SafeScrum is an adaptation of the Scrum software development methodology, which is under development by SINTEF and NTNU, in collaboration with Norwegian industry.
Software is becoming an increasingly larger part of safety systems such as fire and gas detection installations, process control systems and railway signaling systems. This shift from hardware to software is driven by higher performance and flexibility in hardware and a need to increase innovation capability and time to market performance. This again leads to larger and more complex software development, but still following the same strict requirements imposed by fundamental standards such as IEC61508 (process/offshore), EN 50128 (rail), DO 178 (avionics), and others.
SafeScrum consists of common process elements from Scrum (roles, activities, techniques and artifacts) blended with other agile practices, and additional components needed to make Scrum support development and certification of safety-critical software systems with very high safety-function demands (up to safety-integrity level 3). Presently, we’re focusing on concepts to co-ordinate functional- and safety requirements, requirements change impact analysis, requirements-code traceability, independent code reviews, test coverage maximization, automation of documentation, and other aspects.
Besides new process components, SafeScrum also relies on an efficient tool chain to optimize issues that include requirements management, code reviews, integration and builds, version control, documentation automation. The tool chain consists of off-the-shelf available tools, which are integrated and coordinated with the SafeScrum process to achieve a maximum of automation. We are currently focussing on a Jira-based tool-chain. The goal is to relieve the development team of manual and error-prone tasks, in particular related to the production of proof-of-conformance to safety standards.
In the initial phase, SafeScrum is in particular being composed to match the software process lifecycle requirements of the IEC 61508 functional safety standard. IEC 61508 is fundamental to a wide range of industries worldwide. In a nutshell, the idea is to both realize benefits of an agile way of working and making certification more efficient. One of the largest saving opportunities is to reduce the additional effort to provide proof of conformance to the standard, which is needed to have the system certified by an external authority.
Our approach is to work closely with industry that produces high integrity safety systems. Presently, we work with Autronica Fire & Security and Kongsberg Maritime. We apply the key principles of action research. This means that we continuously develop our shared understanding of the problem (a costly development process) and the solution (an agile process, allowing flexibility and automating tedious and time consuming tasks). Industry partners are presently using SafeScrum in full-scale customer projects and are continuously improving the process and the tool-chain, based on lessons learned. In addition to the research-industry collaboration, we also maintain a dialogue with authorities that has the role as independent assessor (providing the certificate in the end), in this case TÜV Nord and TÜV Rheinland. As a third measure, SINTEF has an active role in the IEC committee which is working out the next edition of the IEC 61508 standard – here we seek to make the standard more compliant to the principles of agile software development.