SlideShare uma empresa Scribd logo

2010-03-31 - VU Amsterdam - Experiences testing safety critical systems

Jaap van Ekris
Jaap van Ekris

1) Testing safety critical systems is challenging because software often contains errors and failures can have catastrophic consequences, so systems must be designed and tested to extremely high standards of reliability. 2) The document discusses standards like IEC 61508 that provide requirements for safety integrity levels and risk management in developing safety critical systems. 3) Rigorous verification techniques are needed including reviews, static analysis, unit testing with high code coverage, integration testing of components, system testing of full environments, and acceptance testing of real systems.

Tecnologia
1 de 59
Testing Safety Critical Systems Theory and Experiences ,[object Object],[object Object]
Jaap van Ekris
Some people live on the edge… ,[object Object],[object Object]
Actually, we all do…
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
THE CHALLENGE ,[object Object]
Software is dangerous... ,[object Object],[object Object],[object Object],[object Object]
We even accept loss... ,[object Object],[object Object],[object Object],[object Object]
The value of testing ,[object Object],[object Object]
PROCESS AND ORGANIZATION ,[object Object]
IEC 61508: Safety Integrity Level and acceptable risk
IEC61508: Risk distribution
IEC 61508: A process for safety critical functions
SYSTEM DESIGN ,[object Object]
A short introduction into storm surge barriers…
Design Principles ,[object Object],[object Object],[object Object],[object Object],[object Object]
A simple design of a storm surge barrier Relais (€10,00/piece) Waterdetector (€17,50) Design documentation (Sponsored by Heineken)
Risk analysis Relais failure Chance : small Cause : aging Effect : catastophic Waterdetector fails Change : Huge Oorzaken : Rust, driftwood, seaguls (eating, shitting) Effect : Catastophic Measurement errors Chance : Collossal Causes : Waves, wind Effect : False Positive Broken cable Chance : Medium Cause : digging, seaguls Effect : Catastophic
System Architecture
Risk analysis
Typical risks identified ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Risk ≠ system crash ,[object Object],[object Object],[object Object],[object Object],[object Object]
Nihilating risk isn’t the goal… ,[object Object],[object Object],[object Object],[object Object],[object Object]
Risk reality does change over time...
9/11... ,[object Object],[object Object],[object Object],[object Object]
Stuur X : Component architecture design
Stuur x ::Functionality, initial global design Init Start_D “ Start” signal to Diesels Wacht Waterlevel < 3 meter Waterlevel> 3 meter W_O_D “ Diesels ready” Sluit_? “ Close Barrier” Waterlevel
Stuur x ::Functionality, final global design
Stuur x ::Functionality, Wait_For_Diesels, detailed design
VERIFICATION ,[object Object]
The end is nigh...
Challenge: time and resource limitations ,[object Object],[object Object],[object Object]
Goals of testing safety critical systems ,[object Object],[object Object]
An example of safety critical components
IEC 61508 SIL4: Required verification activities
Design Validation and Verification ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Programming (in C/C++) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Unit tests ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Representative testing is difficult
Integration testing ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Redundancy is a nasty beast ,[object Object],[object Object]
System testing ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Acceptance testing ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
GUI Acceptance testing ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Avalanche testing ,[object Object],[object Object],[object Object],[object Object]
Crash and recovery procedure testing ,[object Object],[object Object],[object Object],[object Object]
Testing safety critical functions is dangerous...
A risk analysis to testing ,[object Object],[object Object],[object Object]
Root-cause analysis ,[object Object],[object Object],[object Object],[object Object]
Failed gates of a potential deadlock
TRENDS ,[object Object]
Model Driven Design
A real-life example
A root-cause analysis of this flaw
REALITY ,[object Object]
Testing in reality
It requires a specific breed of people ,[object Object]
Conclusions ,[object Object],[object Object],[object Object]
Safeguarding life, property and the environment www.dnv.com

Recomendados

2017 03-10 - vu amsterdam - testing safety critical systems
2017 03-10 - vu amsterdam - testing safety critical systems2017 03-10 - vu amsterdam - testing safety critical systems
2017 03-10 - vu amsterdam - testing safety critical systems
Jaap van Ekris
 
2016-04-28 - VU Amsterdam - testing safety critical systems
2016-04-28 - VU Amsterdam - testing safety critical systems2016-04-28 - VU Amsterdam - testing safety critical systems
2016-04-28 - VU Amsterdam - testing safety critical systems
Jaap van Ekris
 
