[SystemSafety] C for OSs

Andy Ashworth andy at the-ashworths.org
Thu Oct 3 20:39:16 CEST 2019


Anyone else recall the quote from the Petrobas executive in connection with the P-36 platform? Long story short, what was then the world’s largest oil rig suffered an explosion and was lost within 8 hours. 

The quote apparently went as follows: “Petrobas has established new global benchmarks for the generation of exceptional shareholder wealth through an aggressive and innovative program of cost cutting on its P36 production facility. Conventional constraints have been successfully challenged and replaced with new paradigms appropriate to the globalised corporate market place. Through an integrate network of facilitated workshops, the project successfully rejected the established constructive and negative influences of prescriptive engineering, onerous quality requirements and outdated concepts of inspection and client control. Elimination of these unnecessary straitjackets has empowered the project’s suppliers and contractors to propose highly economical solutions, with the win-win bonus of enhanced profitability margins for themselves. The P36 platform shows the shape of things to come in the unregulated global market economy of the 21st Century.”

Cheers

Andy


Sent from my iPhone

> On Oct 3, 2019, at 14:19, Steve Tockey <steve.tockey at construx.com> wrote:
> 
> 
> Chris,
> I would like to counter the Agile Manifesto by changing the context from software to airplanes (Aeronautical Engineering) and to roads & bridges (Civil Engineering). Sound engineering principles and practices need to apply across all variations of engineering. Imagine a bunch of Aeronautical and Civil Engineers saying,
>  
> “We are uncovering better ways of developing software designing and building airplanes (or, roads & bridges) by doing it and helping others do it. Through this work we have come to value:
>  
> Individuals and interactions over processes and tools
> Working software airplanes (or, roads & bridges) over comprehensive documentation
> Customer collaboration over contract negotiation
> Responding to change over following a plan
>  
> That is, while there is value in the items on the right, we value the items on the left more.”
>  
>  
> Similarly, imagine those very same Aeronautical or Civil Engineers:
>  
> “We follow these principles:
> Our highest priority is to satisfy the customer through early and continuous delivery of valuable software airplanes (or, roads & bridges).
>  
> Welcome changing requirements, even late in development. Agile processes harness change for the customer's competitive advantage.
>  
> Deliver working software airplanes (or, roads & bridges) frequently, from a  couple of weeks to a couple of months, with a preference to the shorter timescale.
>  
> Business people and developers Aeronautical (or Civil) Engineers must work together daily throughout the project.
>  
> Build projects around motivated individuals Aeronautical (or Civil) Engineers. Give them the environment and support they need, and trust them to get the job done.
>  
> The most efficient and effective method of conveying information to and within a development Aeronautical (or Civil) Engineering team is face-to-face conversation.
>  
> Working software airplanes (or, roads & bridges) is the primary measure of progress.
>  
> Agile processes promote sustainable development. The sponsors, developers, and users should be able to maintain a constant pace indefinitely.
>  
> Continuous attention to technical excellence and good design enhances agility.
>  
> Simplicity--the art of maximizing the amount of work not done--is essential.
>  
> The best architectures, requirements, and designs airplanes (or, roads & bridges) emerge from self-organizing teams.
>  
> At regular intervals, the team reflects on how to become more effective, then tunes and adjusts its behavior accordingly.”
>  
> 
> 
>  
> Sigh. . .
>  
>  
> — steve
> 
> 
> 
> 
> 
> From: Chris Hills <safetyyork at phaedsys.com>
> Organization: Phaedrus Systems
> Reply-To: "safetyyork at phaedsys.com" <safetyyork at phaedsys.com>
> Date: Thursday, October 3, 2019 at 9:52 AM
> To: "'SPRIGGS, John J'" <John.SPRIGGS at nats.co.uk>, Steve Tockey <Steve.Tockey at construx.com>, 'Olwen Morgan' <olwen at phaedsys.com>, "systemsafety at lists.techfak.uni-bielefeld.de" <systemsafety at lists.techfak.uni-bielefeld.de>
> Subject: RE: [SystemSafety] C for OSs
> 
> John
>  
> You are an antediluvian  I refer you to the Agile Manifesto https://agilemanifesto.org/
