Definition and Measurement of Complexity in the Context of Safety
This report describes research to define complexity measures for avionics systems to help the FAA identify when systems are too complex to assure their safety.
The project selected a measure of complexity related to the number of ways that an avionics system error (fault) could propagate from element to element. Since each potential propagation requires another sub-argument in the safety case, the number of arguments should be linear with certification effort. Thus, the ability to show system safety through the certification process depends on this kind of system complexity.
Our results include a formula for calculating the “error-propagation complexity” from system designs and its results for small and medium systems. We tested it on a second design for each system and on a larger design from a NASA report.
The complexity measurement must be matched to available review time to determine if a system is “too complex to assure safety.” Review times for small cases were extrapolated to larger ones, assuming that a typical system includes small, medium, and large designs. Since many numbers and their relationships are speculative, the boundary of systems “too complex to assure safety” should be treated very cautiously. Finally, future research areas are discussed.