[SystemSafety] New paper on MISRA C
Paul Sherwood
paul.sherwood at codethink.co.uk
Wed Sep 12 14:54:37 CEST 2018
On 2018-09-12 13:17, Derek M Jones wrote:
> I read this (and subsequent material) as saying that the correlation
> is not 100% (and some people think it is).
>
> I would certainly agree that it is not 100%. But is it 50%, 25%?
> I don't think it is 0%.
>
> Does anybody have suggested numbers for the correlation?
I don't see how the numbers for correlation matter, really, once we have
established that reliability != safety, component safety != system
safety. If we are aiming for system safety, focusing on reliability of
components is simply the wrong thing to do. As I understand it we need
to engineer a system-level safety architecture that deals with
**expected failure** of (combinations of) any and all components.
And hence I'm wondering why are folks still interested in MISRA C for
system safety, when it seems to be mainly about removing potential
causes of non-deterministic behabviour in small-scale software
components.
br
Paul
More information about the systemsafety
mailing list