2015 05-07 - vu amsterdam - testing safety critical systems
2015 05-07 - vu amsterdam - testing safety critical systems2015 05-07 - vu amsterdam - testing safety critical systems
2015 05-07 - vu amsterdam - testing safety critical systems
Jaap van Ekris
 
Testing Safety Critical Systems (10-02-2014, VU amsterdam)
Testing Safety Critical Systems (10-02-2014, VU amsterdam)Testing Safety Critical Systems (10-02-2014, VU amsterdam)
Testing Safety Critical Systems (10-02-2014, VU amsterdam)
Jaap van Ekris
 
VLSI testing and analysis
VLSI testing and analysisVLSI testing and analysis
VLSI testing and analysis
Surekha PuriGosavi
 
ISTQB, ISEB Lecture Notes
ISTQB, ISEB Lecture NotesISTQB, ISEB Lecture Notes
ISTQB, ISEB Lecture Notes
onsoftwaretest
 
LAYER OF PROTECTION ANALYSIS
LAYER OF PROTECTION ANALYSISLAYER OF PROTECTION ANALYSIS
LAYER OF PROTECTION ANALYSIS
Thapa Prakash (TA-1)
 
A Computer Vision Application for In Vitro Diagnostics Devices
A Computer Vision Application for In Vitro Diagnostics DevicesA Computer Vision Application for In Vitro Diagnostics Devices
A Computer Vision Application for In Vitro Diagnostics Devices
AdaCore
 

Recomendados

2017 03-10 - vu amsterdam - testing safety critical systems
2017 03-10 - vu amsterdam - testing safety critical systems2017 03-10 - vu amsterdam - testing safety critical systems
2017 03-10 - vu amsterdam - testing safety critical systems
Jaap van Ekris
 
2016-04-28 - VU Amsterdam - testing safety critical systems
2016-04-28 - VU Amsterdam - testing safety critical systems2016-04-28 - VU Amsterdam - testing safety critical systems
2016-04-28 - VU Amsterdam - testing safety critical systems
Jaap van Ekris
 
2015 05-07 - vu amsterdam - testing safety critical systems
2015 05-07 - vu amsterdam - testing safety critical systems2015 05-07 - vu amsterdam - testing safety critical systems
2015 05-07 - vu amsterdam - testing safety critical systems
Jaap van Ekris
 
Testing Safety Critical Systems (10-02-2014, VU amsterdam)
Testing Safety Critical Systems (10-02-2014, VU amsterdam)Testing Safety Critical Systems (10-02-2014, VU amsterdam)
Testing Safety Critical Systems (10-02-2014, VU amsterdam)
Jaap van Ekris
 
VLSI testing and analysis
VLSI testing and analysisVLSI testing and analysis
VLSI testing and analysis
Surekha PuriGosavi
 
ISTQB, ISEB Lecture Notes
ISTQB, ISEB Lecture NotesISTQB, ISEB Lecture Notes
ISTQB, ISEB Lecture Notes
onsoftwaretest
 
LAYER OF PROTECTION ANALYSIS
LAYER OF PROTECTION ANALYSISLAYER OF PROTECTION ANALYSIS
LAYER OF PROTECTION ANALYSIS
Thapa Prakash (TA-1)
 
A Computer Vision Application for In Vitro Diagnostics Devices
A Computer Vision Application for In Vitro Diagnostics DevicesA Computer Vision Application for In Vitro Diagnostics Devices
A Computer Vision Application for In Vitro Diagnostics Devices
AdaCore
 
Abraham q3 2008
Abraham q3 2008Abraham q3 2008
Abraham q3 2008
Obsidian Software
 
SoftwareAssemblyLineOverview
SoftwareAssemblyLineOverviewSoftwareAssemblyLineOverview
SoftwareAssemblyLineOverview
Gary Howard
 
SpecTRM
SpecTRMSpecTRM
SpecTRM
CS, NcState
 
Risk management and business protection with Coding Standardization & Static ...
Risk management and business protection with Coding Standardization & Static ...Risk management and business protection with Coding Standardization & Static ...
Risk management and business protection with Coding Standardization & Static ...
Itris Automation Square
 
