A formal application of safety and risk assessment in software systems

Abstract

The current state of the art techniques of Software Engineering lack a formal method and metric for measuring the safety index of a software system. The lack of such a methodology has resulted in a series of highly publicized and costly catastrophic failures of high-assurance software systems. This dissertation introduces a formal method for identifying and evaluating the weaknesses in a software system using a more precise metric, counter to traditional methods of development that have proven unreliable. This metric utilizes both a qualitative and quantitative approach employing principles of statistics and probability to determine the level of safety, likelihood of hazardous events, and the economic cost-benefit of correcting flaws through the lifecycle of a software system. This dissertation establishes benefits in the fields of Software Engineering of high-assurance systems, improvements in Software Safety and Software Reliability, and an expansion within the discipline of Software Economics and Management.