Applying Scrum Development on Safety Critical Systems

Full Text (PDF, 346KB), PP.44-57

Views: 0 Downloads: 0


Mustafizur Rahman 1,* Shusmita Islam 1 Rubiyet Fardous 1 Lamisa Yesmin 1 Dip Nandi 2

1. Department Of Computer Science, American International University-Bangladesh, Dhaka, Bangladesh

2. Faculty of Science and Technology, American International University-Bangladesh, Dhaka, Bangladesh

* Corresponding author.


Received: 23 Jan. 2022 / Revised: 28 Apr. 2022 / Accepted: 19 Jul. 2022 / Published: 8 Oct. 2022

Index Terms

Safety-Critical System, Scrum, SafeScrum, IEC61508, Agile, Software Development


Scaled agile approaches are increasingly being used by automotive businesses to cope with the complexity of their organizations and products. The development of automotive systems necessitates the use of safe procedures. SafeScrum® is a real example of how agile approaches may be used in the creation of high-reliability systems on a small scale. A framework like SAFe or LeSS does not facilitate the creation of safety-critical systems in large-scale contexts from the start. User stories are a wonderful approach to convey flexible demands, the lifecycle is iterative, and testing is the initial stage in the development process. Scrum plus extra XP approaches may be used to build high-reliability software and certification by the IEC 61508 standard is required for the software. This adds a slew of new needs to the workflow. Scrum's quality assurance measures proved to be inadequate in a recent industry situation. Our study's overarching goal is to provide light on the Scrum development process so that it may be improved for use with life-or-death systems. Our study of the business world was a mixed-methods affair. The findings demonstrated that although Scrum is helpful in ensuring the security of each release, it is less nimble in other respects. The difficulties of prioritization, communication, time constraints, and preparing for and accepting new safety standards were all discussed. In addition, we have had some helpful feedback from the business world, but the generality issue arising from this particular setting has yet to be addressed.

Cite This Paper

Mustafizur Rahman, Shusmita Islam, Rubiyet Fardous, Lamisa Yesmin, Dip Nandi, "Applying Scrum Development on Safety Critical Systems", International Journal of Information Technology and Computer Science(IJITCS), Vol.14, No.5, pp.44-57, 2022. DOI:10.5815/ijitcs.2022.05.04


