Software safety goal verification using fault tree techniques: a critically ill patient monitor example

Fault tree analysis techniques as applied to a patient monitoring system are discussed. This process provides mapping for test procedures to stated safety goals, a concise archive of the safety subset of the product test documentation, and hazard avoidance verification as indicated by a preliminary hazard analysis. The process as applied to one product is explained. The fault tree for this instrument produced a total of 42 test procedures for final system test use. The time for tree and test generation was six man-weeks. The tests required two man weeks to complete. These tests were instrumental in finding 16% of the total defects and 36% of the critical defects for this product.<<ETX>>

[1]  Nancy G. Leveson,et al.  Safety Analysis Using Petri Nets , 1987, IEEE Transactions on Software Engineering.

[2]  Nancy G. Leveson,et al.  Safety verification in MURPHY using fault tree analysis , 1988, Proceedings. [1989] 11th International Conference on Software Engineering.

[3]  Nancy G. Leveson,et al.  Safety Analysis of Ada Programs Using Fault Trees , 1983, IEEE Transactions on Reliability.

[4]  Nancy G Leveson,et al.  Software safety: why, what, and how , 1986, CSUR.

[5]  Donald Santel,et al.  The integration of a formal safety analysis into the future software engineering process: An example from the pacemaker industry , 1988, Proceedings of the Symposium on the Engineering of Computer-Based Medical.