[SystemSafety] COTS display certification

Martyn Thomas martyn at thomas-associates.co.uk
Fri Jul 29 12:47:39 CEST 2016


I agree with the general point that Peter Bishop was making, about the
duality, equivalence or interchangeability of code and data.

A program can be seen as an interpreter for the data that it processes,
(just as hardware is an interpreter for the program it executes and the
program is then data for the hardware interpreter). Any computable
function can be expressed as a simple interpreter and a lot of data and
storage (a Turing machine - where "a lot" is arbitrarily large!).

Then there's the data that is contained /within/ the program
(initialisation values and constants) some of which values may be safety
related. Is this program or data? Surely it's irrelevant which of these
terms you choose to call it.

I think this must mean that system safety assurance (and assurance in
general) should eqivalently assure code and data, and their
interactions, as Peter Bishop says. A Safety Function will encompass
both code and data, and the SIL applies to the SF, as PBL has already
said. 

Martyn




On 29/07/2016 10:13, Peter Bishop wrote:
> Well I did say *in principle* (i.e. ignoring memory constraint issues).
>
> The main point I was trying to make is that we need equivalent levels of
> assurance for code and data. And assurance of data integrity needs more
> coverage in standards.
>
> Peter B
>
> PS Your impossibility argument works if you assume Size (RVN) = size(M),
> but you could could choose size(RVN) to be *less than* size(M), i.e. use
> a coarser discretisation to ensure the lookup table fits the available
> space.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20160729/b3af806c/attachment.html>


More information about the systemsafety mailing list