Safe Reuse: Certification of Software Product Lines in Civil Aerospace

Developing safety critical software is expensive; in many cases, as in civil aerospace, this arises in part because of the difficulties of achieving certification. However, there are often significant similarities between one aerospace product and another; the industry is naturally conservative and progress is evolutionary rather than revolutionary, in many cases. Therefore the civil aerospace arena would seem to be an ideal environment for software reuse. However, the consequences of erroneous reuse are potentially very significant (Ariane 501 is a case in point), thus extreme care is needed in managing reuse. Further, the code production costs only amount to around 5-10% of the development costs, and verification and validation in support of certification is about 50% of the costs. Successful reuse is possible without solving the certification problem, but the return on investment is increased if it can be solved. The talk will discuss the challenges of software certification in an environment such as civil aerospace, and illustrate one approach to safe reuse, based on the use of product lines for engine control software.

Prof. John McDermid

John McDermid has been Professor of Software Engineering at the University of York since 1987. He set up the High Integrity Systems Engineering (HISE) research group in the Department of Computer Science and was Head of the Department from 2006 to 2012. He has undertaken research and consultancy for a range of clients, mainly in the area of safety and security. He has worked extensively with industry, including initiating work on product lines for Rolls-Royce aero engine control systems.