[1]Nuclear Regulatory Commission, Information Notice 96-29, Washington, DC (May 1996).
[2]European Space Agency, Ariane 501 Inquiry Board Report (July 1996) http:/ /ravel.esrin.esa. it/docs/esa-x-1819eng.pdf.
[3]Leveson, N. G. (1995) Safeware: System Safety and Computers. Addison-Wesley.
[4]MC Software, Inc. S=85.
[5]N. Wirth, Towards discipline of real time programming, Commun. ACM 20, 1977.
[6]D. Harel and A. Pnueli, On the development of reactive systems. Logics and Models of Concurrent Systems, (K. R. Apt, ed.), Springer-Verlag, 1985, pp. 477-498.
[7]J. F. Cassidy, T. Z. Chu, Kutcher, S. B. Gershwin, and Y. Ho, Research needs in manufacturing systems, IEEE Control Syst. 5, 11-13(1985).
[8]W. J. Quirk, Verification and Validation of Real-Time Software, Springer-Verlag, Berlin, 1985.
[9]A. H. Levis, Challenges to control: a collective view, IEEE Trans. Auto Control AC-32, 1987.
[10]J. A. Stankovic, Misconceptions about real-time computing: serious problem for next generation systems, Computer 21, 10-19 (1988).
[11]S.-T Levi and A. K. Agrawala, Real Time System Design, McGraw-Hill Publishing Company, 1990.
[12]D. L. Parnas, A. J. van Schouwen, and S. P. Kwan Evaluation Standards for Safety Critical Software, Technical Report TR 88-220, Queen's University, Kingston Ontario, Canada, 1988.
[13]Marshall, P., NII Found Problems in 50%-Plus of Sizewell-B PPS Computer Tests, Nucleonics Week, 34, 43 (October 28, 1993).
[14]National Aeronautics and Space Administration, Mars Climate Orbiter Mishap Investigation Report, Washington, DC (November 1999) MCO_MIB_Report.pdf.
[15]Jet Propulsion Laboratory, Report on the Loss of the Mars Polar Lander and Deep Space 2 Missions, JPL D-18709 (March 2000).
[16]Hatcliff, J., Wassyng, A., Kelly, T., Comar, C., and Jones, P. (2014). Certifiably safe software dependent systems: challenges and directions. In Proceedings of the on Future of Software Engineering - FOSE, (pp. 182–200).
[17]M Heimdahl, M. P. E. (2007). Safety and Software Intensive Systems: Challenges Old and New. In FoSE 2007: Future of Software Engineering (pp. 137–152).
[18]Day, J.W., The Reliability of the Sizewell 'B' Primary Protection System, Reactor protection Group, Nuclear Electric (January, 1990).
[19]Neumann, P. Computer Related Risks, Addison Wesley (1995).
[20]Spence JW (2005) There has to be a better way! In: Proceedings of the Agile Development Conference (ADC'05), Denver, USA, IEEE, pp 272-278.
[21]Mehrfard H, Hamou-Lhadj A (2013) The impact of regulatory compliance on Agile software processes with a focus on the FDA guidelines for medical device software. International Journal of Information System Modeling and Design, 2(2): p. 67-81.
[22]Del Bianco V, Stosic D, Kiniry JR (2010) Agile Formality: A Mole of Software Engineering Practices. In: Proceedings of the 2nd International Workshop on Formal Methods and Agile Methods, Pisa, Italy, pp 29-48.
[23]Mehrfard H, Pirzadeh H, Hamou-Lhadj A (2010) Investigating the capability of agile processes to support life-science regulations: the case of XP and FDA regulations with a focus on human factor requirements. In: Proceedings of the 8th Conference of Software Engineering Research, Management and Applications (SERA), Montreal, Canada, Springer, pp 241-255.
[24]Boehm, B.W. and Ross, R. (1989), "Theory-W software project management principles and examples", IEEE Transactions on Software Engineering, Vol. 15 No. 7, pp. 902-916.
[25]Sommerville, I. (2015), Software Engineering, Addison-Wesley, Harlow, UK.
[26]Zultner, R.E. (1993), "TQM for technical teams", Communications of the ACM, Vol. 36 No. 10, pp. 79-91.
[27]Weiguo L., Xiaomin F.: Software Development Practice for FDA-Compliant Medical Devices. Proc. of the 2009 International Joint Conference on Computational Sciences and Optimization, 2009.
[28]Royce, W., 1970, „Managing the Development of Large Software Systems”, Proceedings of IEEE WESCON, 26, pp. 328-388.
[29]N. Storey, Safety-Critical Computer Systems. Addison-Wesley, 1996.
[30] [retrieved: September, 2012].
[31] [retrieved: September, 2012].
[32]Roman Pichler: „Scrum – Using Agile Project Management Successfully” (Transl.), 2008, pp. 7-123.
[33]Results from Scott Ambler’s March 2006 ‘Agile Adoption Rate Survey’ posted at [retrieved: September, 2012].
[34]Lukasiewicz K. assessment of risks introduced to safety critical software by agile practice: a software engineer’s perspective, 2012.
[35]Paige R. et al Towards Agile Engineering of High Integrity Systems. Proc. of 27th International Conference on Computer Safety, Reliability and Security (SAFECOMP) 2008.