> Individuals and interactions over processes and tools
> Working software over comprehensive documentation
> Customer collaboration over contract negotiation
> Responding to change over following a plan
> 
> That is, while there is value in the items on
> the right, we value the items on the left more.
> 
> Now you are re-educated and can see the light!
> What could possibly go wrong?
> J
> 
> Regards
>    Chris
>  
> Phaedrus Systems Ltd        
> FREEphone 0808 1800 358    International +44 1827 259 546
> Vat GB860621831  Co Reg #04120771
> Http://www.phaedsys.com  chills at phaedsys.com
>  
>  
>  
> From: SPRIGGS, John J [mailto:John.SPRIGGS at nats.co.uk] 
> Sent: Thursday, October 3, 2019 10:23 AM
> To: safetyyork at phaedsys.com; 'Steve Tockey'; 'Olwen Morgan'; systemsafety at lists.techfak.uni-bielefeld.de
> Subject: RE: [SystemSafety] C for OSs
>  
> My favourite comment, from several years ago, when I pointed out some errors in a document, I was told “This is an agile project, we do not have time to change anything” 
>  
> I also despair.
>  
>  
> John
>  
> From: systemsafety <systemsafety-bounces at lists.techfak.uni-bielefeld.de> On Behalf Of Chris Hills
> Sent: 03 October 2019 09:55
> To: 'Steve Tockey' <steve.tockey at construx.com>; 'Olwen Morgan' <olwen at phaedsys.com>; systemsafety at lists.techfak.uni-bielefeld.de
> Subject: Re: [SystemSafety] C for OSs
>  
> Steve,
> 
> That’s the problem with dinosaurs like you wanting: Set theory, Requirements , Design, Code quality, Peer review, Development processes, Computer architecture and Engineering economics.....
> 
> We use Agile so we don't need: Set theory, Requirements , Design, Development processes.
> We use lots of Open Source so it is all Peer Reviewed before we get it.
> We use continuous integration to get Code quality, when it compiles with no errors it's OK because our compiler has built in error checking. 
> 
> Engineering economics has nothing to do with coding/software! That is management ******** and techies don't need to know it......
> 
> I have had all those comments said to me one way or another, more than once, in the last 1-2 years by people developing critical systems. So far mission and company critical. Some with consumer/commercial security implications but none so far on serious safety critical systems. So people/companies might lose money but not their lives
> 
> That includes being told I am "a dinosaur" because: "Everyone now uses dev-ops with scrum for critical systems development these days.... " 
> 
> I despair.
> 
> Seriously there does seem to be a huge disconnect between a lot of people "doing software" especially IoT and the [safety/security] critical systems people. I daily come across developers who have never heard of most of the things discussed in this group. How do we make the re-connect?
> 
> Regards
> Chris 
> 
> Phaedrus Systems Ltd 
> FREEphone 0808 1800 358 International +44 1827 259 546
> Vat GB860621831 Co Reg #04120771
> Http://www.phaedsys.com chills at phaedsys.com 
> 
> 
> 
> 
> > -----Original Message-----
> > From: Steve Tockey [mailto:steve.tockey at construx.com]
> > Sent: Monday, September 23, 2019 5:09 PM
> > To: safetyyork at phaedsys.com; 'Olwen Morgan';
> > systemsafety at lists.techfak.uni-bielefeld.de
> > Subject: Re: [SystemSafety] C for OSs
> > 
> > 
> > Chris Hills wrote:
> > 
> > “What has made it far worse is "coding" being pushed as a skill, at least
> > in the UK.”
> > 
> > 
> > Same here in the US, and from my travels I can say it's the same all the
> > way around the world. For example, this article from just last week:
> > 
> > https://mashable.com/shopping/sept-18-computer-science-master-class/
> > 
> > 
> > Quote from the article:
> > 
> > “Learn the ropes of computer science with this master class bundle — just
> > $39 for full access to tons of courses that'll make you a pro in no time.”
> > 
> > “Not only are jobs aplenty in the computer science field, but they also
> > come with a pretty paycheck – over $91K a year, on average.”
> > 
> > “. . . this Computer Science Master Class Bundle will give you a complete
> > computer science education without the massive loans.”
> > 
> > 
> > Course content is said to include:
> > 
> > * C#, JavaScript, Java, Scala, Google Go, Python 3, PHP MySQL
> > * The Arduino IoT cloud platform
> > * Software testing technologies: Sikuli, Selenium, Junit
> > * Building apps with Alexa
> > * Technical fundamentals and interview tips
> > 
> > 
> > 
> > The Technical Fundamentals course had a hint of promise, but looking at
