The Certification of Safety-Critical Software-Intensive Systems

The Certification of Safety-Critical Software-Intensive Systems project (the Project) ran from March 2008 to September 2016, focussing on the development of principles and techniques for effective certification of safety-critical software-intensive systems. Led by McMaster University’s Tom Maibaum, Canada Research Chair in the Foundations of Software Engineering, the $20M Project received support from the Ontario Ministry of Research and Innovation, eleven Ontario-based private sector partners (AMD, Biosign Technologies, Candu Energy, Fiat Chrysler Automobiles, IBM Canada, Legacy Systems International, Ontario Power Generation, Pratt and Whitney Canada, QNX Software Systems, SunPort and SystemWare Innovation Corporation) and three academic partners (McMaster University, the University of Waterloo and York University).

Need - Software controls medical devices, automobiles, aircraft, manufacturing plants, nuclear generating stations, space exploration systems, elevators, electric motors, trains, banking transactions, telecommunications devices and a growing number of devices in industry and in our homes. It is crucial that such software-intensive mission-critical systems meet minimum safety, privacy, security and reliability standards, especially as these systems are becoming more interdependent and complex. This Project met industry’s urgent need for the creation of consistent, clear and effective guidelines as to what may be regarded as acceptable standards in these situations, providing rigorous methods and supporting software tools to develop and certify software that is safe, secure and dependable.

Project Achievements and Impact - The Project’s impact surpassed expectations, profoundly influencing the field of software certification. Highlights include:

Scientific Advances
The Project’s researchers generated groundbreaking knowledge and techniques for effective certification of safety-critical software-intensive systems, including for example:
• effective impact analysis of changes made to very large legacy systems
• a product-focused approach to certification
• verification of function blocks defined in standards for components used in the nuclear power industry
• development of rigorous and standardized representations for assurance cases
• the development of medical device design from first principles so that it comes with a guarantee of safety
• methods and tools for decreasing complexity and improving understandability of automotive software

Technology Transfer to Industry The Project’s researchers worked closely with the private sector partners’ technical teams to provide solutions to their complex, real-world software certifications needs. The standards, methods and tools developed have already been implemented in the automotive, medical device, nuclear and aerospace industries. For example, techniques and tools developed during the project:
• are in use in production at Fiat Chrysler Automobiles
• are being used by industry partner SWI in the refurbishment of the Shutdown Systems at the Darlington Nuclear Power Plant in Ontario
• are being used by Candu Energy and SunPort/Radiy to improve reactor refurbishment work as well as next generation nuclear reactor design
• have influenced FDA guidance on medical device certification
• form the basis of the services provided by ACERTA, a spin-out company created with seed funding from industry partner QNX
• constitute a change impact analysis methodology that may be used to analyze the impact of patches issued for large-scale financial system for businesses, such as Oracle’s E-Business Suite (and similar systems)

Additionally, Project team members co-founded and continue to provide leadership for the Software Certification Consortium, an international forum for research on certification of software-intensive systems which brings together top researchers and practitioners from regulatory agencies, industry and academia.

Regulatory Influence - The Project’s researchers collaborated closely with regulators at a very high level within the US Food and Drug Administration, the US Nuclear Regulatory Commission and the US National Institute of Standards and Technology on the way they approach the problem of regulation and certification of software.

Training of Highly Qualified Personnel - Over the project term, over 100 undergraduate students, graduate students, post-doctoral fellows and research engineers received industrial experience and substantively enhanced their knowledge of software engineering for safety-critical systems, hazard analysis, model-based software development and certification.