Software Engineering
Home Planning Requirements Writing Hazard Analysis Requirement Analysis Config Control Software Design Software Testing Software Standards Basic Logic

Software Hazard Analysis - Documentation

Each cause for a hazard will produce one or more mitigations, and one mitigation may apply to one or more hazards. Each mitigation will produce one or more verification steps. Each verification step will produce a verification result. Since the same mitigation may apply to multiple hazards, a many-to-many relationship can exist between hazards and mitigations. For this reason, a two-table approach is recommended. This helps to resolve many-to-many relationships between hazards and mitigations and prevents unwanted duplication of mitigation descriptions or tag numbers. This approach also allows automated tools to be used, if desired.

The first column in each table is considered the Primary Tag for that table.

Table of Hazards

Hazard Tag

Hazard/Cause

Level of Concern

Mitigations

Mitigation Tags

Residual Concern

Unique identifying number for each hazard.

Description of the hazard created and its cause. If multiple causes exist, each cause must be listed separately with its own Hazard Tag.

Minor, Moderate, or Major level of concern – before mitigation.

Brief list of mitigations to reduce the hazard to an acceptable level. If there are multiple mitigations for a cause, then each mitigation must have its own Mitigation Tag.

Unique identifying number for each mitigation.

This is the mitigation tag from the Table of Mitigations.

Level of Concern after mitigation:

Minor, Moderate, or Major.

Table of Mitigations

Mitigation Tag

Description

Mitigation Type

Verification Method

Unique identifying number for each mitigation.

Detailed description of the mitigation.

By Design, Protective, or Warning.

Brief description of how the mitigation is to be verified. For example: unit testing, label copy approval, design review, etc.