A strategy for improving safety related software engineering standards

There are many standards which are relevant for building safety- or mission-critical software systems. An effective standard is one that should help developers, assessors and users of such systems. For developers, the standard should help them build the system cost-effectively, and it should be clear what is required in order to conform to the standard. For assessors, it should be possible to objectively determine compliance to the standard. Users, and society at large, should have some assurance that a system developed to the standard has quantified risks and benefits. Unfortunately, the existing standards do not adequately fulfil any of these varied requirements. We explain why standards are the way they are, and then provide a strategy for improving them. Our approach is to evaluate standards on a number of key criteria that enable us to interpret the standard, identify its scope and check the ease with which it can be applied and checked. We also need to demonstrate that the use of a standard is likely either to deliver reliable and safe systems at an acceptable cost or to help predict reliability and safety accurately. Throughout the paper, we examine, by way of example, a specific standard for safety-critical systems (namely IEC 1508) and show how it can be improved by applying our strategy.