LOPA | Layer Of Protection Analysis | Gaurav Singh Rajput
LOPA | Layer Of Protection Analysis | Gaurav Singh RajputLOPA | Layer Of Protection Analysis | Gaurav Singh Rajput
LOPA | Layer Of Protection Analysis | Gaurav Singh Rajput
Gaurav Singh Rajput
 
Layer of protection analysis
Layer of protection analysisLayer of protection analysis
Layer of protection analysis
Sandip Sonawane
 
Verification and Validation of Robotic Assistants
Verification and Validation of Robotic AssistantsVerification and Validation of Robotic Assistants
Verification and Validation of Robotic Assistants
AdaCore
 
HSSEQ-RECM Presentation.
HSSEQ-RECM Presentation.HSSEQ-RECM Presentation.
HSSEQ-RECM Presentation.
Marco Parodi
 
Sis training course_1
Sis training course_1Sis training course_1
Sis training course_1
Gino Pascualli
 
Hazard Assessment Methodology of Liquid Hydrocarbon Tank | Risk Assessment of...
Hazard Assessment Methodology of Liquid Hydrocarbon Tank | Risk Assessment of...Hazard Assessment Methodology of Liquid Hydrocarbon Tank | Risk Assessment of...
Hazard Assessment Methodology of Liquid Hydrocarbon Tank | Risk Assessment of...
Gaurav Singh Rajput
 
SFSCon19 - Kristian Schwienbacher - Custom error and event tracking for Ember...
SFSCon19 - Kristian Schwienbacher - Custom error and event tracking for Ember...SFSCon19 - Kristian Schwienbacher - Custom error and event tracking for Ember...
SFSCon19 - Kristian Schwienbacher - Custom error and event tracking for Ember...
South Tyrol Free Software Conference
 
Safety Lifecycle Management - Emerson Exchange 2010 - Meet the Experts
Safety Lifecycle Management - Emerson Exchange 2010 - Meet the Experts Safety Lifecycle Management - Emerson Exchange 2010 - Meet the Experts
Safety Lifecycle Management - Emerson Exchange 2010 - Meet the Experts
Mike Boudreaux
 
Software Testing- Principles of testing- Mazenet Solution
Software Testing- Principles of testing- Mazenet SolutionSoftware Testing- Principles of testing- Mazenet Solution
Software Testing- Principles of testing- Mazenet Solution
Mazenetsolution
 
Embedded Testing 2015
Embedded Testing 2015Embedded Testing 2015
Embedded Testing 2015
Vassilis Rizopoulos
 
Automatic Load Test Verification Using Control Charts
Automatic Load Test Verification Using Control ChartsAutomatic Load Test Verification Using Control Charts
Automatic Load Test Verification Using Control Charts
SAIL_QU
 
Empircal Studies of Performance Bugs & Performance Analysis Approaches for La...
Empircal Studies of Performance Bugs & Performance Analysis Approaches for La...Empircal Studies of Performance Bugs & Performance Analysis Approaches for La...
Empircal Studies of Performance Bugs & Performance Analysis Approaches for La...
SAIL_QU
 
1 why to_test
1 why to_test1 why to_test
1 why to_test
Usha Mehta
 
Software Testing_Overview
Software Testing_OverviewSoftware Testing_Overview
Software Testing_Overview
Subramanya Mudukutore
 
Empirically Detecting False Test Alarms Using Association Rules @ ICSE 2015
Empirically Detecting False Test Alarms Using Association Rules @ ICSE 2015Empirically Detecting False Test Alarms Using Association Rules @ ICSE 2015
Empirically Detecting False Test Alarms Using Association Rules @ ICSE 2015
Kim Herzig
 
Fuzzing101 uvm-reporting-and-mitigation-2011-02-10
Fuzzing101 uvm-reporting-and-mitigation-2011-02-10Fuzzing101 uvm-reporting-and-mitigation-2011-02-10
Fuzzing101 uvm-reporting-and-mitigation-2011-02-10
Codenomicon
 
2011-05-02 - VU Amsterdam - Testing safety critical systems
2011-05-02 - VU Amsterdam - Testing safety critical systems2011-05-02 - VU Amsterdam - Testing safety critical systems
2011-05-02 - VU Amsterdam - Testing safety critical systems
Jaap van Ekris
 
