<div dir="ltr">Derek,<div><br></div><div>No, it just means that FTA can't be used to predict a software failure rate. In civil aviation, mitigation of random hardware failures is performed by setting safety qualitative and/or quantitative requirements, design errors are mitigated by implementation of a development assurance process.</div><div><br clear="all"><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div style="color:rgb(34,34,34)"><a name="SignatureSanitizer_m_-5798674576462993830_SignatureSanitizer_SafeHtmlFilter_UNIQUE_ID_SafeHtmlFilter__MailAutoSig"><span style="font-size:10pt;font-family:Arial,sans-serif">Yours,</span></a><br></div><div style="color:rgb(34,34,34)"><div dir="ltr"><div dir="ltr"><p><span style="font-family:Arial,sans-serif;font-size:10pt">Dewi Daniels | Director | Software Safety Limited</span><br></p><p><span lang="FR" style="font-size:10pt;font-family:Arial,sans-serif">Telephone +44 7968 837742 | Email <a href="mailto:dewi.daniels@software-safety.com" target="_blank">dewi.daniels@software-safety.com</a></span></p><p><font face="Arial, sans-serif">Software Safety Limited is a company registered in England and Wales. Company number: </font><font face="Arial, sans-serif">9390590</font><font face="Arial, sans-serif">. Registered office: Fairfield, 30F Bratton Road, West Ashton, Trowbridge</font><span style="font-family:Arial,sans-serif">, United Kingdom </span><span style="font-family:Arial,sans-serif">BA14 6AZ</span></p></div></div></div></div></div></div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, 22 Aug 2024 at 11:13, Derek M Jones <<a href="mailto:derek@knosof.co.uk">derek@knosof.co.uk</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Mike,<br>
<br>
> Guidance from the FAA is the software included in any FTA analysis should be assigned a failure rate of zero. The rational being that software failure rates are in general cannot be reliably estimated and thus the dependence/reliance on DO178.<br>
<br>
Does this mean that it's not possible for anyone to report software<br>
as the cause of a particular failure?<br>
<br>
After all, if the failure rate is specified as zero, software can<br>
never be considered a cause of failure.<br>
<br>
A software failure rate of zero becomes a self fulfilling prophesy.<br>
<br>
-- <br>
Derek M. Jones Evidence-based software engineering<br>
blog:<a href="https://shape-of-code.com" rel="noreferrer" target="_blank">https://shape-of-code.com</a><br>
<br>
_______________________________________________<br>
The System Safety Mailing List<br>
<a href="mailto:systemsafety@TechFak.Uni-Bielefeld.DE" target="_blank">systemsafety@TechFak.Uni-Bielefeld.DE</a><br>
Manage your subscription: <a href="https://lists.techfak.uni-bielefeld.de/mailman/listinfo/systemsafety" rel="noreferrer" target="_blank">https://lists.techfak.uni-bielefeld.de/mailman/listinfo/systemsafety</a><br>
</blockquote></div>