Using Tiers of Assurance Evidence to Reduce the Tears! Adopting the “Wheel of Qualification” for an Alternative Software Safety Assurance Approach
Senior Principal Consultant - Software and Systems, DSTL
Senior Engineer - Systems, DSTL
A traditional method to gain confidence in software is to develop it using a life-cycle centred process, which is measured against a set of predefined objectives. A judgement on the level of compliance to these objectives is taken which allows a degree of confidence in the software to be stated. However, if only certain types of evidence are accepted to demonstrate compliance, e.g. process-based evidence, then the scope of the systems considered are reduced, or the system may be subject to operating limitations.
Any system must still be supported by evidence that demonstrates the safety requirements are met. The use of diverse evidence can achieve an equivalent level of compliance to a full process-based approach. Therefore diverse evidence can form part of a software safety assurance strategy. For a number of systems there will be additional confidence building activities conducted by Design Organisations (DOs), Coordinating DOs (CDOs), and Independent Technical Evaluators, for example. These activities go beyond the standard life-cycle review. Dstl have devised (and are currently implementing) an alternative approach which allows for wider, more diverse, activities to be used in assuring a system’s underpinning software and Complex Electronic Hardware (CEH). Diverse evidence can be challenging to measure when compared to traditional process-based approaches; however, Dstl has devised solutions to ameliorate such difficulties via methods such as a stakeholder communication model.