Use of COTS Software Components in Safety-Critical Applications – A Defensible Approach*

Current methods for the evaluation and selection of a Commercial-Off-The-Shelf (COTS) software component fail to address emergent system safety properties. This can lead to extreme difficulties in the certification of COTS-based safety-critical system development projects. In this paper, we propose a defensible approach to supporting successful use (i.e. evaluation & selection, integration, certification and maintenance) of COTS components within safetycritical applications. Within the approach, applicationspecific safety requirements derived for the expected COTS functionality are used to provide evaluation and selection criteria. Where these requirements cannot be met directly by a candidate COTS component the approach encourages the targeted application of suitably matched mitigation strategies. By addressing safety considerations early and explicitly in the COTS based system development lifecycle this approach facilitates the development of a structured safety case to support system certification.