Requirements for software exception handling

Missing or faulty exception handling has caused a number of spectacular system failures and continues to be a major cause of software failures in aerospace systems. Prior work is reviewed and found lacking in a comprehensive approach at the system level as contrasted with programming level exception handling. As a path to better understanding of the problem, the needs for a system engineering approach to exception handling are described as they arise at different times of the development cycle and from different disciplines. It is seen that finding comprehensive solution is difficult but it is essential to pursue this problem. The details of stating requirements for exception handling are addressed and a methodology for verifying the effectiveness and completeness is described. Further research needs are discussed and the formation of a working group for a best practice or standard on the subject is suggested.