| [1] | T. S. Ankrum and A. H. Kromholz. Structured assurance cases: Three common standards. In Ninth IEEE International Symposium on High-Assurance Systems Engineering (HASE'05). Institute of Electrical and Electronics Engineers (IEEE), 2005. [ bib | DOI ] |
| [2] | Adelard. Claims, arguments and evidence (CAE). last accessed 12 Feb 2017. [ bib | http ] |
| [3] | P. R. Caseley and T. A. D. White. The MOD procurement guidance on software safety assurance---assessing and understanding software evidence. In 4th IET International Conference on Systems Safety, pages 1--12, October 2009. [ bib | DOI ] |
| [4] | Patrick J. Graydon and Tim P. Kelly. Using argumentation to evaluate software assurance standards. Information and Software Technology, 55(9):1551--1562, September 2013. [ bib | DOI ] |
| [5] | Sam Groom. The life cycle and legal cycles in software engineering. Master's thesis, University of Oxford Software Engineering Programme, March 2002. last accessed 12 Jan 17. [ bib | .pdf ] |
| [6] | Viv Hamilton. A new concept in defence safety standards: the revised UK Defence Standard 00-56. In Tony Cant, editor, Proceedings of the 10th Australian Workshop on Safety Related Programmable Systems, volume 55 of Conferences in Research and Practice in Information Technology, pages 77--83, Darlinghurst, Australia, Australia, April 2006. Australian Computer Society, Inc. last accessed 13 Feb 17. [ bib | http ] |
| [7] | Matthew Hancock. Open standards principles 2015, September 2015. last accessed 17 Nov 18. [ bib | http ] |
| [8] | J. A. Mcdermid and P. Williams. Defence standard 00-56 issue 5: concepts, principles and pragmatics. In 9th IET International Conference on System Safety and Cyber Security (2014), pages 1--6, October 2014. [ bib | DOI ] |
| [9] | Ministry of Defence. Defence standards 00-56, 00-55 and 00-27. Safety & Environmental Bulletin SEB/008, Defence Equipment & Support, Bristol, April 2015. last accessed 13 Feb 17. [ bib ] |
| [10] | Massimo Tamos. Applicability of safety critical systems techniques to business domain. Master's thesis, University of Oxford Software Engineering Programme, 2011. [ bib ] |
| [11] | Margaret Tierney. Software engineering standards: the `formal methods debate' in the UK. Technology Analysis & Strategic Management, 4(3):245--278, January 1992. [ bib | DOI ] |
| [12] | D. R. Wallace, D. R. Kuhn, and L. M. Ippolito. An analysis of selected software safety standards. In COMPASS `92 Proceedings of the Seventh Annual Conference on Computer Assurance, pages 123--136, June 1992. [ bib | DOI ] |
| [13] | Paul Watkinson. Software engineering---methodology for critical systems. Master's thesis, University of Oxford Software Engineering Programme, 2012. [ bib ] |
| [14] | Mark Peter Williams. Safety-related software engineering and support policy in MOD acquisition. Master's thesis, University of Oxford Software Engineering Programme, 2012. [ bib ] |
| [15] | W. E. Wong, T. Gidvani, A. Lopez, R. Gao, and M. Horn. Evaluating software safety standards: A systematic review and comparison. In 2014 IEEE Eighth International Conference on Software Security and Reliability-Companion, pages 78--87, June 2014. [ bib | DOI ] |
| [16] | Alison Adam and Paul Spedding. Trusting computers through trusting humans: Software verification in a safety-critical information society. In Manish Gupta and Raj Sharman, editors, Social and Human Elements of Information Security: Emerging trends and countermeasures, chapter V, pages 61--75. Information Science Reference, 2009. [ bib ] |
| [17] | Ron Patton. Software Testing. Sams Publishing, Indianapolis IN, 2nd edition, August 2005. [ bib ] |
| [18] | Martyn A. Ould. Managing software quality and business risk. John Wiley & Sons Ltd, Chichester, 1999. [ bib ] |
| [19] | John C. Knight and E. Ann Myers. An improved inspection technique. Commun. ACM, 36(11):51--61, November 1993. [ bib | DOI ] |
| [20] | M. E. Fagan. Design and code inspections to reduce errors in program development. IBM Systems Journal, 15(3):182--211, 1976. [ bib | DOI ] |
| [21] | Marc Lankhorst. Enterprise Architecture at Work. Springer Berlin Heidelberg, 2nd edition, 2009. [ bib | DOI ] |
