[SystemSafety] New paper on MISRA C
Paul Sherwood
paul.sherwood at codethink.co.uk
Wed Sep 12 16:07:49 CEST 2018
Hi Bertrand,
On 2018-09-12 14:52, RICQUE Bertrand (SAFRAN ELECTRONICS & DEFENSE)
wrote:
> Not necessary. As long as the system failure rate remains within the
> objective, there is no problem.
Do you mean that if the system is reliable enough, we don't need to
bother with a safety architecture? That would be true, if we can
genuinely show that the system failure rate is within tolerance.
But **system failure rate** is not just a product of component failures
- it may include failures resulting from interactions between (properly
functioning) components.
More information about the systemsafety
mailing list