[SystemSafety] A small taste of what we're up against
Olwen Morgan
olwen at phaedsys.com
Fri Oct 26 14:09:54 CEST 2018
I'd also question whether air accident investigations actually work in a
way that would be likely to discover a software fault as a cause of an
accident. Proximal physical causes are regularly sought and found.
Software-related causes may be more distal and harder to prove.
Olwen
On 26/10/2018 12:55, C. Michael Holloway wrote:
> On 2018-10-26 (05.07.05), martyn at thomas-associates.co.uk wrote:
>> On 26/10/2018 09:14, Dewi Daniels wrote:
>>>
>>> There are over 25,000 certified jet airliners in service world-wide,
>>> many containing software written in C. There has not been a single
>>> hull-loss accident in passenger service ascribed to a software fault.
>>>
>> It's hard to eliminate these considerations when trying to draw more
>> widely applicable conclusions from the achievements in this sector.
> Unfortunately it is not hard to believe that a lack of understanding
> of these considerations contributes to people thinking that using C
> (and C-derived languages) for safety critical systems is a 'proven'
> good idea. The implicit argument goes something like this: The
> commercial aviation community uses C quite a lot; the safety record in
> commercial aviation is fabulous; thus, using C is clearly acceptable.
> Over the years, I've heard people from the automotive and medical
> sectors (along with many researchers) justify their practices with
> words that reduce to this specious argument. Unfortunately, the same
> mentality has crept (or perhaps, leapt) into most parts of the
> aviation sector not involving large airplanes.
>
> Of course, the missing premises, which are essential to formulating an
> argument corresponding to reality, involve the factors that Martyn
> mentioned (rigorous software engineering practices, meticulous
> investigations of accidents, and such things). Rather than
> recognizing the importance of these factors, a whole lot of people
> (including folks within my own organization) think rigorous practices
> serve only to increase costs unnecessarily.
>
>
> --
>
> *C. Michael Holloway* (cMh)
> Senior Research Computer Engineer
> NASA Langley Research Center, Hampton VA USA
> bit.ly/cmhpapers <http://bit.ly/cmhpapers>
>
> Verba volant, scripta manent
> spoken words fly away, written words remain
>
> (The words in this message are mine alone;
> neither blame nor credit NASA for them.)
>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
> Manage your subscription: https://lists.techfak.uni-bielefeld.de/mailman/listinfo/systemsafety
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20181026/7689b532/attachment.html>
More information about the systemsafety
mailing list