Testing safety critical systems: Practice and Theory (14-05-2013, VU Amsterdam)
Testing safety critical systems: Practice and Theory (14-05-2013, VU Amsterdam)Testing safety critical systems: Practice and Theory (14-05-2013, VU Amsterdam)
Testing safety critical systems: Practice and Theory (14-05-2013, VU Amsterdam)
Jaap van Ekris
 

Mais conteúdo relacionado

Mais procurados

SoftwareAssemblyLineOverview
SoftwareAssemblyLineOverviewSoftwareAssemblyLineOverview
SoftwareAssemblyLineOverview
Gary Howard
 
Layer of protection analysis
Layer of protection analysisLayer of protection analysis
Layer of protection analysis
Sandip Sonawane
 
Safety Lifecycle Management - Emerson Exchange 2010 - Meet the Experts
Safety Lifecycle Management - Emerson Exchange 2010 - Meet the Experts Safety Lifecycle Management - Emerson Exchange 2010 - Meet the Experts
Safety Lifecycle Management - Emerson Exchange 2010 - Meet the Experts
Mike Boudreaux
 
Embedded Testing 2015
Embedded Testing 2015Embedded Testing 2015
Embedded Testing 2015
Vassilis Rizopoulos
 
Empircal Studies of Performance Bugs & Performance Analysis Approaches for La...
Empircal Studies of Performance Bugs & Performance Analysis Approaches for La...Empircal Studies of Performance Bugs & Performance Analysis Approaches for La...
Empircal Studies of Performance Bugs & Performance Analysis Approaches for La...
SAIL_QU
 
Empirically Detecting False Test Alarms Using Association Rules @ ICSE 2015
Empirically Detecting False Test Alarms Using Association Rules @ ICSE 2015Empirically Detecting False Test Alarms Using Association Rules @ ICSE 2015
Empirically Detecting False Test Alarms Using Association Rules @ ICSE 2015
Kim Herzig
 

Mais procurados (20)

Abraham q3 2008
Abraham q3 2008Abraham q3 2008
Abraham q3 2008
 
SoftwareAssemblyLineOverview
SoftwareAssemblyLineOverviewSoftwareAssemblyLineOverview
SoftwareAssemblyLineOverview
 
SpecTRM
SpecTRMSpecTRM
SpecTRM
 
Risk management and business protection with Coding Standardization & Static ...
Risk management and business protection with Coding Standardization & Static ...Risk management and business protection with Coding Standardization & Static ...
Risk management and business protection with Coding Standardization & Static ...
 
LOPA | Layer Of Protection Analysis | Gaurav Singh Rajput
LOPA | Layer Of Protection Analysis | Gaurav Singh RajputLOPA | Layer Of Protection Analysis | Gaurav Singh Rajput
LOPA | Layer Of Protection Analysis | Gaurav Singh Rajput
 
Layer of protection analysis
Layer of protection analysisLayer of protection analysis
Layer of protection analysis
 
Verification and Validation of Robotic Assistants
Verification and Validation of Robotic AssistantsVerification and Validation of Robotic Assistants
Verification and Validation of Robotic Assistants
 
HSSEQ-RECM Presentation.
HSSEQ-RECM Presentation.HSSEQ-RECM Presentation.
HSSEQ-RECM Presentation.
 
Sis training course_1
Sis training course_1Sis training course_1
Sis training course_1
 
Hazard Assessment Methodology of Liquid Hydrocarbon Tank | Risk Assessment of...
Hazard Assessment Methodology of Liquid Hydrocarbon Tank | Risk Assessment of...Hazard Assessment Methodology of Liquid Hydrocarbon Tank | Risk Assessment of...
Hazard Assessment Methodology of Liquid Hydrocarbon Tank | Risk Assessment of...
 
SFSCon19 - Kristian Schwienbacher - Custom error and event tracking for Ember...
SFSCon19 - Kristian Schwienbacher - Custom error and event tracking for Ember...SFSCon19 - Kristian Schwienbacher - Custom error and event tracking for Ember...
SFSCon19 - Kristian Schwienbacher - Custom error and event tracking for Ember...
 