| [22] | Ministry of Defence. Knowledge in Defence website, 2018. last accessed 2 Dec 18. [ bib | http ] |
| [23] | Ministry of Defence. Software quality management guidance. last accessed 9 Apr 2018, January 2009. last accessed 9 Apr 18. [ bib | .pdf ] |
| [24] | A. Galloway, R.F. Paige, N.J. Tudor, R.A. Weaver, I. Toyn, and J. McDermid. Proof vs testing in the context of safety standards. In 24th Digital Avionics Systems Conference. IEEE, October 2005. [ bib | DOI ] |
| [25] | Chris Reed, Douglas Walton, and Fabrizio Macagno. Argument diagramming in logic, law and artificial intelligence. The Knowledge Engineering Review, 22(01):87, March 2007. [ bib | DOI ] |
| [26] | Ministry of Defence. Software support. Joint Service Publication JSP886 Vol 7 Part 4, Defence Equipment and Support, Engineering Group, Software Supportability Team, February 2013. last accessed 17 Mar 18. [ bib | .pdf ] |
| [27] | Ministry of Defence. Standards for defence---Part 2: Management and production of defence standards. Defence Standard 00-00 Part 2 Issue 5, UK Defence Standardization, Glasgow, December 2010. Withdrawn 12 Dec 2012. [ bib ] |
| [28] | Martyn A. Ould. Software development under Def Stan 00-55: a guide. Information and Software Technology, 32(3):170--175, April 1990. [ bib | DOI ] |
| [29] | Amyas Morse. Major projects report 2012. House of Commons report HC 684-I 2012--13, National Audit Office, January 2013. last accessed 29 May 18. [ bib | .pdf ] |
| [30] | Tim Burr. Chinook Mk3 helicopters. House of Commons report HC 512 2007--2008, National Audit Office, June 2008. last accessed 29 May 18. [ bib | .pdf ] |
| [31] | Sir John Bourn. Battlefield helicopters. House of Commons report HC 486 2003--2004, National Audit Office, April 2004. last accessed 29 May 18. [ bib | .pdf ] |
| [32] | Tim Kelly. Software certification: where is confidence won and lost? In Tom Anderson, editor, Addressing Systems Safety Challenges: Proceedings of the Twenty-second Safety-critical Systems Symposium, Brighton, UK, 4-6th February 2014, volume 22 of Safety-critical Systems Symposium, pages 255--267, February 2014. last accessed 8 Dec 18. [ bib | http ] |
| [33] | Phil Williams and John McDermid. Reincarnation of Def Stan 00-55. Safety Systems, 25(1), September 2015. last accessed 3 Jun 18. [ bib | http ] |
| [34] | Chris Howard. The MOD's new system safety standard: Interim Defence Standard 00-56 issue 3. Safety Systems, 15(1), September 2005. last accessed 3 Jun 18. [ bib | http ] |
| [35] | Watts S. Humphrey. PSP(SM): A Self-Improvement Process for Software Engineers. Addison Wesley, 2005. [ bib ] |
| [36] | Robert Bates. Software safety in the MOD---a comprehensive review of the acquisition of safety critical software. Master's thesis, University of Oxford Software Engineering Programme, October 2017. [ bib ] |
| [37] | Robert Bates. Defence Standard 00-56 MODAF views. Unpublished, November 2012. [ bib ] |
| [38] | Steven F. Mattern. Increasing the likelihood of success of a software assurance program. Journal of System Safety, 44(4):19--25, 2008. [ bib ] |
| [39] | DES Tech-QSEP Support. Safety management guidance for software-only projects. DE&S Safety & Environmental Protection Leaflet 08/2013 v1.3, Defence Equipment and Support, Bristol, UK, September 2014. last accessed 31 Aug 18. [ bib | .pdf ] |
| [40] | Barry Hendrix. New system safety standard ANSI/GEIA-STD-0010 is available. Journal of System Safety, 46(2):36--37, 2010. [ bib ] |
| [41] | Richard D. Hawkins and Tim P. Kelly. A systematic approach for developing software safety arguments. Journal of System Safety, 46(4):25--33, 2010. [ bib ] |
| [42] | J.P. Bowen and M.G. Hinchey. Seven more myths of formal methods. IEEE Software, 12(4):34--41, July 1995. [ bib | DOI ] |
| [43] | Barry Hendrix, Saralyn Dwyer, and Dave West. Model-based systems engineering and software system workshop. Journal of System Safety, 53(3):24--29, 2017. [ bib ] |
| [44] | Pamela K. Wilkinson. Dealing with conflicting contract system safety requirements. Journal of System Safety, 49(2):14--17, 2013. [ bib ] |
| [45] | RTCA Special Committee 205. Software considerations in airborne systems and equipment certification. Recommendation DO-178C, RTCA Inc., Washington, December 2011. [ bib ] |
