Assesing dependability of safety critical systems using diverse evidence

A primary objective of the DATUM (Dependability Assessment of safety critical systems Through the Unification of Measurable evidence) project was to improve the way dependability of software intensive safety-critical systems was assessed. Our hypothesis was that improvements were possible if we could incorporate multiple types of evidence. To achieve our objective we had to investigate how to get improved dependability predictions given certain specific information over and above failure data alone. We also had to provide a framework for modelling uncertainty and combining diverse evidence in such a way that it could be used to represent an entire argument about a system's dependability. We examined in depth the various methods and technologies for modelling uncertainty and selected a Bayesian approach as the most appropriate for our needs. To implement this approach for combining evidence we used Bayesian Belief Networks (BBNs). With the help of a BBN tool we provided a framework for dependability assessment that met our original objective and has subsequently proved to be practical and highly popular. A major benefit of this approach is that otherwise hidden assumptions used in an assessment become visible and auditable.