[36]Gary et al. Agile methods for open-source safety critical software, 2012.
[37]Boehm B. Get ready for agile methods with care.,2002
[38]Pikkarainen M. An approach for assessing suitability of agile solutions: A case study, 2005.
[39]Sidky, A. and Arthur, J. Determining the applicability of agile practices to mission and life-critical systems. In Proceedings of the 31st IEEE Software Engineering Workshop, SEW ’07, pages 3–12, Washington, DC, USA. IEEE Computer Society,2007.
[40]Hajou A, Batenburg R, Jansen S (2015a) An Insight into the Difficulties of Software Development Projects in the Pharmaceutical Industry. Lecture Notes on Software Engineering 3 (4):267.
[41]Drobka J, Noftz D, Raghu R (2004) Piloting XP on four mission-critical projects. IEEE software 21 (6): 70-75
[42]Ge X, Paige RF, McDermid JA (2010) An iterative approach for development of safety-critical software and safety arguments. In: Proceedings for the Agile Conference (AGILE), Orloando, Florida, USA, IEEE, pp 35-43.
[43]Bedoll R (2003), A Tale of Two Projects: How ‘Agile’ Methods Succeeded after ‘Traditional’ Methods Had Failed in a Critical System-Development Project In: Proceedings of the 3rd Conference on Extreme Programming and Agile Methods, New Orleans, LA, USA, Springer, pp 25-34.
[44]Beznosov K (2003), Extreme Security Engineering: On Employing XP Practices to Achieve 'Good Enough Security' without Defining It X. In: Proceedings of the 1st ACM Workshop on Business-Driven Security Engineering (BizSec), Fairfax, USA, Citesee, pp 1-7.
[45]Abdelaziz AA, El-Tahir Y, Osman R (2015) Adaptive Software Development for developing safety critical software. In: Proceedings of the 1st International Conference on Computing, Control, Networking, Electronics and Embedded Systems Engineering (ICCNEEE), Khartoum, Sudan, IEEE, pp 41-46
[46]Boström G, Wäyrynen J, Bodén M, Beznosov K, Kruchten P (2006), Extending XP practices to support security requirements engineering. In: Proceedings of the 28th International Workshop on Software Engineering for Secure Systems (SESS), Shanghai, China, ACM, pp 11-17
[47]Del Bianco V, Stosic D, Kiniry JR (2010) Agile Formality: A Mole of Software Engineering Practices. In: Proceedings of the 2nd International Workshop on Formal Methods and Agile Methods, Pisa, Italy, pp 29-48.
[48]Beznosov K, Kruchten P (2004), Towards agile security assurance. In: Proceedings of the 17th Workshop on New Security Paradigms, Victoria, Canada, ACM. pp 47-54.
[49]Górski J, Łukasiewicz K (2012) Assessment of risks introduced to safety critical software by agile practices-a software engineer's perspective. Computer Science 13 (4):165-182.
[50]Heeager L (2012) Introducing Agile Practices in a Documentation-Driven Software Development Practice: A Case Study. Journal of Information Technology Case and Application Research 14 (1):3-24.
[51]Grenning J (2001) Launching extreme programming at a process-intensive company. IEEE Software 18 (6):27.
[52]Górski J, Łukasiewicz K (2013) Towards Agile Development of Critical Software. In: Proceedings of the 3rd International Workshop on Software Engineering for Resilient Systems, Kiev, Ukraine, Springer, pp 48-55.
[53]Stålhane, T., Myklebust, T., Hanssen, G.K.: The application of Scrum IEC 61508 certifiable software. In: Proceedings of ESREL. Helsinki, Finland (2012).
[54]Myklebust, T., Stålhane, T., Hanssen, G.K., Wien, T., Haugset, B.: Scrum, documentation and the IEC 61508-3:2010 software standard. In: Proceedings of Probabilistic Safety Assessment & Management conference (PSAM12). Self-published, Oahu, USA (2014).
[55]Stålhane, T., Hanssen, G.K., Myklebust, T., Haugset, B.: Agile change impact analysis of safety critical software. In: Bondavalli, A., Ceccarelli, A., Ortmeier, F. (eds.) SAFECOMP 2014. LNCS, vol. 8696, pp. 444–454. Springer, Heidelberg (2014).
[56]Haynes RB, Sackett DL, Guyatt GH, Tugwell PS. Clinical epidemiology: how to do clinical practice research. 3rd ed. Philadelphia, PA: Lippincott Williams & Wilkins; 2006.
[57]Popay J, Rogers A, Williams G. Rationale and standards for the systematic review of qualitative literature in health services research. Qualitative Health Research 1998; 8:341–351.
[58]Lincoln YS. Emerging criteria for quality in qualitative and interpretive research. Qualitative Inquiry 1995; 1:275–289.
[59]Pallant J (2007) SPSS Survival Manual: A Step-by-Step Guide to Data Analysis Using SPSS for Windows Version 15. Third edition. Open University Press, Maidenhead.