Safety Factories Manifesto

The development of software-defined systems is characterized by automation and incrementality, enabled by:

- a high degree of content formalization – X-as-Code,

- no islands of content – mono-repositories,

- single source of truth – every piece of information is saved exactly once to avoid redundancies,

- discipline and rigour – reviews and quality checks enforced as preconditions for merging into the mainline.

Today's practice of engineering safety-critical systems often appears quite different, involving multiple tools with weakly formalized content that are isolated from each other and from the system development tools. This leads to several issues, such as:

- manual work is needed even where automation would be possible - waste brain cycles,

- fine-grained reproducible builds are hard to achieve - low reproducibility,

- system / software / safety engineers work in decoupled tooling - building silos,

- informal safety documentation (plain text and pictures),

- assessors are given documents as opposed to having the possibility to query directly on models.

Consequently, there is considerable potential in safety engineering methods and tooling to learn from success stories in software engineering.

To this end, we propose safety factories, designed to support the agile development of safety-critical systems. Key characteristics of safety factories:

- Safety as Code: express all safety work products by using semantically rich languages;

- Integration: store all safety work products along the code, tests and design artefacts;

- Single Source of Truth: each information is saved exactly once and views are generated automatically;

- Automated Impact Analysis: use systems‘ safety case as semantically enriched traceability mechanism;

- Safety Builds: the success of a system build is demonstrated by a closed safety case;

- Eventually Consistent Safety Cases: inconsistencies are temporary allowed but need to be explicit;

- Live Documentation Close to Content: pictures, etc, are generated based on the used models;

- Company-wide Safety Mindset: every role is aware of its contribution to the safety case;

- Accountability and Ownership: who created, verified, changed, based on whose request, and when the step was completed. 

Read more about it here.