> > the course outline shows otherwise:
> > 
> > * Introduction
> > * Pointer and Arrays
> > * Strings are just pointers at heart
> > * Linked lists can be fun!
> > * Bit Manipulation
> > * General programming problems - practice makes perfect
> > * Big-O Notation, Sorting And Searching Algorithms
> > * Recursion and the recursive sense
> > * Stacks And Queues
> > * Binary Trees
> > * Binary Search Trees
> > * Binary Tree Problems
> > 
> > 
> > Discrete math? No
> > 
> > Set theory? No
> > Requirements? No
> > Design? No
> > Code quality? No
> > Peer review? No
> > Development processes? No
> > Computer architecture? No
> > Engineering economics? No
> > 
> > The list of critical but missing content goes on and on.
> > 
> > 
> > 
> > Chris Hills finished with, “It’s depressing.”
> > 
> > Yes. Without a doubt. . .
> > 
> > 
> > — steve
> > 
> > 
> > 
> > 
> > -----Original Message-----
> > From: Chris Hills <safetyyork at phaedsys.com>
> > Organization: Phaedrus Systems
> > Reply-To: "safetyyork at phaedsys.com" <safetyyork at phaedsys.com>
> > Date: Saturday, September 21, 2019 at 4:12 AM
> > To: Steve Tockey <Steve.Tockey at construx.com>, 'Olwen Morgan'
> > <olwen at phaedsys.com>, "systemsafety at lists.techfak.uni-bielefeld.de"
> > <systemsafety at lists.techfak.uni-bielefeld.de>
> > Subject: RE: [SystemSafety] C for OSs
> > 
> > 
> > The big problem is people start writing code long before the
> > specification, let alone the design is finished.
> > Hence the rise in Agile methods as they give the illusion of progress. Ie
> > people are writing code so much faster than with waterfall....
> > Waterfall or V model require a discipline that is also lacking in software
> > development these days.
> > 
> > What has made it far worse is "coding" being pushed as a skill, at least
> > in the UK.
> > We have gone from Software Engineering to Programming to Coding.
> > What is pushed in "coding" is that you start developing an app by coding,
> > not by doing a detailed (any?) design.
> > Trial and error is pushed as a solution.
> > 
> > So doing an "app" that is "something like that" will require fuzzy logic
> > and imaginary numbers (and I don't mean i notation). To do any form of
> > mathematical or formal methods on most project is a non-starter. Even
> > without the reality that maths isn't part of many software degrees so you
> > probably won't have the skills in any team to do it..
> > 
> > What is worse is much of the IoT and Infotainment is written to low
> > standards but is being bolted on to critical systems. As we get an
> > increasingly connected world containing more and more software the quality
> > of the software is plummeting.
> > 
> > It’s depressing.
> > 
> > 
> > Regards
> > Chris
> > 
> > Phaedrus Systems Ltd
> > FREEphone 0808 1800 358 International +44 1827 259 546
> > Vat GB860621831 Co Reg #04120771
> > Http://www.phaedsys.com chills at phaedsys.com
> > 
> > 
> > 
> > 
> > 
> > > -----Original Message-----
> > > From: systemsafety [mailto:systemsafety-bounces at lists.techfak.uni-
> > > bielefeld.de] On Behalf Of Steve Tockey
> > > Sent: Wednesday, September 18, 2019 8:29 PM
> > > To: Olwen Morgan; systemsafety at lists.techfak.uni-bielefeld.de
> > > Subject: Re: [SystemSafety] C for OSs
> > >
> > >
> > > Olwen wrote: ³I remember reading a report of a talk given by Tony Hoare
> > >in
> > > which he counselled solving computing problems in mathematics and only
> > > then translating the mathematics into program code. I thought that was
> > > such blindingly self-evident good practice that I wondered why he saw fit
> > > to say it explicitly.²
> > >
> > > I saw a similar quote but haven¹t been able to track down the source:
> > >
> > > ³Š change the nature of programming from a private, puzzle solving
> > > activity to a public, mathematics based activity of translating
> > > specifications into programs Š that can be expected to both run and do
> > >the
> > > right thing with little or no debugging²
> > >
> > >
> > > Sounds like it could be from Tony Hoare.
> > >
> > > Anyway, I am constantly amazed by how many people resist such an
> > >obviously
> > > good idea.
> > >
> > >
> > > ‹ steve
> > >
> > >
> > >
> > >
> > > -----Original Message-----
> > > From: Olwen Morgan <olwen at phaedsys.com>
> > > Date: Tuesday, September 17, 2019 at 12:47 PM
> > > To: Steve Tockey <Steve.Tockey at construx.com>,
> > > "systemsafety at lists.techfak.uni-bielefeld.de"
> > > <systemsafety at lists.techfak.uni-bielefeld.de>
> > > Subject: Re: [SystemSafety] C for OSs
> > >
> > >
> > > On 16/09/2019 23:15, Steve Tockey wrote:
