Software-design risk identification and mitigation using SHADETree/sup TM/

Abstract

We present a process to identify, and therefore aid in the mitigation of risks related to software design failures in complex systems. Our process includes identification of the exposure to software faults and then the provision of mitigation techniques to reduce the risk, all of which is quantified. The identification of critical components is not simply based on the static structure of a system architecture, but on the combined hardware and software dynamic fault tree for the system. We also tackle head-on the controversial idea of quantifying software failure probability by providing an uncertainty analysis approach to the quantification.