| [46] | RTCA Special Committee 167. Software considerations in airborne systems and equipment certification. Recommendation DO-178B, RTCA Inc., Washington, January 1992. [ bib ] |
| [47] | Common criteria for information technology security evaluation. v3.1 revision 3, July 2009. last accessed 8 Nov 18. [ bib | http ] |
| [48] | Stephen Jacklin. Certification of safety-critical software under DO-178C and DO-278A. In Infotech@Aerospace 2012. NASA Ames Research Center, American Institute of Aeronautics and Astronautics, June 2012. [ bib | DOI ] |
| [49] | RTCA Special Committee 205. Model-based development and verification supplement to DO-178C and DO-278A. Recommendation DO-331, RTCA Inc., Washington, December 2011. [ bib ] |
| [50] | Ministry of Defence. Hazard analysis and safety classification of the computer and programmable electronic system elements of defence equipment. Interim Defence Standard 00-56 Issue 1, Directorate of Standardization, Glasgow, April 1991. [ bib ] |
| [51] | National Aeronautics and Space Administration. Software safety standard. Technical Standard NASA-STD-8719.13B w/Change 1, NASA, Washington, DC, July 2004. last accessed 13 Feb 17. [ bib | .pdf ] |
| [52] | Department of Defense. Standard practice for system safety. Military Standard MIL-STD-882D, DOD, February 2000. [ bib ] |
| [53] | Federal Aviation Administration. System safety handbook. Handbook, FAA, December 2000. last accessed 8 Nov 18. [ bib | http ] |
| [54] | Jose Luis de la Vara, Alejandra Ruiz, Katrina Attwood, Huáscar Espinoza, Rajwinder Kaur Panesar-Walawege, Ángel López, Idoya del Río, and Tim Kelly. Model-based specification of safety compliance needs for critical systems: A holistic generic metamodel. Information and Software Technology, 72:16--30, April 2016. [ bib | DOI ] |
| [55] | Oliver Scheuer, Frank Loll, Niels Pinkwart, and Bruce M. McLaren. Computer-supported argumentation: A review of the state of the art. International Journal of Computer-Supported Collaborative Learning, 5(1):43--102, January 2010. [ bib | DOI ] |
| [56] | Susanna-Assunta Sansone and Philippe Rocca-Serra. Interoperability standards---digital objects in their own right, October 2016. [ bib | DOI ] |
| [57] | Ministry of Defence. Requirements for safety of Programmable Elements (PE) in defence systems---Part 1: Requirements and guidance. Defence Standard 00-055 Part 1 Issue 4, UK Defence Standardization, Glasgow, April 2016. [ bib ] |
| [58] | Ministry of Defence. The procurement of safety critical software in defence equipment---Part 1: Requirements. Interim Defence Standard 00-55 Part 1 Issue 1, Directorate of Standardization, Glasgow, April 1991. [ bib ] |
| [59] | Ministry of Defence. Requirements for safety related software in defence equipment---Part 1: Requirements. Defence Standard 00-55 Part 1 Issue 2, Directorate of Standardization, Glasgow, August 1997. [ bib ] |
| [60] | Ministry of Defence. Requirements for safety of Programmable Elements (PE) in defence systems---Part 1: Requirements and guidance. Interim Defence Standard 00-55 Part 1 Issue 3, UK Defence Standardization, Glasgow, December 2014. [ bib ] |
| [61] | Ministry of Defence. Safety management requirements for defence systems---Part 1: Requirements. Interim Defence Standard 00-56 Part 1 Issue 3, UK Defence Standardization, Glasgow, December 2004. [ bib ] |
| [62] | Ministry of Defence. Safety management requirements for defence systems---Part 1: Requirements. Defence Standard 00-56 Part 1 Issue 4, UK Defence Standardization, Glasgow, June 2007. [ bib ] |
| [63] | Ministry of Defence. Defence standard development. last accessed 1 Dec 18. [ bib | .html ] |
| [64] | Principles and rules for the structure and drafting of ISO and IEC documents. ISO/IEC Directives Part 2 Edition 7, International Organisation for Standardisation / International Electrotechnical Commission, Geneva, May 2016. last accessed 1 Dec 18. [ bib | .pdf ] |
| [65] | Nicolas Sannier and Benoit Baudry. INCREMENT: A mixed MDE-IR approach for regulatory requirements modeling and analysis. In Camille Salinesi and Inge van de Weerd, editors, Requirements Engineering: Foundation for Software Quality, volume 8396 of Lecture Notes in Computer Science, pages 135--151. Springer International Publishing, April 2014. [ bib | DOI ] |
