Programs fail mainly for two reasons: logic errors in the code, and exception failures. Exception failures can account for up to 2/3 of system crashes [6], hence are worthy of serious attention. Traditional approaches to reducing exception failures, such as code reviews, walkthroughs and formal testing, while very useful, are limited in their ability to address a core problem: the programmer's inadequate coverage of exceptional conditions. The problem of coverage might be rooted in cognitive factors that impede the mental generation (or recollection) of exception cases that would pertain in a particular situation, resulting in insufficient software robustness. This paper describes a study to test the hypothesis that robustness for exception failures can be improved through the use of dependability cases. Dependability cases, derived from safety cases, comprise a methodology based on structured taxonomies and memory aids for helping software designers think about and improve exception-h...

Abstract. This paper introduces a new method for safety analysis called HiP-HOPS (Hierarchically Performed Hazard Origin and Propagation Studies). HiP-HOPS originates from a number of classical techniques such as Functional Failure Analysis, Failure Mode and Effects Analysis and Fault Tree Analysis. However, it extends, automates and integrates these techniques in order to address some of the problems currently encountered in complex safety assessments. The method enables integrated assessment of a complex system from the functional level through to the low level of component failure modes. It mechanises and simplifies a large part of the analysis, the development of fault trees, and can guarantee the consistency of results. HiP-HOPS is currently supported by a tool called the Safety Argument Manager (SAM). In this paper we introduce the method and we show how it has helped us analyse and improve the safety of a distributed brake-by-wire system for cars.

This report proposes the use of a safety technique known as HAZOP (Hazard and Operability Studies) to rigorously generate mutation operators for Java. A set of Java mutation operators is proposed by applying HAZOP to the Java syntax definition and is compared to the operator sets of current mutation systems. Hypothesised flaws, which are also obtained by HAZOP application to Java language constructs, are listed and compared to existing fault taxonomies.

Currently, the safety studies of the system (which are also collectively known as the safety case) cease or reduce in their utility after system certification, and with that, a vast amount of knowledge about the failure (or safe) behaviour of the system is usually rendered useless. In this thesis, we argue that this knowledge could be usefully exploited in the context of an appropriate on-line safety monitoring scheme. As a practical application of our approach, we propose a safety monitor that operates on safety cases to support the on-line detection and control of hazardous failures in safety critical systems. Firstly,

When we apply safety analysis techniques on a new design, our primary objective is to malfunctions. The ultimate aim is to identify weak areas of the design and stimulate design iterations that improve the safety of the system under examination. Unfortunately, the current industrial pratrise shows that this aim is seriously hindered by the lack of appropriate techniques for the analysis of complex hierarchical designs.

Human reliability analysis in healthcare:

The economic relevance of IT risks is increasing due to various operational, technical as well as regulatory reasons. Increasing flexibility of business processes and increasing dependability on IT require continuous risk assessment, challenging current methods for risk management. Extending IT risk management by a business process-oriented view is a promising approach for taking the occurring dynamics and interlinks into consideration. In this contribution, a systematic modeling of relations between causes (threats) and effects (direct and indirect loss) is pursued, bringing together the economic, process-oriented view with the technical, threat-oriented view of IT risks. It is discussed how the integration of cause and effect relations into the risk management process can improve the data basis for continuous risk assessment. Keywords: Current market trends urge many companies to flexibly design their business processes in order to react to customers ’ changing demands. Some authors certainly regard the flexibility of business processes as an important instrument for companies to be able to differentiate themselves from their