[SystemSafety] A small taste of what we're up against

Olwen Morgan olwen at phaedsys.com
Fri Oct 26 14:09:54 CEST 2018


I'd also question whether air accident investigations actually work in a 
way that would be likely to discover a software fault as a cause of an 
accident. Proximal physical causes are regularly sought and found. 
Software-related causes may be more distal and harder to prove.

Olwen


On 26/10/2018 12:55, C. Michael Holloway wrote:
> On 2018-10-26 (05.07.05), martyn at thomas-associates.co.uk wrote:
>> On 26/10/2018 09:14, Dewi Daniels wrote:
>>>
>>> There are over 25,000 certified jet airliners in service world-wide, 
>>> many containing software written in C. There has not been a single 
>>> hull-loss accident in passenger service ascribed to a software fault.
>>>
>> It's hard to eliminate these considerations when trying to draw more 
>> widely applicable conclusions from the achievements in this sector.
> Unfortunately it is not hard to believe that a lack of understanding 
> of these considerations contributes to people thinking that using C 
> (and C-derived languages) for safety critical systems is a 'proven' 
> good idea. The implicit argument goes something like this: The 
> commercial aviation community uses C quite a lot; the safety record in 
> commercial aviation is fabulous; thus, using C is clearly acceptable. 
> Over the years, I've heard people from the automotive and medical 
> sectors (along with many researchers) justify their practices with 
> words that reduce to this specious argument. Unfortunately, the same 
> mentality has crept (or perhaps, leapt) into most parts of the 
> aviation sector not involving large airplanes.
>
> Of course, the missing premises, which are essential to formulating an 
> argument corresponding to reality, involve the factors that Martyn 
> mentioned (rigorous software engineering practices, meticulous 
> investigations of accidents, and such things).  Rather than 
> recognizing the importance of these factors, a whole lot of people 
> (including folks within my own organization) think rigorous practices 
> serve only to increase costs unnecessarily.
>
>
> -- 
>
> *C. Michael Holloway* (cMh)
> Senior Research Computer Engineer
> NASA Langley Research Center, Hampton VA USA
> bit.ly/cmhpapers <http://bit.ly/cmhpapers>
>
> Verba volant, scripta manent
> spoken words fly away, written words remain
>
> (The words in this message are mine alone;
> neither blame nor credit NASA for them.)
>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
> Manage your subscription: https://lists.techfak.uni-bielefeld.de/mailman/listinfo/systemsafety
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20181026/7689b532/attachment.html>


More information about the systemsafety mailing list