A safety- or life-critical system is a system whose failure or malfunction may result in one (or more) of the following outcomes:

  • death or serious injury to people
  • loss or severe damage to equipment/property
  • environmental harm

Quoted from Wikipedia/Safety-critical system


Safety means:

  • protected from harm or other danger
  • in control of recognized or accepted dangers or hazards
  • achieve an acceptable level of risk

Quoted from Wikipedia/Safety



Capability of a product under defined conditions to avoid a state in which human life, health, property, or the environment is endangered.

ISO-25010:2023

Typical Acceptance Criteria

Scenario Response Measures from [Bass et al.]

  • Amount or percentage of unsafe states that are avoided
  • Amount or percentage of unsafe states from which the system can (automatically) recover
  • Change in risk exposure: size(loss) * prob(loss)
  • Percentage of times the system can recover
  • Amount of time the system is in a degraded or safe mode
  • Amount or percentage of time the system is shut down
  • Elapsed time to enter and recover (from manual operation, from a safe or degraded mode)

Bass et al., 2021

What Stakeholders mean by safe

Stakeholder (potential) Expectation for safe
User * using the system will never cause any risk to my health
* it is not possible to injure myself accidentally by using the system
Management * minimal risk of any liability lawsuit
* no person will ever get hurt when using or maintaining our system
* the system poses no risk or danger to any humans’ health
* the system poses no risk to the environment
Developer development processes comply with appropriate safety standards and regulations, e.g. SPICE
Tester -
Admin -
Domain-Expert the system and its implementation comply with all required safety standards, like ISO-26262
Others Safety auditors, government agencies requiring compliance with safety standards, law

Qualities tagged with #safe

Requirements tagged with #safe