[SystemSafety] Difference between software reliability and astrology

[Derek M Jones]

Peter,

> That didn't come from me. It came from an Australian critical-systems assessor, M, commenting on the new proposed 
> version of 61508-7 Annex D. He doubted that on-demand functions can be said to have an average probability of failure on 
> demand (PFD_[avg]); and he doubted that continuously-operating functions can be said to have a Mean Time To Failure 

When talking about software, he is right.

> (MTTF). Those quantities,  PFD_[avg] and MTTF, are what are known as statistical parameters, namely their meaningful 
> existence follows from the set-up. I reconstructed PFD_[avg] from the behaviour of an on-demand function for a given 
> operational profile, so he was wrong about that. But I haven't yet managed to reconstruct MTTF for continuous software.

If known faults don't get fixed, then data on rate of fault experiences
can be used to estimate a value for Mean Time To Failure.

If the known faults are fixed, then the estimation process becomes
extremely complicated, and the confidence intervals on the calculated
value could be very wide.

> I did try deconstructing continuous SW, say a feedback control system, as (a) a rapid (hundreds of Hz) polling/sampling 
> routine, which then calls (b) an on-demand routine; and then (c) considering (a) as a very rapid Bernoulli process. That 
> gives me the desired result, but it is wrong, because you can't consider (a) to be a Bernoulli process because it's not 

Bernoulli process might work well enough for hardware, but the
characteristics of software are very different.

-- 
Derek M. Jones           Evidence-based software engineering
blog:https://shape-of-code.com