[SystemSafety] Correctness by Construction

Dewi Daniels dewi.daniels at software-safety.com
Fri Jul 10 18:37:41 CEST 2020


On Fri, 10 Jul 2020 at 13:44, Peter Bernard Ladkin <ladkin at causalis.com>
wrote:
(BTW, in your SCSC Keynote you refer to "Fallacy #1", lack of FAA
oversight. Far from considering it

> a fallacy, the House Committee made that that first of 6 major failings.
> p4)
>

Peter,

I wrote "Fallacy #1" in response to a number of newspaper articles that
claimed the Boeing 737 MAX accidents were a direct result of the FAA
delegating responsibility to Boeing through a process called Organizational
Design Approval (ODA). The current FAA system of ODA is very similar to the
EASA system of Design Organisation Approval (DOA). In my paper, I explained
that once MCAS was agreed to be DAL C, there would have been little
regulatory oversight from the FAA whether under the new regime (post-ODA)
or the previous regime (pre-ODA). I agree that the FAA should be criticised
for accepting that MCAS was DAL C in the first place (the reasons that
Boeing gave for reducing the worst case failure condition associated with
MCAS from Catastrophic to Major seem very poor to me, to say the least).

Yours,
Dewi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/pipermail/systemsafety/attachments/20200710/ae947f73/attachment.html>


More information about the systemsafety mailing list