[SystemSafety] Collected stopgap measures

[Chris Hills]

Hi 

I  have been reading  Bruce Schneier's new work "Click Here to kill everybody"  on cyber security in the current state of computing. 

He is even more despondent than the safety industry about attitudes like this below. 

> -----Original Message-----
> > For the software only properties, it's obvious that we DO NOT need documented requirements, or documented design. Software is often (almost
> always, these days, in agileworld?) successfully evolved and consumed  without either of these.

Whereas most safety related systems have been done to rigorous standards, and some recognisable security systems too, he suggests that  most software is so badly constructed with lack of requirements, design and rigour the world seems happy to accept substandard software as the norm.  This means that almost any system with software in it is insecure. If it is not in itself insecure then is it connected to at least one very weak and insecure link.

His view seems to be that we should, rather than moving to less documentation, design etc, move all software towards aircraft standards!     Capers Jones book on the Economics of Software Quality shows that it is cost effective to engineer software properly. 

It is NOT obvious that we do not need documented requirements or designs but in fact the opposite is true.
What IS obvious is that we need to move software from "coding" to Engineering and improve standards and working practices greatly. 


Regards
   Chris 

Phaedrus Systems Ltd         
Http://www.phaedsys.com  chills at phaedsys.com