[SystemSafety] A small taste of what we're up against

Coq, Thierry Thierry.Coq at dnvgl.com
Thu Oct 25 10:18:57 CEST 2018


1°) I wish too we were not constrained by all the confidentiality agreements and proprietary information, so I second Derek's claim on hard evidence. However, since I am bound by said agreements, I can only state generalities, and refer the ladies and gentlemen in this list to their own observations and data collecting.

In fact, setting up a sound data collecting process is quite hard, and Jean-Louis Letouzey and I have work hard to identify standard defects in software, from requirements to implementation to testing, that actually do impact software reliability and software technical debt, and publish a free database that is language-agnostic. It is on purpose built as to be able to compare software built using several technologies and be comparable across technologies, using measurement theory. It is now for the industry to take this up.  We have noticed the usual tendency of the tool makers to want to introduce their "own" additions and sell their tools at and advantage which is natural. I hope more people will publish their evidence and hard data.

So I agree completely to data collection, and tool checking, even on easy-to-read languages.

2°) However, I do not observe all defects are nails, and that tools can hammer all my defects.
In my experience (I can't write more) Inspections and peer reviews find fewer defects of the kind that automatic tools can find, and yet, inspections and peer reviews find defects that tools just cannot find.
Both are needed in the software production chain in order to move away from the art of writing software to the engineering practice of designing and producing software industrially. In fact, many other methods and tools are needed from requirements to automatic testing, in order to have a complete software factory, but that's another topic.

FYI, my experience is in industrial software, most of it scientific, or real-time, or safety-critical, or all three. From small 80 000 lines of source to quite large (5 000 000) source, easy-to-read sources, and not so easy-to-read sources. I've audited larger (50 000 000). That is why I usually see them as long-lived, when they do reach the production stage.

Best regards,
Thierry

-----Original Message-----
From: systemsafety <systemsafety-bounces at lists.techfak.uni-bielefeld.de> On Behalf Of Derek M Jones
Sent: Wednesday, October 24, 2018 2:33 PM
To: systemsafety at lists.techfak.uni-bielefeld.de
Subject: Re: [SystemSafety] A small taste of what we're up against

>>These days I take a hard line on claims of evidence.
--
Derek M. Jones           Software analysis
tel: +44 (0)1252 520667  blog:shape-of-code.coding-guidelines.com
_______________________________________________
The System Safety Mailing List
systemsafety at TechFak.Uni-Bielefeld.DE

**************************************************************************************
This e-mail and any attachments thereto may contain confidential information and/or information protected by intellectual property rights for the exclusive attention of the intended addressees named above. If you have received this transmission in error, please immediately notify the sender by return e-mail and delete this message and its attachments. Unauthorized use, copying or further full or partial distribution of this e-mail or its contents is prohibited.
**************************************************************************************


More information about the systemsafety mailing list