The ultimate goal of the course is to convey the basics of all the steps involved in the making of software with strong reliability, safety and security requirements, with a particular emphasys on critical embedded systems. Taking for granted software literacy in C/C++, the course covers software specification, design, coding and verification, all in the context of the software development processes prescribed by industry standards for the realization of safety- and security-related systems.
Knowledge and understanding
The course introduces important topics concerning the development of software in industry, especially in critical sectors. These topics are all the more important in that, in all graduate or post-graduate studies, they are often overlooked or limited to exposures of principle without any concrete connection with industrial reality. The course mentions the formal methods and their potential, but does not go into them (leaving their in-depth analysis to other courses with strong logical-mathematical prerequisites), aiming instead at understanding the relationship between costs and benefits of formal, semi-formal and informal methods applied to industrial contexts.
Applying knowledge and understanding
The knowledge presented is always applied to the resolution of specific problems. The course develops around a concrete example of embedded software chosen at the beginning of the course. For this example, students will attend (and compete to carry out) all stages of development, from the drafting of requirements to verification.
The course is developed around the requirements of the industrial functional-safety standards. These standards refer to specific objectives to be achieved and to division of roles (developers, verifiers, assessors and certification bodies) that do require independent judgment. In the end, it is not just a matter of achieving objectives, but of arguing for their adequacy and achievement in front of peers.
A consequence of what has already been said, is that the course makes pressing reference to the need for general precision and communicative clarity (for example, in drawing up the requirements). More specifically, the course teaches the basics of building structured arguments, supported by adequate evidence, which justify the fact that a system is acceptably safe for a given application in a given operating environment. These arguments (safety cases) require the refinement of the student's communication skills.
Almost all the teaching material has extra-university origin. If on the one hand this requires students to be highly flexible (in moving from one source to another, in the need to interpolate the information available in the various sources), on the other hand it stimulates them to practice the way of finding information and assimilating the concepts that will be a constant of their entire professional life.