For such systems, trusted methods and techniques must be used for development. Consequently, critical systems are usually developed using well-tested techniques rather than newer techniques that have not been subject to extensive practical experience. Developers of critical systems are naturally conservative, preferring to use older techniques whose strengths and weaknesses are understood, rather than new techniques which may appear to be better, but whose long-term problems are unknown.
Expensive software engineering techniques that are not cost-effective for non-critical systems may sometimes be used for critical systems development. For example, formal mathematical methods of software development have been successfully used for safety and security critical systems. One reason why these formal methods are used is that it helps reduce the amount of testing required. For critical systems, the costs of verification and validation are usually very high—more than 50% of the total system development costs.
A critical system is distinguished by the consequences associated with system or function failure. Likewise, critical systems are further distinguished between fail-operational and fail safe systems, according to the tolerance they must exhibit to failures:
- Fail-operational — typically required to operate not only in nominal conditions (expected), but also in degraded situations when some parts are not working properly. For example, airplanes are fail-operational because they must be able to fly even if some components fail.
- Fail-safe — must safely shut down in case of single or multiple failures. Trains are fail-safe systems because stopping a train is typically sufficient to put into safe state.
Safety critical systems deal with scenarios that may lead to loss of life, serious personal injury, or damage to the natural environment. Examples of safety-critical systems are a control system for a chemical manufacturing plant, aircraft, the controller of an unmanned train metro system, a controller of a nuclear plant, etc.
Mission critical systems are made to avoid inability to complete the overall system, project objectives or one of the goals for which the system was designed. Examples of mission-critical systems are a navigational system for a spacecraft, software controlling a baggage-handling system of an airport, etc.
Business critical systems are programmed to avoid significant tangible or intangible economic costs; e.g., loss of business or damage to reputation. This is often due to the interruption of service caused by the system being unusable. Examples of a business-critical systems are the customer accounting system in a bank, stock-trading system, ERP system of a company, Internet search engine, etc.
Security critical systems deal with the loss of sensitive data through theft or accidental loss.
- Hinchey, Mike; Coyle, Lorcan (2010). "Evolving Critical Systems: a Research Agenda for Computer-Based Systems" (PDF): 430–435.
- "Mission Critical vs. Business Critical: HUH?". Activestate ActiveBlog.
- Bozzano, Marco; Villafiorita, Adolfo (2010). Design and Safety Assessment of Critical Systemss. Austin, Texas: Auerbach Publications. p. 298. ISBN 9781439803318.