Verification and validation of autonomous systems software
2 mins read
From smartphones to power stations, airliners to e-commerce, our economy and society is increasingly dependent on software running on a variety of devices. However, these devices will become increasingly autonomous, performing everyday tasks from domestic chores to driving cars. The trustworthiness of the software is thus an underlying concern for those who commission, write and use it.
A recent BSI publication (click here for more) has identified five aspects of software trustworthiness: safety; reliability; availability; resilience; and security. For example, how do we ensure that an autonomous drone can deliver your latest paperback safely without injury to persons or possessions? And how can we ensure it is secure so that a hacker does not receive your book instead?
Given the wide variety of devices and software under consideration, the BSI document describes a widely applicable approach to achieving software trustworthiness, rather than mandating any specific practises or procedures. For example, the document bases the approach on the following concepts:
• Governance. Before producing or using any software which has a trustworthiness requirement, an appropriate set of governance and management measures shall be set up.
• Risk assessment. The risk assessment process involves considering the set of assets to be protected, the nature of the adversities that may be faced and the way in which the software may be susceptible to such adversities.
• Control application. Risk shall be managed through the application of appropriate personnel, physical, procedural and technical controls.
• Compliance. A compliance regime shall be set up to ensure that creators and users of software ensure that governance, risk and control decisions have been implemented.
These concepts are not new; we have been concerned with safety in other domains for many years. The software and electronics on board aeroplanes is controlled by standards such as DO254 and DO178C, which define the development approach, principles and deliverables. Similarly, ISO26262 has been created recently to create a compliance regime for the development of the software and electronics that we increasingly find in our cars. Security in software applications is covered in ISO/IEC 27034 application security standard. In the future, however, such levels of trustworthiness will be required in a much wider variety of devices that operate autonomously.
The aim of all this verification and validation activity is to ensure that the first time you get into your driverless car, you can feel both safe, in that it will not crash, and secure, in that nobody has altered your destination address. Or, more near term, can you return home each day and trust that your autonomous vacuum cleaner has left your house in a tidy state!
If you are involved in the development of software (or hardware) for autonomous systems and you want to understand more about this topic, then you can join a series of verification and validation (V&V) webinars being organised by the Software Engineering Working Group of the TSB Knowledge Transfer Network and TVS. The dates are:
3 September, 1400: KTN Webinar on V&V of software for autonomous systems: An overview
17 September, 1400: KTN Webinar on safety considerations in V&V of autonomous systems
1 October, 1400: KTN Webinar on security considerations in V&V of autonomous systems
22 October: KTN Physical event
For more information, contact Mike Bartley (mike@testandverification.com) or visit www.testandverification.com.
To register for the first webinar, visit https://www.eventbrite.co.uk/e/verification-and-validation-of-autonomous-systems-software-tickets-12305444917