1
Basing Aviation Software Certification
On Assurance Cases
John Knight
Patrick Graydon
Elisabeth Strunk
2
The Argument
• Prescribed software development processes do not ensure software quality
• Assurance cases (e.g., safety cases) provide a mechanism for documenting an assurance argument
• Read position paper
• Listen to Robin Bloomfield
5
Them vs Us
Civil Engineering:• Extensive science
supporting analysis• Rigorous education• Mentored, prescribed
experience path• Community of trust• PE signature• Learning from failure
Computer Engineering:• Some science
supporting analysis
Education
6
So?
• Certification is not just a technical issue• Why?• Sometimes engineers are not aware of:
– Their own limitations– The limitations of their technologies– New technology—things are moving very fast
• F 22 anyone?• We have to fix this
Good technology applied incorrectly is useless