Safety Lifecycle Management - Emerson Exchange 2010 - Meet the Experts
Safety Lifecycle Management - Emerson Exchange 2010 - Meet the Experts Safety Lifecycle Management - Emerson Exchange 2010 - Meet the Experts
Safety Lifecycle Management - Emerson Exchange 2010 - Meet the Experts
 
Software Testing- Principles of testing- Mazenet Solution
Software Testing- Principles of testing- Mazenet SolutionSoftware Testing- Principles of testing- Mazenet Solution
Software Testing- Principles of testing- Mazenet Solution
 
Embedded Testing 2015
Embedded Testing 2015Embedded Testing 2015
Embedded Testing 2015
 
Automatic Load Test Verification Using Control Charts
Automatic Load Test Verification Using Control ChartsAutomatic Load Test Verification Using Control Charts
Automatic Load Test Verification Using Control Charts
 
Empircal Studies of Performance Bugs & Performance Analysis Approaches for La...
Empircal Studies of Performance Bugs & Performance Analysis Approaches for La...Empircal Studies of Performance Bugs & Performance Analysis Approaches for La...
Empircal Studies of Performance Bugs & Performance Analysis Approaches for La...
 
1 why to_test
1 why to_test1 why to_test
1 why to_test
 
Software Testing_Overview
Software Testing_OverviewSoftware Testing_Overview
Software Testing_Overview
 
Empirically Detecting False Test Alarms Using Association Rules @ ICSE 2015
Empirically Detecting False Test Alarms Using Association Rules @ ICSE 2015Empirically Detecting False Test Alarms Using Association Rules @ ICSE 2015
Empirically Detecting False Test Alarms Using Association Rules @ ICSE 2015
 
Fuzzing101 uvm-reporting-and-mitigation-2011-02-10
Fuzzing101 uvm-reporting-and-mitigation-2011-02-10Fuzzing101 uvm-reporting-and-mitigation-2011-02-10
Fuzzing101 uvm-reporting-and-mitigation-2011-02-10
 

Semelhante a 2010-03-31 - VU Amsterdam - Experiences testing safety critical systems

2008-10-09 - Bits and Chips Conference - Embedded Systemen Architecture patterns
2008-10-09 - Bits and Chips Conference - Embedded Systemen Architecture patterns2008-10-09 - Bits and Chips Conference - Embedded Systemen Architecture patterns
2008-10-09 - Bits and Chips Conference - Embedded Systemen Architecture patterns
Jaap van Ekris
 
BlackHat_2015_Slides_Krotofil_FINAL
BlackHat_2015_Slides_Krotofil_FINALBlackHat_2015_Slides_Krotofil_FINAL
BlackHat_2015_Slides_Krotofil_FINAL
Marina Krotofil
 
Software Testing: Test Design and the Project Life Cycle
Software Testing: Test Design and the Project Life CycleSoftware Testing: Test Design and the Project Life Cycle
Software Testing: Test Design and the Project Life Cycle
Derek Callaway
 
DefCon_2015_Slides_Krotofil_Larsen
DefCon_2015_Slides_Krotofil_LarsenDefCon_2015_Slides_Krotofil_Larsen
DefCon_2015_Slides_Krotofil_Larsen
Marina Krotofil
 
Design For Testability
Design For TestabilityDesign For Testability
Design For Testability
Giovanni Asproni
 

Semelhante a 2010-03-31 - VU Amsterdam - Experiences testing safety critical systems (20)

2011-05-02 - VU Amsterdam - Testing safety critical systems
2011-05-02 - VU Amsterdam - Testing safety critical systems2011-05-02 - VU Amsterdam - Testing safety critical systems
2011-05-02 - VU Amsterdam - Testing safety critical systems
 
Testing safety critical systems: Practice and Theory (14-05-2013, VU Amsterdam)
Testing safety critical systems: Practice and Theory (14-05-2013, VU Amsterdam)Testing safety critical systems: Practice and Theory (14-05-2013, VU Amsterdam)
Testing safety critical systems: Practice and Theory (14-05-2013, VU Amsterdam)
 
Software safety in embedded systems &amp; software safety why, what, and how
Software safety in embedded systems &amp; software safety why, what, and how Software safety in embedded systems &amp; software safety why, what, and how
Software safety in embedded systems &amp; software safety why, what, and how
 
Safety Integrity Levels
Safety Integrity LevelsSafety Integrity Levels
Safety Integrity Levels
 
2008-10-09 - Bits and Chips Conference - Embedded Systemen Architecture patterns
2008-10-09 - Bits and Chips Conference - Embedded Systemen Architecture patterns2008-10-09 - Bits and Chips Conference - Embedded Systemen Architecture patterns
2008-10-09 - Bits and Chips Conference - Embedded Systemen Architecture patterns
 
