CSC 379:Week 5, Group 5: Difference between revisions
| Line 3: | Line 3: | ||
==What are some shortcomings of traditional methods of accident reporting when applied to complex systems like software systems?== | ==What are some shortcomings of traditional methods of accident reporting when applied to complex systems like software systems?== | ||
* | *Event-chain models tend to stop once something to blame is found. "reports stopped after assigning blame—usually to the operators who interacted with the software—and never got to the root of why the accident occurred" | ||
"in dealing with software in safety-critical systems is the result of inappropriately attempting to extend the techniques that were successful in simpler, electromechanical | "in dealing with software in safety-critical systems is the result of inappropriately attempting to extend the techniques that were successful in simpler, electromechanical | ||
Revision as of 23:01, 2 August 2007
Software Safety: Accident Models - Systems Theory vs. Chain of Events
Skim through the following paper (focus on sections 1, 2.3, and 3, skip figures and tables) entitled "A Systems-Theoretic Approach to Safety in Software-Intensive Systems" by Nancy G. Leveson, a Professor of Aeronautics and Astronautics at MIT, then answer the following questions:
What are some shortcomings of traditional methods of accident reporting when applied to complex systems like software systems?
- Event-chain models tend to stop once something to blame is found. "reports stopped after assigning blame—usually to the operators who interacted with the software—and never got to the root of why the accident occurred"
"in dealing with software in safety-critical systems is the result of inappropriately attempting to extend the techniques that were successful in simpler, electromechanical systems and were based on models of accident causation that no longer apply"
"In the simpler systems of the past, where all the interactions between components could be predicted and handled, component failure was the primary cause of accidents. In today’s complex systems, made possible by the use of software, this is no longer the case."
How does the STAMP model improve accident prevention efforts? Explain some general concepts of the model.
"Systems theory allows more complex relationships between events to be considered"
"Accident models based on systems theory consider accidents as arising from the interactions among system components and usually do not specify single causal variables or factors"
The STAMP model provides more information in terms of how to prevent future accidents rather then trying to place blame.
Hazard analysis using STAMP rather then traditional methods can prevent accidents from happening in software based systems
What are some appropriate applications of the STAMP model (both current and past)? Explain.
What are some ethical concerns of assigning blame for accidents?
The majority of the content you need to form an informed response to the above questions is included in the paper. Bring in outside resources and topics discussed in class lectures as appropriate to support your response.