> > > >
> > > > All true engineers need to have a solid foundation in:
> > > >
> > > > *) relevant Scientific & Mathematical Theory
> > > > *) useful and relevant Practice
> > > > *) Engineering Economy
> > > >
> > > > Take, for example, a Chemical Engineer. The scientific and
> > > > mathematical theory is Chemistry, Physics, and to some extent Quantum
> > > > Mechanics. The relevant practice are things like waste heat removal
> > > > strategies, pressure vessels, catalysts, etc. The theory and practice
> > > > combine to help the true engineer propose a set of theoretically
> > > > viable, potential solutions to a real-world problem. Engineering
> > > > economy comes in to guide the true engineer in identifying the most
> > > > cost-effective one of those theoretically viable, potential solutions.
> > > > As a consultant friend of mine once said (slightly paraphrased), ³The
> > > > Theory and the Practice sets Œem up, Economics knocks Œem down².
> > >
> > > Of course, I go along with this. But I learned to teach myself long
> > > before there was anything formally titled a body of knowledge. For
> > > example, I left school knowing how to do critical path analysis, so the
> > > technical aspects of project management were, for me, a matter of
> > > applying something that I already understood. It was the same with
> > > software testing. I taught myself graph theory in my mid-twenties and
> > > had no problem understanding graph-based test metrics when I later
> > > encountered them.
> > >
> > > Indeed, in the late seventies, when I was around 25, I remember reading
> > > a report of a talk given by Tony Hoare in which he counselled solving
> > > computing problems in mathematics and only then translating the
> > > mathematics into program code. I thought that was such blindingly
> > > self-evident good practice that I wondered why he saw fit to say it
> > > explicitly. And it has often irritated me to find that one needed to do
> > > an approved course in something to be seen as competent in things that I
> > > regarded as obvious.
> > >
> > > On the other hand, having had the benefit of a privileged public-school
> > > education (which was truly exceptional in mathematics), I found myself
> > > pretty intellectually self-reliant as soon as I started working in the
> > > computing industry. So, I'll admit it, I have to confess to blank
> > > incomprehension of people who have never felt themselves to be in that
> > > position.
> > >
> > >
> > > Olwen
> > >
> > >
> > >
> > >
> > >
> > > _______________________________________________
> > > The System Safety Mailing List
> > > systemsafety at TechFak.Uni-Bielefeld.DE
> > > Manage your subscription: https://lists.techfak.uni-
> > > bielefeld.de/mailman/listinfo/systemsafety
> > 
> > 
> > This email has been scanned by BullGuard antivirus protection.
> > For more info visit www.bullguard.com
> > 
> > 
> 
> 
> 
> This email has been scanned by BullGuard antivirus protection.
> For more info visit www.bullguard.com
> 
> 
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
> Manage your subscription: https://lists.techfak.uni-bielefeld.de/mailman/listinfo/systemsafety
>  
> 
> If you are not the intended recipient, please notify our Help Desk at Email Information.Solutions at nats.co.uk immediately. You should not copy or use this email or attachment(s) for any purpose nor disclose their contents to any other person. 
> 
> NATS computer systems may be monitored and communications carried on them recorded, to secure the effective operation of the system. 
> 
> Please note that neither NATS nor the sender accepts any responsibility for viruses or any losses caused as a result of viruses and it is your responsibility to scan or otherwise check this email and any attachments. 
> 
> NATS means NATS (En Route) plc (company number: 4129273), NATS (Services) Ltd (company number 4129270), NATSNAV Ltd (company number: 4164590) or NATS Ltd (company number 3155567) or NATS Holdings Ltd (company number 4138218). All companies are registered in England and their registered office is at 4000 Parkway, Whiteley, Fareham, Hampshire, PO15 7FL.
> 
> This email has been scanned by BullGuard antivirus protection.
> For more info visit www.bullguard.com
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
> Manage your subscription: https://lists.techfak.uni-bielefeld.de/mailman/listinfo/systemsafety
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20191003/7beab6be/attachment-0001.html>


More information about the systemsafety mailing list