Vlsi testing
Vlsi testingVlsi testing
Vlsi testing
 
Software testing foundation
Software testing foundationSoftware testing foundation
Software testing foundation
 
Safety and security in distributed systems
Safety and security in distributed systemsSafety and security in distributed systems
Safety and security in distributed systems
 
Safety and security in distributed systems
Safety and security in distributed systems Safety and security in distributed systems
Safety and security in distributed systems
 
BlackHat_2015_Slides_Krotofil_FINAL
BlackHat_2015_Slides_Krotofil_FINALBlackHat_2015_Slides_Krotofil_FINAL
BlackHat_2015_Slides_Krotofil_FINAL
 
The Automation Firehose: Be Strategic and Tactical by Thomas Haver
The Automation Firehose: Be Strategic and Tactical by Thomas HaverThe Automation Firehose: Be Strategic and Tactical by Thomas Haver
The Automation Firehose: Be Strategic and Tactical by Thomas Haver
 
Functional safety by FMEA/FTA
Functional safety by FMEA/FTAFunctional safety by FMEA/FTA
Functional safety by FMEA/FTA
 
Software Testing: Test Design and the Project Life Cycle
Software Testing: Test Design and the Project Life CycleSoftware Testing: Test Design and the Project Life Cycle
Software Testing: Test Design and the Project Life Cycle
 
DEFCON 23- Marina Krotofil and Jason Larsen -Hacking chemical plants for com...
DEFCON 23- Marina Krotofil and Jason Larsen -Hacking chemical plants for com...DEFCON 23- Marina Krotofil and Jason Larsen -Hacking chemical plants for com...
DEFCON 23- Marina Krotofil and Jason Larsen -Hacking chemical plants for com...
 
Model-Based Design & Analysis.ppt
Model-Based Design & Analysis.pptModel-Based Design & Analysis.ppt
Model-Based Design & Analysis.ppt
 
DefCon_2015_Slides_Krotofil_Larsen
DefCon_2015_Slides_Krotofil_LarsenDefCon_2015_Slides_Krotofil_Larsen
DefCon_2015_Slides_Krotofil_Larsen
 
Design For Testability
Design For TestabilityDesign For Testability
Design For Testability
 
Pascual Imec06
Pascual Imec06Pascual Imec06
Pascual Imec06
 
Managing Software Risk with CAST
Managing Software Risk with CASTManaging Software Risk with CAST
Managing Software Risk with CAST
 
Why Do Computational Scientists Trust Their So
Why Do Computational Scientists Trust Their SoWhy Do Computational Scientists Trust Their So
Why Do Computational Scientists Trust Their So
 

Mais de Jaap van Ekris

2016 02-15 - IASTED Innsbruck 2016 - the role and decompesition of delivery ...
2016 02-15 - IASTED Innsbruck 2016 - the role and decompesition of delivery ...2016 02-15 - IASTED Innsbruck 2016 - the role and decompesition of delivery ...
2016 02-15 - IASTED Innsbruck 2016 - the role and decompesition of delivery ...
Jaap van Ekris
 
2008-07-15 - (ISC)2 - Mobile Phone Security, you have to let go in order t…
2008-07-15 - (ISC)2 - Mobile Phone Security, you have to let go in order t…2008-07-15 - (ISC)2 - Mobile Phone Security, you have to let go in order t…
2008-07-15 - (ISC)2 - Mobile Phone Security, you have to let go in order t…
Jaap van Ekris
 

Mais de Jaap van Ekris (20)

2021 08-28, QONFEST 2021 - Reliability cenetered maintenance for sleeping giants
2021 08-28, QONFEST 2021 - Reliability cenetered maintenance for sleeping giants2021 08-28, QONFEST 2021 - Reliability cenetered maintenance for sleeping giants
2021 08-28, QONFEST 2021 - Reliability cenetered maintenance for sleeping giants
 
2020 09-08 - sdn - waarom klanten een hekel aan software ontwikkelaars hebben
2020 09-08 - sdn - waarom klanten een hekel aan software ontwikkelaars hebben2020 09-08 - sdn - waarom klanten een hekel aan software ontwikkelaars hebben
2020 09-08 - sdn - waarom klanten een hekel aan software ontwikkelaars hebben
 
