Software certification consortium: certification methods for safety-critical software

An increasingly important requirement for success in many domains is the ability to cost-effectively develop, and/or purchase, dependable (fit for purpose, correct, secure, robust, maintainable) software for critical systems (e.g. pacemakers, health monitoring equipment, core banking applications, financial reporting, nuclear reactors, etc.). Software errors in each of these domains continue to lead to catastrophic system failures, sometimes resulting in loss of life. A recent report by the U.S. National Academy of Sciences [1], concludes that "new techniques and methods will be required in order to build future software systems to the level of dependability that will be required... In the future, more pervasive deployment of software... could lead to more catastrophic failures unless improvements are made." Thus, society is increasingly demanding that software used in critical systems must meet minimum safety, security and reliability standards. Manufacturers of these systems are in the unenviable position of not having consistent and effective guidelines as to what constitutes acceptable evidence of software quality, and how to achieve it. This drives up the cost of producing these systems without producing a commensurate improvement in dependability.