Safety analysis of an evolving software architecture

The safety analysis of an evolving software system has to consider the impact that changes might have on the software components, and to provide confidence that the risk is acceptable. If the impact of a change is not thoroughly analysed, accidents can occur as a result of faulty interactions between components, for example. However, the process of safety analysis cart be enhanced if appropriate abstractions are provided for modelling and analysing software components and their interactions. Instead of considering components as the locus of change, the proposed approach assumes that components remain unchanged while their interactions (i.e. connectors) adapt to the different requirements needs. The safety analysis is the performed using model checking to verify whether safe behaviour is maintained when interactions between components change. The feasibility of the approach is demonstrated in terms of a case study that deals with the safety procedures associated with the launching of a sounding rocket.