The Dangers of Over-Engineering a Safe System

March 17, 2014 // By Chris Hobbs, QNX Software Systems

For the German language version, click here

Attempts to deal with a specific safety issue without considering the question of overall system dependability may lead to the introduction of new problems. We use the example of an in-cab train controller for an Automated Train Operations (ATO) system to examine the effect on dependability of adding software error detection to a 2oo2 system, consider the benefits and adverse consequences of this approach, and suggest other approaches to improving dependability.
QNX, safe system design, IEC 62304, ISO 26262, EN 50126, EN 50128, IEC 61508, OS, RTOS, DRAM, memory errors, 2-out-of-2 system, 2oo2 system, 2oo1 system, neutron flux, validation, overengineering, safety, safe systems, safety claims, dependability, softwa