Go to DBLP homepageApproaching certification of complex systems
Abstract: Safety being a system property and not an element property means that novel systems need to be treated as ”oneof”. Only after we gained adequate experience in context of a few (probably dozen) such complex system will common ”baseline” argument emerge. Trying to build ”out-of-context” elements certainly is either not feasible at all or would, if feasible, not simplify anything, since all possible states would need to be considered. In the case of, for example, the Linux kernel, the sheer amount of such states would completely overstrain such an approach. Applying route 3S assessment of non-compliant development while managing the extensive tailoring of measures, techniques and processes, seems to us to be the most promising path towards for safe complex systems.
Loading