2018-11-08 risk and reslience festival
2018-11-08 risk and reslience festival2018-11-08 risk and reslience festival
2018-11-08 risk and reslience festival
 
2015 10-08 Uitwijken, het hoe, waarom en de consequenties
2015 10-08 Uitwijken, het hoe, waarom en de consequenties2015 10-08 Uitwijken, het hoe, waarom en de consequenties
2015 10-08 Uitwijken, het hoe, waarom en de consequenties
 
2016 11-15 - nvrb - software betrouwbaarheid
2016 11-15 - nvrb - software betrouwbaarheid2016 11-15 - nvrb - software betrouwbaarheid
2016 11-15 - nvrb - software betrouwbaarheid
 
2016-05-30 risk driven design
2016-05-30 risk driven design2016-05-30 risk driven design
2016-05-30 risk driven design
 
2016 02-15 - IASTED Innsbruck 2016 - the role and decompesition of delivery ...
2016 02-15 - IASTED Innsbruck 2016 - the role and decompesition of delivery ...2016 02-15 - IASTED Innsbruck 2016 - the role and decompesition of delivery ...
2016 02-15 - IASTED Innsbruck 2016 - the role and decompesition of delivery ...
 
TOPAAS Versie 2.0, een praktische inleiding
TOPAAS Versie 2.0, een praktische inleidingTOPAAS Versie 2.0, een praktische inleiding
TOPAAS Versie 2.0, een praktische inleiding
 
Embedded Systems, Asset or Security Threat? (6 May 2014, (ICS)2 Secure Rotter...
Embedded Systems, Asset or Security Threat? (6 May 2014, (ICS)2 Secure Rotter...Embedded Systems, Asset or Security Threat? (6 May 2014, (ICS)2 Secure Rotter...
Embedded Systems, Asset or Security Threat? (6 May 2014, (ICS)2 Secure Rotter...
 
Cloud Security (11-09-2012, (ISC)2 Secure Amsterdam)
Cloud Security (11-09-2012, (ISC)2 Secure Amsterdam)Cloud Security (11-09-2012, (ISC)2 Secure Amsterdam)
Cloud Security (11-09-2012, (ISC)2 Secure Amsterdam)
 
What the hack happened to digi notar (28-10-2011)
What the hack happened to digi notar (28-10-2011)What the hack happened to digi notar (28-10-2011)
What the hack happened to digi notar (28-10-2011)
 
Windows Phone 7 and the cloud, the good, the bad and the ugly (17-06-2011, SDN)
Windows Phone 7 and the cloud, the good, the bad and the ugly (17-06-2011, SDN)Windows Phone 7 and the cloud, the good, the bad and the ugly (17-06-2011, SDN)
Windows Phone 7 and the cloud, the good, the bad and the ugly (17-06-2011, SDN)
 
2011-04-29 - Risk management conference - Technische IT risico's in de praktijk
2011-04-29 - Risk management conference - Technische IT risico's in de praktijk2011-04-29 - Risk management conference - Technische IT risico's in de praktijk
2011-04-29 - Risk management conference - Technische IT risico's in de praktijk
 
2011-03-12 - PDAtotaal Usergroup meeting - Ervaringen met Windows Phone 7 in ...
2011-03-12 - PDAtotaal Usergroup meeting - Ervaringen met Windows Phone 7 in ...2011-03-12 - PDAtotaal Usergroup meeting - Ervaringen met Windows Phone 7 in ...
2011-03-12 - PDAtotaal Usergroup meeting - Ervaringen met Windows Phone 7 in ...
 
2010-09-21 - (ISC)2 - Protecting patient privacy while enabling medical re…
2010-09-21 - (ISC)2 - Protecting patient privacy while enabling medical re…2010-09-21 - (ISC)2 - Protecting patient privacy while enabling medical re…
2010-09-21 - (ISC)2 - Protecting patient privacy while enabling medical re…
 
2010-04-17 - PDAtotaal Usergroup meeting - Introductie in Windows Phone 7
2010-04-17 - PDAtotaal Usergroup meeting - Introductie in Windows Phone 72010-04-17 - PDAtotaal Usergroup meeting - Introductie in Windows Phone 7
2010-04-17 - PDAtotaal Usergroup meeting - Introductie in Windows Phone 7
 
2009-07-09 - DNV - Risico en betrouwbaarheid van ICT systemen
2009-07-09 - DNV - Risico en betrouwbaarheid van ICT systemen2009-07-09 - DNV - Risico en betrouwbaarheid van ICT systemen
2009-07-09 - DNV - Risico en betrouwbaarheid van ICT systemen
 
2009-02-18 - IASTED Innsbruck 2009 - Factors in project management influencin...
2009-02-18 - IASTED Innsbruck 2009 - Factors in project management influencin...2009-02-18 - IASTED Innsbruck 2009 - Factors in project management influencin...
2009-02-18 - IASTED Innsbruck 2009 - Factors in project management influencin...
 
