Author(s)

R. Greenberg

Abstract

In a recent paper two non-independent concepts, safety envelope and defense lines [1], were introduced. These concepts are used for defining safe and unsafe states of a system and for establishing a consistent relationship of transitions between these two state types. In this paper these concepts are used as a basis for a general and systematic safety model. The model is utilized for improving quality assurance procedures for achieving safety goals in computer controlled systems. The improvement is accomplished by categorizing systems into certain types, each with common properties, and showing that there is a general structure that applies to each type. The description of this structure enables the management body to plan a design line that takes into account the safety aspects of syste

Keywords