[SystemSafety] UL4600 - another sink hole solution
Les Chambers
les at chambers.com.au
Fri Jul 10 01:56:47 CEST 2020
So there is this farmer in South Australia who finds a hole in his field so he shovels in
some dirt to level it off. But the hole just gets bigger so he throws in some old farm
implements but that doesn't solve the problem either. The hole enlarges with every
attempt to fill it. Finally he realises it's a sinkhole with a massive subterranean lake
Some months later legendary diver and documentary filmmaker Ben Cropp hears the
story and dives the lake. The water is pristine and clear. At least 200 feet deep. And
at the bottom he can see the pitiful pile of farm implements that constituted the
farmer's hole filling solution.
This is what we are looking at with UL 4600 and the conga line of its ilk. Don't get me
wrong I'm a big supporter of all these standards. I've seen them drag many a software
shop out of the primordial slime. And thanks to Phil Koopman for the excellent
overview, I know how hard that is to do.
But the reality is they're too high level and too easy to game and too often become
the subject of games and most tragic of all - when in the hands of rampaging
capitalists in relentless pursuit of filthy lucre - too easy to ignore (Boeing?).
After 46 years in the business I admit to being slightly depressed about our
profession's unwillingness to engage with our ever-growing problems of size and
complexity. The battalions of devils in the armies of details that describe our ever
enlarging code bodies.
Correct by Construction and inspired reuse of certified architectures and code are the
only solutions.
Together with the mother of all have-you-thought-of-this checklists (an endearing UL
4600 feature - to small though , it needs to be a petabyte data set).
Unfortunately none of this will ever work without a classification scheme that makes
all this information accessible by less-than-senior developers. The construction
industry has Building Information Modelling (BIM) that, among other things, classifies
every element that goes into a building supporting modelling before the fact.
Where is our software/system ontology? Are there any standards nerds willing to take
on that challenge? BIM cleaned up multistorey building construction, we can do the
I write code all day and every day I benefit from stack overflow - code fragments, best
practices and the like. I currently need literacy in six languages in none of which I will
ever be expert. But thanks to stack overflow I've survived without making any major
mistakes (so far). There are roughly 23,000,000 software developers in the world, this
site gets 50,000,000 hits a month. It must have a massive influence on code
developed on planet Earth. We need something like this in safety critical software,
maybe curated but maybe not. And preferably based on an ontology that helps you
find things sharpish like.
So I wish we'd just stop throwing farm implements down a sinkhole and engage with
our problems at the scale of a stack overflow. Measures that actually stand a chance
of solving the never-ending software crisis.
PS: And furthermore when are we going to admit that the greatest threat to safety we
have today is nonengineers running engineering intensive companies - Boeing.
Check your safety case. Do you have a strategy for dealing with over emphasis on
creating shareholder value at the expense of safety? Above your pay grade? No it's
not. It just killed 346 people.
Solution: UL/IEC/EN nnnnnn Standard for Analysis and Rectification of Organisational
Safety Culture.
