Article ID | Journal | Published Year | Pages | File Type |
---|---|---|---|---|
10421184 | Reliability Engineering & System Safety | 2005 | 9 Pages |
Abstract
The software implementation of the emergency shutdown feature in a major radiotherapy system was analyzed, using a directed form of code review based on module dependences. Dependences between modules are labelled by particular assumptions; this allows one to trace through the code, and identify those fragments responsible for critical features. An 'assumption tree' is constructed in parallel, showing the assumptions which each module makes about others. The root of the assumption tree is the critical feature of interest, and its leaves represent assumptions which, if not valid, might cause the critical feature to fail. The analysis revealed some unexpected assumptions that motivated improvements to the code.
Related Topics
Physical Sciences and Engineering
Engineering
Mechanical Engineering
Authors
Andrew Rae, Daniel Jackson, Prasad Ramanan, Jay Flanz, Didier Leyman,