[SystemSafety] A couple of anecdotes on requirements engineering
Olwen Morgan
olwen at phaedsys.com
Sun Oct 14 19:44:00 CEST 2018
Peter,
The inanity that you describe is everywhere. It arises from , among
other things, the lack of appreciation of the role of stress testing as
a normal part of development.
I once worked on a project to develop a trainborne module for the Train
Protection and Warning System (TPWS). SInce the trainborne element picks
up circa 65kHz radio signals from units in the track bed, it suffers
from the problem that rail track beds are electromagnetically very noisy
environments. Accordingly, I advised the client that testing should
include suitable, repeatable pseudo-random stress testing. This fell on
the deaf (blocked?) ears of the unwashed.
Another delightful problem that was ignored is that the then time signal
transmitter in Daventry was on a frequency very close to that used by
TPWS. Incident reports on all-hardware implementations of the trainborne
unit stated that there was a 2V drop across the antenna when the train
passed the Daventry transmission site. As if this wasn't enough, the
TPWS unit was for an international service that ran over both UK and
overseas infrastructure where the locos used were capable of speeds
significantly exceeding the maximum specified operating limit for TPWS.
AFAI know, what they did after I withdrew from the project was to put
the unit on a loco on the East Coast main line and take the reactions of
the unit at high speed as the stress test. Hardly a controlled test, let
alone one that was accurately repeatable and reproducible
To me the case for pseudo-random stress testing was a no-brainer.
Unfortumately I had to argue this to people who showed worrying signs of
having no brains. Whenever I work on a safety-related control system, I
always point out that the requirements should take account of the total
system including both the control unit and the environment whence it
receives stimuli. That way you can at least get some idea of a system's
response to out-of-specification adventitious conditions. I've not yet
succeeded in convincing anyone of the sense of this approach on a
small-scale embedded development.
O
On 14/10/18 11:15, Peter Bernard Ladkin wrote:
> https://abnormaldistribution.org/index.php/2018/10/14/passwords-and-requirements-engineering/
>
>
> PBL
>
> Prof. Peter Bernard Ladkin, Bielefeld, Germany
> MoreInCommon
> Je suis Charlie
> Tel+msg +49 (0)521 880 7319 www.rvs-bi.de
>
>
>
>
>
>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20181014/7b8714cf/attachment.html>
More information about the systemsafety
mailing list