SAFEWARE: SYSTEM SAFETY AND COMPUTERS Nancy G. Leveson University of Washington
Publisher: Addison-Wesley ISBN: 0-201-11972-2 Price: $49.50 Contents: This book examines past accidents and what is currently known about building safe electromechanical systems to see what lessons can be applied to new computer-controlled systems. One lesson is that most accidents are not the result of unknown scientific principles but rather of a failure to apply well-known, standard engineering practices. A second lesson is that accidents will not be prevented by technological fixes alone, but will require control of all aspects of the development and operation of the system. The features of a methodology for building safety-critical systems are outlined.
PART 1: The Nature of Risk (126 pages)
Is there a problem? How safe is safe enough? The role of computers in accidents Software myths Why software engineering is hard Problems in ascribing causality A hierarchical model of causality Root causes of accidents Do humans cause most accidents? The need for and role of humans in automated systems
PART 2: Introduction to System Safety (50 pages)
Foundations of system safety (systems theory and systems engineering) Historical development Basic concepts (hazard analysis, design for safety, management), Software system safety Cost and effectiveness of system safety Other approaches to safety (industrial engineering, reliability engineering).
PART 3: Definitions and Models (75 pages)
Terminology Accident models Human task and error models
PART 4: Elements of a Safeware Program (290 pages)
Managing safety (the role of management, setting policy, communication channels, setting up a system safety organization, place in the organizational structure, documentation) The system and software safety process (general tasks, real examples) Hazard analysis (what it is, how to do it, types of models, types of analysis, current models and techniques, limitations, evaluations) Software hazard analysis and requirements analysis Designing for safety Design of the human--machine interface Verification of safety (testing, software fault tree analysis).
APPENDICES: (132 pages)
Detailed descriptions of well-researched accidents along with brief descriptions of industry-specific approaches to safety
Appendix AMedical Devices: The Therac-25 story
Appendix BAerospace: The civil aviation approach to safety, Apollo 13, DC-10, and Challenger
Appendix CThe Chemical Industry: The chemical process industry approach to safety, Seveso, Flixborough, and Bhopal
Appendix DNuclear Power: How a nuclear power plant works, The nuclear power approach to safety, Windscale, Three Mile Island, and Chernobyl References (20 pages)