| [66] | The Assurance Case Working Group (ACWG). GSN Community Standard version 2, January 2018. last accessed 2 Dec 18. [ bib | http ] |
| [67] | Systems Engineering and Integration Group (SEIG). SEIG review of Defence Standard 00-56: Safety management requirements for defence systems---Part 1. Technical report, Ministry of Defence, November 2011. Unpublished. [ bib ] |
| [68] | Ministry of Defence. MOD architecture framework, December 2012. last accessed 3 Dec 18. [ bib | http ] |
| [69] | Gavin Williamson. Health, safety and environmental protection in defence: Policy statement by the secretary of state for defence, June 2018. last accessed 5 Dec 18. [ bib | http ] |
| [70] | R. D. Hawkins, I. Habli, and T. P. Kelly. The principles of software safety assurance. In 31st International System Safety Conference, Boston, MA, August 2013. International System Safety Society. last accessed 8 Dec 18. [ bib | http ] |
| [71] | Graham Jolliffe. Re-issuing Def Stan 00-55. In Tom Anderson, editor, Addressing Systems Safety Challenges: Proceedings of the Twenty-second Safety-critical Systems Symposium, Brighton, UK, 4--6th February 2014, volume 22 of Safety-critical Systems Symposium, pages 25--34, February 2014. last accessed 3 Jun 18. [ bib | http ] |
| [72] | John McDermid. Report of a working party on software management in acquisition and support. Internal Report D/DST/01/14/16/22, Defence Scientific Advisory Council, London, April 2014. [ bib ] |
| [73] | British Standards Institute. National comment template. On BSI eCommittees System. last accessed 11 Dec 18. [ bib ] |
| [74] | Ministry of Defence. MOD standardization management policy---Part 1: Directive. Joint Service Publication JSP920 Part 1 V3.0, Defence Authority for Technical & Quality Assurance, August 2017. last accessed 15 Dec 18. [ bib | .pdf ] |
| [75] | Ministry of Defence. Management of ship safety and environmental protection---Part 1: Policy. Joint Service Publication JSP430 Part 1 Issue 4, Ship Safety Management Office, Bristol, June 2011. [ bib ] |
| [76] | IEC Subcommittee 65A: System Aspects. Functional safety of electrical/ electronic/ programmable electronic safety-related systems---Part 0: Functional safety and IEC 61508. techreport IEC/TR 61508-0:2005, International Electrotechnical Commission, 2005. [ bib ] |
| [77] | Health and safety at work etc. act. 1974 c. 37, July 1974. last accessed 18 Dec 18. [ bib | http ] |
| [78] | Ralph V. Carlone. Patriot missile defense---software problem led to system failure at Dhahran, Saudi Arabia. Report to the Chairman, Subcommittee on Investigations and Oversight, Committee on Science, Space, and Technology, House of Representatives GAO/IMTEC-92-26, US General Accounting Office, Washington, D.C., February 1992. last accessed 25 Dec 18. [ bib | http ] |
| [79] | Jacques-Louis Lions. Ariane 5---Flight 501 failure. Report by the inquiry board, Ariane 5 Inquiry Board, Paris, July 1996. last accessed 25 Dec 18. [ bib | http ] |
| [80] | Defence Accident Investigation Branch. Service inquiry into the Watchkeeper (WK006) Unmanned Air Vehicle (UAV) accident at Boscombe Down Aerodrome on 2 November 2015. Service inquiry, Defence Safety Authority, August 2016. Redacted, last accessed 25 Dec 18. [ bib | http ] |
| [81] | Benjamin Zhang. A software problem caused a brand-new Airbus military plane to crash. Business Insider, June 2015. last accessed 25 Dec 18. [ bib | http ] |
| [82] | Ministry of Defence. Safety management requirements for defence systems---Part 1: Requirements. Defence Standard 00-56 Part 1 Issue 7, UK Defence Standardization, Glasgow, February 2017. [ bib ] |
| [83] | Alessio Ferrari, Stefania Gnesi, and Gabriele Tolomei. Using clustering to improve the structure of natural language requirements documents. In Joerg Doerr and Andreas L. Opdahl, editors, Requirements Engineering: Foundation for Software Quality, volume 7830 of Lecture Notes in Computer Science, pages 34--49. Springer Berlin Heidelberg, April 2013. [ bib | DOI ] |
