[SystemSafety] Agile methods

Peter Bernard Ladkin ladkin at rvs.uni-bielefeld.de
Tue Sep 3 06:55:29 CEST 2013


On 2 Sep 2013, at 17:32, René Senden <rene.senden at gmail.com> wrote:
> .... I tacitly assumed that anyone who’d answer this question with “Yes”, would also include some
> of the corresponding experiences …

I think some of the initial replies that you didn't like did include experience. Nancy's and Martyn's for example. If you want anecdotes, that is hoping for a bit much, since many of us work under constraints of commercial confidence and sometimes legal privilege, *especially* when dealing with systems which have safety-related function.

Since you said (I paraphrase) "...such as IEC 61508 and DO 178" I presume that neither of these explicitly apply to the concrete case you have in mind, otherwise you would have specified. I conclude that you are talking about SW development in the medical-device domain. Indeed, there are organisations working in this area who use "agile" development for products with safety-related functionality. 

There is a reason for such a cultural difference. For example, accidents are earnestly and independently investigated, with considerable effort, in commercial aviation, and safety issues identified are required to be fixed. There was an accident twenty years ago on approach to Strasbourg airport in which the investigators pointed out that the approach profile was consistent with a choice of rate of descent rather than angle of descent in the AP settings, and that the difference between the two on the annuciator was not particularly striking. It got fixed. Whereas there are critical medical devices coming on the market "new" in which quantity is expressed on the display as a number, and to see the units requires a different manipulation of the controls, which, as is well known, personnel do not always have the time, inclination or motivation to check. Accidents and incidents caused by medical personnel commanding right numbers with wrong units, and not checking the units, were rife twenty years ago and are still rife today, many or even most of them not documented. Apparently it is deemed OK for this situation to continue. One concludes that the technical-correction regime in the use of medical devices is not as rigorous as it is in commercial aviation.  

> Is it (at all) possible to harmonize these very different worlds, or would any such
> attempt result in compromising either?

Looking through the thread, most of the replies answer that question clearly. Maybe that was not the answer you had hoped for?

PBL

Prof. Peter Bernard Ladkin, University of Bielefeld and Causalis Limited
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20130903/49e130d6/attachment.html>


More information about the systemsafety mailing list