Safety Critical Software - Out of Sight Out of Mind

by Dylan Llewellyn

I recently travelled for business to Vietnam. I flew from London to Ho Chi Minh City, then took a few internal flights to and from Hanoi and then finally flew back from Hanoi to London. I travelled 24,633km in 6 days and spent more than 30 hours in the air. I flew on 3 different aircraft types, from 2 manufacturers and with 3 different airlines. I travelled in relative comfort, on time and was able to breathe at over 30,000 feet in the air, above all, I didn’t freeze to death. I enjoyed my warm and varied food. I watched movies and hardly felt a bump the whole time.

 

Most passengers are blissfully unaware of the intricate, complex physics and computing that keep them aloft and deliver them to their destinations, ready for that vital meeting or to relax by the pool. They have played their small part in a beautiful aerial ballet and they hardly gave the process a second thought.

 

During 2018 more than 210 million international air passengers flew via the UK alone, either via originating flights or connecting flights. Take a look at the website ‘Flightradar24’, you can see the staggering number of aircraft in our skies at any one time.

 

Flight radar 24

 

Beyond the physics, the mechanical engineering and the hardware, all of which have massively evolved over the past few decades, the computing power available and the safety systems that now form an intrinsic part of every aircraft have taken huge leaps in complexity and reliability. Reliability that is backed up by proven processes within high integrity standards such as DO-178 C that ensure that every part of the aircraft you travel on has been designed and tested to the highest applicable levels of reliability, robustness and redundancy. A lot needed to happen to take me from London to Ho Chi Minh City!

 

Of course, it’s not just the aircraft themselves. Much of the global infrastructure in place today relies on similar safety and mission-critical systems. How did you get to the airport for instance? Perhaps by train? Signalling, braking, monitoring and maintenance (HUMS), train separation and even door operation, are all managed by software. This software will have been designed and tested according to the EN 50128 international standard before being allowed to be operational in a passenger carrying environment. 

 

Or perhaps the journey to the airport was in your car or a taxi? Drive-by-wire systems are now commonplace and there are no longer physical connections between the pedals and the braking systems. There was a time not that long ago when pressing on the brake pedal caused an actuation rod to pass through the bulkhead into a cylinder. This forced brake fluid into small pipes to activate the brake cylinders. Most of this mechanical activity stills happens, but now when you push the pedal a pressure-sensitive sensor is activated. It sends a code to a computer which calculates the pressure and duration of the pedal push and commands a braking activity.

 

Safety Critical Industries 2

Anti-Lock Braking Systems, Traction Control, Electronic Dampers, Harmonics Control, Night Vision, Lane Assist, and many more systems found in a modern car, all require far more computing power than was used on the entire Apollo space vehicle. All of the safety critical code in these systems will have been through rigorous testing in accordance with the ISO 26262 functional safety standard.

 

It’s amazing to think that an operator on Earth can precisely adjust the orbit of a spacecraft heading for Mars. Much closer to home is software that has been designed, qualified, tested and certified to standards such as IEC 62304 which specifies development processes for software in medical devices and is used in the production of everything from incubators to drug-delivery systems for pain management.

 

So how do we ensure that these safety critical embedded systems will reliably do only what we want, when we want? How to do we make sure that they operate within accepted parameters and behave reliably?

We test, test, and test again!

Dynamic testing of code is required to meet industry and legal requirements for developing safety critical software according to best practices. We test repeatedly using only the most reliable certified tools on the market, the tools that test the software that keeps you and I alive without us even being aware of their presence.

 

What do we mean by “Dynamic Testing”? When testing dynamically, code is executed to check the functional behaviour of the software system, its memory and CPU usage and overall performance of the system. The objective of this testing is to confirm that the software fulfils it's brief and meets functional safety requirements.

 

“Does it do what it should, when it should and nothing else?”

 

Digital systems are only as good as their design and production values. Successfully reducing the risks inherent in safety critical projects requires considerable expertise and experience. Thorough and high-quality testing of software helps to ensure that, as our reliance on these systems grows, our world becomes a safer place for humans.

 

Of course, the demands on software don’t end there. Business requirements for complexity, reliability and speed, coupled with pressures for an ever shorter “time to market” increase demand for software developers and exponentially increase the volume of testing needed. Testing requires millions of man-hours annually so automating testing processes wherever possible can be of huge benefit for both quality and profitability.

 

Automated test tools can far exceed manual testing to reduce overheads in achieving the required levels of Code Coverage, Unit Testing, Integration Testing and Systems Testing. Modern test tool feature sets such as Cantata AutoTest can even auto-generate a complete suite of unit tests from existing source code to dramatically reduce the test effort required. These automated techniques are applicable even at the highest safety integrity levels demanded by industry and expected by user groups.

 

The next time you drive to the airport, arrive safely, get on a plane, fly at great speed over vast distances and arrive relaxed and ready for a meeting. When a family member requires medical care or even when the lift at works gets to your floor and the door miraculously opens, remember that behind the scenes on every part of your journey, everything that kept you safe was controlled by software, tested to the highest standards by the best engineers in the world, using cutting edge tools and techniques.

 

The beautiful thing about important software is that the less it’s noticed, the more exceptional it is. Here at QA Systems we’re happy to contribute our safety-critical testing expertise to keeping people safe in the air, on the ground and one day in space, whether they know it, or not.


You might also be interested in:

An Introduction to Safety Critical Software

This free whitepaper provides an introduction to developing software for safety critical systems

Developing Secure Embedded Sofware

This paper explains why some commonly used approaches to security typically fail and outlines a development strategy for secure software.

Why Bother to Unit Test?

This Paper addresses a question often posed by developers who are new to the concept of thorough testing: Why bother to unit test?

RECENT POSTS