[SystemSafety] What do we know about software reliability?

Derek M Jones derek at knosof.co.uk
Mon Sep 14 17:55:53 CEST 2020


Peter,

> You might however be able to link it to expected long-term losses if you
> include bug fixing after incidents

The catch with Choa's very useful model is that it applies to a closed
population, no fixing allowed (the capture/recapture model requires that
captured items be returned to the wild).

> https://www.researchgate.net/publication/299690777_Does_Software_Have_to_Be_Ultra_Reliable_in_Safety_Critical_Systems

Thanks for the link.  I have probably read it at sometime, but it was
worth rereading.

> Key parameters are
> 
> - number of dangerous defects
> - probability a fault is fixed after an incident
> - probability of an accident after each incident
> 
> Peter
> 
>>
>>
>>> On 14/09/2020 14:46, Derek M Jones wrote:
>>>> Fuzzing appears to be a practical technique for gathering the data
>>>> needed to
>>>> estimate likely number of mistakes that will cause a system crash.
>>>> Practical
>>>> in that a few months of cpu time is quite cheap these days.
>>> _______________________________________________
>>> The System Safety Mailing List
>>> systemsafety at TechFak.Uni-Bielefeld.DE
>>> Manage your subscription:
>>> https://lists.techfak.uni-bielefeld.de/mailman/listinfo/systemsafety
>>>
>>

-- 
Derek M. Jones           Evidence-based software engineering
tel: +44 (0)1252 520667  blog:shape-of-code.coding-guidelines.com


More information about the systemsafety mailing list