Realistic safety cases for the timing of systems

Abstract

Timing is often seen as the most important property of systems after function, and safety-critical systems are no exception. In this paper, we consider how timing is typically treated in safety assurance and, in particular, the safety arguments being proposed by industry and academia. A critique of these arguments is performed based on how systems are generally developed and how evidence is gathered. Significant weaknesses are exposed resulting in a more appropriate safety argument being proposed. As part of this work techniques for identifying relationships, in the form of contracts, between parts of the argument and the strength of evidence are used. The work is demonstrated using a Computer-Assisted Braking example, specifically an Anti-Lock Braking System for a car, as it is a classic example of a component that may be used 'Out of Context', as discussed in a number of safety standards, and may also be reused across a number of systems as well as part of a product line. © 2013 The Author 2013. Published by Oxford University Press on behalf of The British Computer Society. All rights reserved.