the target design representation in the form of finite state machines; (4) HAZOP templates for each canonical form; and (5) an input variable prioritization method. We also developed a computational tool that can be used to perform HAZOP analysis of scientific software. Its results are compared with those obtained during manual HAZOP analysis by calculating the value of Shannon entropy, correctness, and the time required to perform each analysis. Overall, this method helps identify useful information about the impact of variables in the code that can then be utilized to develop robust code for making safety-critical decisions.

[1]  Daniel Hook,et al.  Using Code Mutation to Study Code Faults in Scientific Software , 2009 .

[2]  Janusz W. Laski,et al.  Dynamic Program Slicing , 1988, Inf. Process. Lett..

[3]  Patrick Cousot,et al.  A static analyzer for large safety-critical software , 2003, PLDI.

[4]  Bev Littlewood,et al.  Software reliability and dependability: a roadmap , 2000, ICSE '00.

[5]  Trevor Kletz Hazop—past and future , 1997 .

[6]  N.G.L. Jones A schematic design for a HAZOP study on a liquid hydrogen filling station , 1984 .

[7]  Joel Spolsky,et al.  User Interface Design for Programmers , 2001, Apress.

[8]  Robert Dewar,et al.  Exposing Uninitialized Variables: Strengthening and Extending Run-Time Checks in Ada , 2002, Ada-Europe.

[9]  Hitoshi Kume,et al.  A Case History Analysis of Software Error Cause-Effect Relationships , 1991, IEEE Trans. Software Eng..

[10]  Martin L. Shooman,et al.  Software Engineering: Design, Reliability, and Management , 1983 .

[11]  C. H. Lie,et al.  Fault Tree Analysis, Methods, and Applications ߝ A Review , 1985, IEEE Transactions on Reliability.

[12]  Somesh Jha,et al.  Buffer overrun detection using linear programming and static analysis , 2003, CCS '03.

[13]  Clifton A. Ericson,et al.  Hazard Analysis Techniques for System Safety: Ericson/Hazard Analysis Techniques for System Safety , 2005 .

[14]  Martin L. Shooman,et al.  The teaching of software engineering , 1983, SIGCSE '83.

[15]  William R. Bush,et al.  A static analyzer for finding dynamic programming errors , 2000 .

[16]  Venkat Venkatasubramanian,et al.  Industrial applications of intelligent systems for operating procedure synthesis and hazards analysis for batch process plants , 2000 .

[17]  Yuan Wei,et al.  A study of software input failure propagation mechanisms , 2006 .

[18]  Ron Patton,et al.  Software Testing , 2000 .

[19]  J. D. Lawrence,et al.  A proposal for performing software safety hazard analysis , 1997 .

[20]  Sarah J. Dunnett,et al.  Event-tree analysis using binary decision diagrams , 2000, IEEE Trans. Reliab..

[21]  Clifton A. Ericson,et al.  Fault Tree Analysis , 2005 .

[22]  Brian A. Wichmann,et al.  Industrial perspective on static analysis , 1995, Softw. Eng. J..

[23]  Tao Zhang,et al.  Memory Protection through Dynamic Access Control , 2006, 2006 39th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO'06).

[24]  Daniel C. DuVarney,et al.  Efficient Techniques for Comprehensive Protection from Memory Error Exploits , 2005, USENIX Security Symposium.

[25]  M. Elisabeth Paté-Cornell,et al.  Fault Trees vs. Event Trees in Reliability Analysis , 1984 .