[SystemSafety] Another question

Andrew Banks andrew at andrewbanks.com
Fri Sep 21 04:25:54 CEST 2018


paul_e.bennett at topmail.co.uk wrote

>> Which should always lead to the question why leave testing so late in
>> the process? We would be far better starting to test at the beginning.
>> The question of what is there to test at the start? Why the requirements
>> themselves of course.

Not very long ago, on a project that was assessed as ISO26262 ASIL C, I had the company Technical Director moaning at me because, after six months of the project, we hadn't written any software.

That we had captured all of the necessary requirements, modelled the architecture and simulated/validated the design was not enough... he wanted to see something working!

Half an hour later, I had an LED flashing on a dev-kit... "That's the battery monitoring system running" says I... "it doesn't work fully because your team haven't provided me with the battery pack hardware".  He was happy, as we'd made progress :-)  A few days later, the dev-kit was also producing the full, correct, CAN frames - albeit with null values.

The TL;DR; answer is because project and company grown-ups want to see evidence of progress... and all testing does is show where things are broken and need more work!

A



More information about the systemsafety mailing list