曝光台 注意防骗
网曝天猫店富美金盛家居专营店坑蒙拐骗欺诈消费者
· Interface deadlock prevents data transfer (e.g., Receiver ignores or cannot recognize
“ready to send”).
· User reads data from wrong address.
· Sender addresses data to wrong address.
In a language such as C, or C++ where data typing is not strict, sender may use different data types than
reviewer expects. (Where there is strong data typing, the compilers will catch this).
J.5.4 Design Constraint Analysis
Design constraint analysis evaluates restrictions imposed by requirements, the real world and environmental
limitations, as well as by the design solution. The design materials should describe all known or anticipated
restrictions on a software component. These restrictions may include those listed below. Design constraint
analysis evaluates the ability of the software to operate within these constraints.
· Update timing and sizing constraints
· Equations and algorithms limitations.
· Input and output data limitations (e.g., Range, resolution, accuracy).
· Design solution limitations.
FAA System Safety Handbook, Appendix J: Software Safety
December 30, 2000
J-15
· Sensor/actuator accuracy and calibration.
· Noise, EMI.
· Digital word-length (quantization/roundoff noise/errors).
· Actuator power / energy capability (motors, heaters, pumps, mechanisms, rockets,
valves, etc.)
· Capability of energy storage devices (e.g., Batteries, propellant supplies).
· Human factors, human capabilities and limitations.
· Physical time constraints and response times.
· Off nominal environments (fail safe response).
· Friction, inertia, backlash in mechanical systems.
· Validity of models and control laws versus actual system behavior.
· Accommodations for changes of system behavior over time: wear-in,
hardware wear-out, end of life performance versus beginning of life performance
degraded system behavior and performance.
J.5.5 Rate Monotonic Analysis
Rate Monotonic Analysis is a useful analysis technique for software. It ensures that time critical activities
will be properly verified.
J.5.6 Software Fault Tree Analysis (SFTA)
It is possible for a system to meet requirements for a correct state and to also be unsafe. It is unlikely that
developers will be able to identify, prior to the fielding of the system, all correct but unsafe states which
could occur within a complex system. In systems where the cost of failure is high, special techniques or
tools such as Fault Tree Analysis (FTA) need to be used to ensure safe operation. FTA can provide insight
into identifying unsafe states when developing safety critical systems. Fault trees have advantages over
standard verification procedures. Fault trees provide the focus needed to give priority to catastrophic events,
and they assist in determining environmental conditions under which a correct or incorrect state becomes
unsafe.
J.5.7 Petri-Nets
Petri-nets are a graphical technique that can be used to model and analyze safety-critical systems for such
properties as reachability, recoverability, deadlock, and fault tolerance. Petri-nets allow the identification of
the relationships between system components such as hardware and software, and human interaction or
effects on both hardware and software. Real-time Petri-net techniques can also allow analysts to build
dynamic models that incorporate timing information. In so doing, the sequencing and scheduling of system
actions can be monitored and checked for states that could lead to unsafe conditions.
The Petri-net modeling tool is different from most other analysis methods in that it clearly demonstrates the
dynamic progression of state transitions. Petri-nets can also be translated into mathematical logic
expressions that can be analyzed by automated tools. Information can be extracted and reformed into
analysis assisting graphs and tables that are relatively easy to understand (e.g., reachability graphs, inverse
Petri-net graphs, critical state graphs). Some of the potential advantages of Petri-nets over other safety
analysis techniques include the following:
FAA System Safety Handbook, Appendix J: Software Safety
December 30, 2000
J-16
· Petri-nets can be used to derive timing requirements in real-time systems.
· Petri-nets allow the user to describe the system using graphical notation, and thus they
free the analyst from the mathematical rigor required for complex systems.
· They can be applied through all phases of system development. Early use of Petri-nets
中国航空网 www.aero.cn
航空翻译 www.aviation.cn
本文链接地址:
System Safety Handbook系统安全手册下(135)
