| Both sides previous revisionPrevious revision | |
| en:safeav:softsys:summary [2026/06/17 13:41] – Rev1.0_ For Final book karlisberkolds | en:safeav:softsys:summary [2026/06/17 13:45] (current) – Rev 1.1 karlisberkolds |
|---|
| ====== Summary ====== | ====== Summary ====== |
| |
| This chapter now uses four major technical subchapters. The first establishes software foundations, domain context and standards. The second explains middleware and autonomy architecture. The third addresses lifecycle, configuration management and supply-chain control. The fourth provides a dedicated V&V treatment linked directly to the book's V-model. This organisation reduces fragmentation and makes the chapter easier to read as a coherent contribution to the book on safe autonomous systems. | Software safety is not demonstrated by final testing alone. It is built through traceable requirements, well-specified interfaces, controlled baselines, verified implementation artefacts, tested integration behaviour, validated operational scenarios and monitored deployment. Middleware deserves special attention because it shapes timing, data freshness, fault propagation, isolation and security. Configuration management is equally critical because the safety argument applies only to the exact software, data, tools and deployment configuration that were verified. |
| | |
| The main conclusion is that software safety is not demonstrated by final testing alone. It is built through traceable requirements, well-specified interfaces, controlled baselines, verified implementation artefacts, tested integration behaviour, validated operational scenarios and monitored deployment. Middleware deserves special attention because it shapes timing, data freshness, fault propagation, isolation and security. Configuration management is equally critical because the safety argument applies only to the exact software, data, tools and deployment configuration that were verified. | |
| |
| The key V&V challenges are systematic faults, distributed timing behaviour, middleware configuration risk, hardware-software interdependence, open-source and supplier dependencies, AI data and model uncertainty, continuous updates and incomplete scenario coverage. Effective V&V combines reviews, static analysis, unit testing, integration tests, timing analysis, fault injection, simulation, SIL/PIL/HIL, field validation, release audits and operational monitoring. Each method has limitations, so the assurance case must explain how the evidence collectively supports safe operation within the defined operational domain. | The key V&V challenges are systematic faults, distributed timing behaviour, middleware configuration risk, hardware-software interdependence, open-source and supplier dependencies, AI data and model uncertainty, continuous updates and incomplete scenario coverage. Effective V&V combines reviews, static analysis, unit testing, integration tests, timing analysis, fault injection, simulation, SIL/PIL/HIL, field validation, release audits and operational monitoring. Each method has limitations, so the assurance case must explain how the evidence collectively supports safe operation within the defined operational domain. |
