Incorporating software failure in risk analysis – Part 1: Software functional failure mode classification
Published on May 1, 2020in Reliability Engineering & System Safety4.039
· DOI :10.1016/J.RESS.2020.106803
Abstract Advanced technological systems consist of a combination of hardware and software, and they are often operated or supervised by a human operator. Failures in software-intensive systems may be difficult to identify, analyze, and mitigate, owing to system complexity, system interactions, and cascading effects. Risk analysis of such systems is necessary to ensure safe operation. The traditional approach to risk analysis focuses on hardware failures and, to some extent, on human and organizational factors. Software failures are often overlooked, or it is assumed that the system's software does not fail. Research and industry efforts are directed toward software reliability and safety. However, the effect of software failures on the level of risk of advanced technological systems has so far received little attention. Most analytical methods focus on selected software failures and tend to be inconsistent with respect to the level of analysis. There is a need for risk analysis methods that are able to sufficiently take hardware, software, and human and organizational risk factors into account. Hence, this article presents a foundation that enables software failure to be included in the general framework of risk analysis. This article is the first of two articles addressing the challenges of analyzing software failures and including their potential risk contribution to a system or operation. Hence, the focus is on risks resulting from software failures, and not on software reliability, because risk and reliability are two different aspects of a system. Using a functional perspective on software, this article distinguishes between failure mode, failure cause, and failure effects. Accordingly, 29 failure modes are identified to form a taxonomy and are demonstrated in a case study. The taxonomy assists in identifying software failure modes, which provide input to the risk analysis of software-intensive systems, presented in a subsequent article (Part 2 of 2)  .