[SystemSafety] [System Safety] FOSDEM talk by Paul Sherwood

[Derek M Jones]

Peter,

>> That is exactly what we are working on. First off we've had to categorically establish that software in these new 
>> systems exhibits random behaviour, and then show that we could apply statistical techniques to model failure rates 
>> with confidence intervals. 
> 
> Littlewood and Strigini showed clearly in 1993 that you can't use statistical evaluation to establish positively the 
> safety requirements of safety functions with SIL2 - SIL4 reliability requirement. (You can use statistical evaluation in 
> hindsight to assess whether your system did achieve was it was intended to achieve, but you usually need years - or 
> decades - of operational experience.)

I assume you mean the paper
"Validation of Ultrahigh Dependability for Software-Based Systems"
https://openaccess.city.ac.uk/id/eprint/1251/1/CACMnov93.pdf

What they actually say is that it requires a lot of work, implying that
it may be too expensive or time consuming to be be cost effective
 From the abstract
"The fact is that the dependability requirements often lie near the limit
of the current state of the art, ..."

The paper also says:
"We discuss reasons why such demonstrations cannot usually be provided
with the means available: reliability growth models, testing with stable
reliability, structural dependability modelling, as well as
more informal arguments based on good engineering practice."

Which begs the question, what techniques do the authors believe can provide
the required evidence.  What techniques are being used by those claiming
to be conformant?

> I find it astonishing that, 30+ years later, people are still unfamiliar with this basic result.

I find it astonishing that, 30+ years later, people still misunderstand
the implications of this basic result.


-- 
Derek M. Jones           Evidence-based software engineering
blog:https://shape-of-code.com