[SystemSafety] A small taste of what we're up against
Olwen Morgan
olwen at phaedsys.com
Fri Oct 26 14:54:18 CEST 2018
On 26/10/2018 12:55, C. Michael Holloway wrote:
<snip>
> The implicit argument goes something like this: The commercial
> aviation community uses C quite a lot; the safety record in commercial
> aviation is fabulous; thus, using C is clearly acceptable. Over the
> years, I've heard people from the automotive and medical sectors
> (along with many researchers) justify their practices with words that
> reduce to this specious argument.
<snip>
I've seen such reasoning many times. It's the result, IMO, of a
combination of box-ticking and CYA mentalities. People think that if
they are seen to do what others do, then that's ipso facto accepted good
practice. The question of whether what they are doing is technically fit
for purpose is hardly ever asked; in many cases if it were, there still
would not be the technical expertise to produce sound answers.
As it happens, I am A UKAS assessor for compiler testing (did the
course, got on the register, and then the expected commercial market did
not appear - so I've never actually audited a compiler testing process
under UKAS auspices, though I have performed and supervised several lots
of compiler validation tests over the years.) In assessing the
competence of testing and calibration laboratories, a UKAS assessor is
expected to consider whether the methods used are fit for purpose. As
far as I can see, process audits to 61508, 26262, etc, often pay only
lip service to fitness for purpose.
Overall I have a very low opinion of what I've seen of software process
assessment. I may be unintentionally maligning some auditors here but
I'll be happy to stand corrected.
Olwen
More information about the systemsafety
mailing list