A recent trend in safety domains is the increased use of software for functionality that was traditionally implemented in hardware. Systems adopted in safety domains, such as avionics, automotive, and nuclear, are frequently subject to certification, a formal assurance process to show that the system behaves safely. Today, certification of software based systems is conducted through process oriented standards (e.g., DO178B, ISO26262). These standards recommend strategies and practices to be adopted along the entire development life cycle, in order to achieve the required safety level. Although they provide valuable support, the guidelines they suggest are quite general and cost and effectiveness issues are often not a part of such guidance documents. There is a gap between industry and academia. On the one hand, industry has
followed for decades a conservative approach to safety. On the other hand, recent advancements in several areas (e.g., model-driven development, formal methods, software reliability modeling) have the potential of significantly improving the effectiveness and the efficiency of safety system development. Therefore, there is a need to encourage and put into use the results of academia in the development of real-world safety-critical systems.
Safety standards accept the adoption of third-party components in the software development, on the condition that these components can be recognized as being safe. Off-The-Shelf (OTS) software components either developed by commercial third parties or open source groups could be successfully adopted in certified systems. However, their adoption also raises challenges that a certification-oriented development has to face. A development process where components are designed without any specific context in mind, along with all the difficulties related to their integration, verification, assessment and maintenance make it very tough to produce evidence that OTS software components behave safely. These challenges are exacerbated in systems of systems, where several kinds of OTS software components are adopted, including middleware, virtual machines, operating systems, and so on. The increasing trend of integration of OTS software components in critical systems is shifting the focus from process-oriented to product-oriented software certification, where evidence must be provided regarding the actual behaviour of the product rather than on process practices. This new perspective is opening totally new challenges with respect to the current reference standards (also for the newly released ones e.g., DO178C), for both developers and standard organizations.
Additionally, the reuse of software components from one application domain to another is hampered by the differences present in the standards. A software component that has proved to behave safely in an application domain must be certified once again when adopted in another domain. Conversely, strategies and methodologies should be in place to ease a cross-domain certification. This would result in a reduction of either the cost of certification or the time to market. Also, the cross domain standardization of software products would foster the collaboration among organizations working in different domains and strengthen the research area of critical systems.