[SystemSafety] Post Office Horizon System
Derek M Jones
derek at knosof.co.uk
Thu Jan 7 19:48:03 CET 2021
Michael,
> ... In the Horizon case, can we consider only the likelihood of a 'coding mistake' in the progam texts? This, surely, is like analysing a rail crash by examining only the code of the interlocking system's programs. The fault may lie elsewhere.
Two things are needed for a fault experience to occur.
1) a mistake in the code,
2) the 'right' input value(s).
Nearly all research focuses on (1) because the information is
readily available.
The likelihood of the 'right' input values occurring will depend on the
quantity of input values and the variability in these values.
There are techniques that can be used to estimate certain kinds of (1),
given information on fault experiences (assumptions are made about the
distribution of (2):
http://shape-of-code.coding-guidelines.com/2018/03/18/estimating-the-number-of-distinct-faults-in-a-program/
I don't know of any techniques of estimating (2), and this
looks really difficult. One possibility is counting users
and trying to estimate the variability in their usage.
--
Derek M. Jones Evidence-based software engineering
tel: +44 (0)1252 520667 blog:shape-of-code.coding-guidelines.com
More information about the systemsafety
mailing list