City University researchers are helping protect critical facilities where the failure of computer systems could result in death, injury, financial loss and damage to the environment.

Published (Updated )

To help address this concern, Professor Robin Bloomfield and Professor Peter Bishop have, over the past 14 years, developed an approach to evaluate whether or not we can trust such computer systems.

So far, these systems have been keeping vital checks on critical computer technology used in the operation of nuclear power plants, healthcare technology, and key elements of the UK's financial infrastructure as well as critical rail signalling and air traffic control systems.

Assurance case

The focus of the work undertaken at City's Centre for Software Reliability (CSR) has been to develop a broadly applicable "assurance case" that can demonstrate that the risks posed by computer systems operating in a variety of industries are acceptably low.

The approach is described as a "claims, arguments, evidence" (CAE) structure since it takes account of a range of evidence sources, and uses rigorous arguments to assess claims made about the trustworthiness of an IT system. The overall approach also incorporates a rigorous critique of unsound practices in assessing software-based systems, and there are associated models that enable long-term reliability prediction for a system.

This overall CAE approach, and supporting analytical models, has been adopted by the nuclear, aviation and medical sectors. It has also become standard practice within several key industry sectors, benefiting both the industries concerned and the public using the services of those industries.

The work has had a direct application through the CSR's relationship with safety assurance company Adelard LLP. The company confirms that the CAE approach is now a key component of assessing designs for new nuclear power plants in the UK, and is being considered for such a role in other countries, with regulators in Sweden, Finland and China supporting its use.

In the United States the Food and Drugs Administration specifically asked for a new CAE approach to assurance by manufacturers of vital medical devices, and CSR staff are now working with the federal regulator to develop templates for use on medical devices. These systems have been keeping vital checks on computer technology used in the operation of nuclear power plants, healthcare and UK finance.

"These systems have been keeping vital checks on computer technology used in the operation of nuclear power plants, healthcare and UK finance."

The CAE approach has been applied to the UK's electronic funds transfer system (BACS), which is part of the country's critical infrastructure according to the Government as well as other payment systems. Elsewhere, CAE has been used on the safety assurance for rail interlocking and signalling systems and in critical national systems overseen by government agencies. More recently the work is being extended to cover security and security informed safety and forms part of City's contribution to the National Research Institute on Industrial Control Systems.

Global standards

The basic concepts have been incorporated within international standards, UK Ministry of Defence standards for software-based system safety, the Civil Aviation Authority's safety assurance for air traffic services equipment, and US FDA guidance on the safety of infusion pumps.

Funding in excess of £3.5 million for this research has come via a series of projects including funding from the EU, from the Engineering and Physical Sciences Research Council and CPNI, from the nuclear industry and, from the Leverhulme Trust as well as the EU's ARTEMIS joint technology initiative.

Professor Robin Bloomfield was elected a Fellow of the Royal Academy of Engineering in 2014 in recognition of his international leadership on safety critical computer systems.

When failure of critical computer systems could have such an impact, it is vital that we have confidence that the risks posed are understood and tolerable. The contribution of City's assurance work has led to the evolution of regulations and procedures across a variety of sectors, leading to significant and wide-ranging improvements in practice and in the safety and security of industry and the public.


Information assurance:

Information assurance (IA) is the practice of assuring information and managing risks related to the use, processing, storage, and transmission of information or data and the systems and processes used for those purposes.