Embedded Software Development for Safety-Critical Systems

The author addresses what one might call fully responsible engineering of software-controlled systems, end-to-end, hands-on, with special attention to design verification and all types of testing. Some of the materials are based on his excellent articles in Electronic Design. The book is well-written, direct, practical, and engaging. Among its valuable features: • Complete examples – small yet fully worked out design/code examples and counterexamples that instantly dispel doubt or argument. For example, the simple 2-threaded program in Figure 5.4, referenced many times in the book, proves that software CAN and DOES fail randomly, counter to what many people and standards assume. • Standards guidance – scores of citations in ISO/IEC 14971, 26262, 29119, 61508, 62304 and so forth, e.g. “Table 8 of ISO 26262-6 bans recursion completely” while “paragraph C.2.6.7 of IEC 61508-7” says only that recursion depth must be bounded, as it automatically is in tail recursion (though only with respect to stack size, not iteration count). • Methods guidance – the best short introduction to formal design-validation methods l've seen, including a working example for the SPIN tool. (I personally think Verum’s Dezyne tool is on the right road to bringing these formal methods into mainstream use.) • Languages and tools guidance – many were new to me, e.g. D and RUST languages, KLEE and gcov tools for code coverage, Sparse and Astrée for static analysis, SWIFT for fault injection. • Useful references listed at the end of each chapter – for example, the ACM paper titled “How Amazon Web Services Uses Formal Methods” (Commun. ACM, Jan. 2015) that introduces the phrase “exhaustively testable pseudo-code”. Amazon web services seem far distant from embedded, but key challenges at the module and subsystem level are the same: completeness and correctness of logic that manages states and communications. • Gems – my favorites are Anecdote 5 about confirmation bias, Fallacy 4 about failure probabilities in composite systems, Anecdote 25 about being convinced by KLEE, and being introduced to Laurent Bossavit's "Leprechauns of Software Engineering".The digital version is a facsimile of the print version. I read over half of the book on Google Play, where I was first able to access it, then finished it on Kindle. I found Kindle much easier on the eyes and smoother overall. There are some hard-to-read rotated diagrams, e.g. Figures 12.1 and 15.5.(Context and disclosure: I designed and coded industrial products for 20 years in C/C++/Java/etc on UNIX/Windows/etc, then managed and consulted for 15 years most recently in safety-critical medical devices. I’m not an embedded expert, but I do consider myself expert in how to build reliable software. I have no financial interest in this book or in any tools mentioned in this review. I know the author slightly via a few emails.)

Great practical book for developing safety-critical software.

This book is best for someone who already has some idea about safety critical systems and wants to get a better understanding of how all the pieces fit together. The sweet spot starts with a junior engineer who has been on a safety- or mission-critical system project for a few months and wants help putting all the pieces together, and extends to an engineer who has done a project or two with a particular safety standard and wants to understand at a deeper level details of the bigger picture across standards and across industries.The book dives pretty quickly into practical application of standards for software safety. If you have no idea about software safety at all you should start with start with something more general (Even Leveson: "software safety: why, what, and how" which is a free paper will help here), then come back to this. This is about principles more than actual code, so expect a lot of useful and important concepts, but almost no lines of code.A strong point is comparing and contrasting standards from different domains (including rail, process, and medical software safety). The various anecdotes help illustrate key points and let the reader benefit from the author's experience. Even those experienced in the field will find some worthwhile gems of wisdom.Out of the various software safety books for those actually working on these projects, this is the best book I have found. Highly recommended.

I was very impressed with this book. I have long needed a practical, insightful book that talks about ‘real’ engineering for Safety Critical Systems. Most of the other books in this area focus on ‘process’, ‘standards’ and ‘certification’ but miss the connection with engineering, design and implementation. This book covers the process / standards / certification angle – but links is squarely with real practice and execution. Reading this book it is clear that the author has actually been involved in building Safety Critical Systems. I plan to adopt this book for the university course I teach in Safety Critical Systems.

The book is not supported on Kindle device even though the buying option indicates "Kindle edition".This is highly disappointing.Spending Rs.4200 , I feel cheated.I first read the sample copy of the book on my Kindle Paperwhite. But after spending huge amount on the book, the Kindle has to sit aside.