SOFTWARE SAFETY AND SECURITY BEST PRACTICES: A CASE STUDY FROM AEROSPACE

Software safety and security flaws are costly. Defects found in software systems after they are deployed have always been costly to fix. However, the importance placed on software developed today as a key technology for functionality and control of hardware results in even higher costs when defects and errors cause loss of materiel, and in some cases, personnel. Serious safety and security flaws have ramifications that often go beyond tangible dollar amounts or data mishap issues, such as trustworthiness. Safety has always been a major focus for the aviation community, where engineers follow strict practices that adhere to Federal Aviation Administration (FAA) guidelines. Security is a more recent concern. We have found that processes used for safety can often be applied to security.

In this paper we describe the aviation community’s DO-178 processes for safety and how they might be tailored to the land vehicle community. We will use the development of our hypervisor as a case study of how we built a system using best practices for both safety and security processes.