| [84] | Eero Uusitalo, Mikko Raatikainen, Mikko Ylikangas, and Tomi Männistö. Experiences from an industry-wide initiative for setting metadata for regulatory requirements in the nuclear domain. In 2014 IEEE 7th International Workshop on Requirements Engineering and Law (RELAW), pages 2--9. IEEE, August 2014. [ bib | DOI ] |
| [85] | Ministry of Defence. Safety management requirements for defence systems---Part 2: Requirements. Defence Standard 00-056 Part 2 Issue 5, UK Defence Standardization, Glasgow, February 2017. [ bib ] |
| [86] | The Open Group Architecture Forum. TOGAF version 9.2, enterprise edition. https://pubs.opengroup.org/architecture/togaf9-doc/arch/index.html, April 2018. last accessed 10 Jan 19. [ bib | .html ] |
| [87] | J. Peter Kincaid, Robert P. Fishburne, Jr, Richard L. Rogers, and Brad S. Chissom. Derivation of new readability formulas (automated readability index, fog count and Flesch reading ease formula) for Navy enlisted personnel. Research Branch Report 8-75, Naval Technical Training Command, Millington, TN, February 1975. last accessed 12 Jan 19. [ bib | http ] |
| [88] | IEC Subcommittee 56: Dependability. Hazard and operability studies (HAZOP studies). Application guide. International Standard IEC61882, International Electrotechnical Commission, 2016. [ bib | DOI ] |
| [89] | Creative Commons. Creative Commons attribution 4.0 international public license CC-BY 4.0. last accessed 15 Jan 19. [ bib | http ] |
| [90] | IEC Subcommittee 56: Dependability. Failure Modes and Effects Analysis (FMEA and FMECA). International Standard IEC60812, International Electrotechnical Commission, 2018. [ bib ] |
| [91] | IEC Subcommittee 56: Dependability. Fault Tree Analysis (FTA). International Standard IEC61025, International Electrotechnical Commission, 2006. [ bib ] |
| [92] | Object Management Group. Business process model and notation, January 2011. last accessed 10 Jan 19. [ bib | http ] |
| [93] | Mike Cohn. User stories. https://www.mountaingoatsoftware.com/agile/user-stories. last accessed 10 Jan 19. [ bib | http ] |
| [94] | Walid Maalej, Zijad Kurtanović, Hadeer Nabil, and Christoph Stanik. On the automatic classification of app reviews. Requirements Engineering, 21(3):311, September 2016. [ bib | DOI ] |
| [95] | Ibrahim Habli and Andrew Rae. Formalism of requirements for safety-critical software: Where does the benefit come from? In Proceedings of Planning the Unplanned Experiment: Assessing the Efficacy of Standards for Safety Critical Software (AESSCS), May 2014. last accessed 22 Feb 19. [ bib | arXiv ] |
| [96] | PolarSys. Opencert website, December 2018. last accessed 10 Jan 19. [ bib | http ] |
| [97] | Adelard. Asce software, 2018. last accessed 18 Jun 18. [ bib | http ] |
| [98] | Martyn A. Ould. Testing---a challenge to method and tool developers. Software Engineering Journal, 6(2):59, March 1991. [ bib | DOI ] |
| [99] | Elizabeth Hull, Kenneth Jackson, and Jeremy Dick. Requirements Engineering. Springer-Verlag, 2nd edition, 2005. [ bib | DOI ] |
| [100] | C. Michael Holloway and Patrick J. Graydon. Explicate '78: Assurance case applicability to digital systems. Final report to the FAA DOT/FAA/TC-17/67, NASA Langley Research Center, January 2018. last accessed 4 Nov 18. [ bib | .pdf ] |
| [101] | Patrick J. Graydon and C. Michael Holloway. Planning the unplanned experiment: Assessing the efficacy of standards for safety-critical software. Technical Memorandum NASA/TM-2015-218804, NASA Langley Research Center, September 2015. last accessed 8 Nov 18. [ bib | http ] |
| [102] | P. Steele and J. Knight. Analysis of critical systems certification. In 2014 IEEE 15th International Symposium on High-Assurance Systems Engineering, pages 129--136, January 2014. [ bib | DOI ] |
| [103] | Nancy G. Leveson. Safeware: System Safety and Computers. Addison-Wesley Professional, 1995. [ bib ] |
| [104] | Neil Storey. Safety Critical Computer Systems. Pearson Education (US), July 1996. [ bib ] |
| [105] | Object Management Group. About the unified modeling language specification version 2.5.1, December 2017. last accessed 10 Jan 19. [ bib | http ] |
| [106] | Charles Antony Richard Hoare. The emperor's old clothes. Communications of the ACM, 24(2):75--83, February 1981. [ bib | DOI ] |
This file was generated by bibtex2html 1.98.