Fault Injection For Quantitative Safety Validation Of Software Based Reactive Systems
Free (open access)
Fault injection for quantitative safety validation of software based reactive systems T. Lovric TUVInterTraffic GmbH, ISEB Institute for Software Electronics, Railway TUVRhe inland/ Berlin - Brandenburg, Germany Abstract For conventional safety architectures that mainly rely on structural redundancy much experience and a common understanding on the safety validation strategy is well established. Instead for single-channel hardware solutions without complete structural hardware redundancy (so called reactive fail-safety) such a common understanding is missing. Therefore, they have often been principally banned for use with highest safety responsibility (refer e.g. to IEC , Part 2, chapter 7.4.3). However, recent standards for railway industry explicitly recommend such architectures for use in railway signaling systems - also for highest safety responsibility. But a demonstration of compliance with the given quantitative safety targets is required (refer to CENELC ).