[SystemSafety] Does "reliable" mean "safe" and or "secure" or neither?
Mike Ellims
michael.ellims at tesco.net
Sun Apr 24 14:23:12 CEST 2016
> as software does not "fatigue" or randomly "break" the way hardware does
Reliability engineering is much more than just fatigue or randomly breaks,
it encompasses everything about the control of variation and error in a
system, most commonly using statistical methods.
BS 4478 defines reliability as "The ability of an item to perform a required
function under stated conditions for a stated period of time".
O'Conner states that "reliability is usually concerned with failures in the
time domain. This distinctions marks the difference between traditional
quality control and reliability engineering".
He goes on to list a number of reasons why a failure may occur as follows
(abridged)
- design: which may be inadequate
- overstress: i.e. analysis of condition was incomplete and/or incorrect
- variation: which includes manufacturing variation
- wear out, which is what everyone seems to think of...
- error, such as errors in specification
Henley and Kumamoto give a potted history of the development of reliability
engineering and track its roots to work done by Lusser on the V2 (V1?)
missile which was spectacularly unreliable at first. But obviously not a
wear out issue...
This is of course separate from whether in any context reliability is useful
concept e.g. software. You can obviously measure the reliability of
Windows98 is terms of mean time between crashes (failures in time) likewise
you can measure the reliability of Linux in the same manner. Whether that
has any deep meaning aside from the fact that it shows Windows98 to be pants
compared to Linux for some distribution of uses/input/outputs a different
question.
Cheers.
-----Original Message-----
From: systemsafety
[mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de] On Behalf Of
Coq, Thierry
Sent: 24 April 2016 07:24
To: The System Safety List
Subject: Re: [SystemSafety] Does "reliable" mean "safe" and or "secure" or
neither?
Hi
I find this list hugely informative. In particular, I find PBL's posts
factual, useful, interesting and intriguing. As well as the many other
debaters who agree with him or challenge him. As it should be. I wish to
express my gratitude to all debaters.
However, this last exchange seems to me a debate on authority.
On our left, we have DO-178. B now C.
On our right, we have IEC, IEEE, Musa, etc.
To go further, it is plain fact that the aeronautics industry has
demonstrated it doesn't need "software reliability" to deliver highly
reliable automated systems, or systems of systems.
It seems evident with the knowledge we have of the aeronautics success that
in order to use "software reliability" in other industries, or in
aeronautics, there needs to be a clear use case where the value of "software
reliability" is demonstrated, compared to other methods or techniques, in
order to apply "software reliability". The analogy of software and hardware
does not seem valid, as software does not "fatigue" or randomly "break" the
way hardware does, which is the basis for all probabilistic reliability
theories for hardware. The analogy that does seem valid between hardware and
software is the presence of systematic faults, in design, manufacturing,
installation, testing, misuse, etc. Which in hardware also does not have a
probability number. Formal methods can be used to identify such systematic
faults in software. If one can be found, then a test environment can be
devised in which the software will fail 100% of the time. Random hardware
faults do not behave like t hat.
Best regards,
Thierry Coq
The opinions reflected here are my own and are not necessarily those of my
employer
-----Original Message-----
From: systemsafety
[mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de] On Behalf Of
Peter Bernard Ladkin
Sent: dimanche 24 avril 2016 03:27
To: The System Safety List
Subject: Re: [SystemSafety] Does "reliable" mean "safe" and or "secure" or
neither?
On 2016-04-23 19:43 , Nick Tudor wrote:
> DO-178C
In the absence of a complete sentence, let me suggest one.
---- DO178C sees no need to assign any meaning to the term "software
reliability".
It's fine for some industry consortium to find it has no use for a specific
concept. RTCA likely has no use for the notion of a cup of tea, either
(BS6008). But that doesn't mean it makes any sense to argue that there isn't
any such thing as a cup of tea.
PBL
Prof. Peter Bernard Ladkin, Faculty of Technology, University of Bielefeld,
33594 Bielefeld, Germany Je suis Charlie
Tel+msg +49 (0)521 880 7319 www.rvs.uni-bielefeld.de
****************************************************************************
**********
This e-mail and any attachments thereto may contain confidential information
and/or information protected by intellectual property rights for the
exclusive attention of the intended addressees named above. If you have
received this transmission in error, please immediately notify the sender by
return e-mail and delete this message and its attachments. Unauthorized use,
copying or further full or partial distribution of this e-mail or its
contents is prohibited.
****************************************************************************
**********
_______________________________________________
The System Safety Mailing List
systemsafety at TechFak.Uni-Bielefeld.DE
---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
More information about the systemsafety
mailing list