2009-02-12 - VU Amsterdam - Customer Satisfaction and dealing with customers ...
2009-02-12 - VU Amsterdam - Customer Satisfaction and dealing with customers ...2009-02-12 - VU Amsterdam - Customer Satisfaction and dealing with customers ...
2009-02-12 - VU Amsterdam - Customer Satisfaction and dealing with customers ...
 
2008-07-15 - (ISC)2 - Mobile Phone Security, you have to let go in order t…
2008-07-15 - (ISC)2 - Mobile Phone Security, you have to let go in order t…2008-07-15 - (ISC)2 - Mobile Phone Security, you have to let go in order t…
2008-07-15 - (ISC)2 - Mobile Phone Security, you have to let go in order t…
 

Último

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 

Último (20)

Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 

2010-03-31 - VU Amsterdam - Experiences testing safety critical systems

Notas do Editor

  1. Copyright CIBIT Adviseurs|Opleiders 2005 Jaap van Ekris, Veiligheidskritische systemen Werkveld: Kerncentrales Luchtverkeersleiding Stormvloedkeringen Fouten kosten veel mensenlevens
  2. Voordeel van Glen was dat het maar 1 keer hoefde te werken...... En dat waren de 60er jaren (toen kon dat nog), en astronauten hadden nog lef Bron: http://www.historicwings.com/features98/mercury/seven-left-bottom.html
  3. When I started my career, my mentor told me: “From now on, your goal is to stay off the frontpage of the newspapers” I can tell you it is hard, but so far I’ve succeeded.
  4. Maar we leven (onwetend) nog steeds in die wereld..... 10 June 2011
  5. Please note that these failure rates include electromechanical failure as well!! Electrocution by a light switch: Change of 10 -5 per usage 10 June 2011
  6. Voordeel van Glen was dat het maar 1 keer hoefde te werken...... Bron: http://www.historicwings.com/features98/mercury/seven-left-bottom.html
  7. FTA en FMEA zijn tegenpolen, goede controlemechanismen van elkaar (NASA) Alhoewel NASA geen feilloos trackrecord heeft….
  8. Doel: mag maar eens in de 10.000 jaar
  9. Je begint met je primary concern Proces is simpel: je hakt je probleem zover op todat je die 2 miljoen onderdelen hebt, en je weet wat de bijdrage is van elke component Je pakt de belangrijkste 10, of 100 en neemt gericht maatregelen
  10. Als we rekening gaan houden met deadlocks en redundantie ziet ons plaatje er zo uit: niet echt simpel meer……
  11. There is a bug in this one: this code is NOT fail-safe because it has a potential catastrophic deadlock (when the Diesels don’t report Ready)..... 10 June 2011
  12. Please be reminded: the presented code has a deadlock! 10 June 2011
  13. FTA en FMEA zijn tegenpolen, goede controlemechanismen van elkaar (NASA) Alhoewel NASA geen feilloos trackrecord heeft….
  14. Do you know the difference between validation and verification? Validation = meets external expectations, does what it is supposed to do Verification = meets internal expectations, conforming to specs 10 June 2011
  15. Funny example: printing screen....
  16. Most beautifull example: UPSes using too much power to charge, killing all fuses.... Current example: found out that identity management server was a single point of failure.... 10 June 2011
  17. This is functional nonsense: DirMsgResponse is sent to the output, whatever what. 10 June 2011
  18. Dijkstra put mathematicians in the line of ships, just to remind them of the danger: a practice still used by Boeing and Airbus (maiden flight) Testers, like John Glenn actually was, put their life on the line each and every time At eurocontrol, each bug had a bodycount attachted to it..... When a system fails in production, it is actual blood on our hands I lose about a collegue a year Quit when you think it is routine.....
  19. 10 June 2011