[SystemSafety] OpenSSL Bug
Steve Tockey
Steve.Tockey at construx.com
Thu Apr 17 00:32:03 CEST 2014
Instead of blaming the person, how about we blame the process? And then take active steps to fix the process?
From: "C. Michael Holloway" <c.m.holloway at nasa.gov<mailto:c.m.holloway at nasa.gov>>
Organization: NASA Langley Research Center
Date: Wednesday, April 16, 2014 9:23 AM
To: "systemsafety at lists.techfak.uni-bielefeld.de<mailto:systemsafety at lists.techfak.uni-bielefeld.de>" <systemsafety at lists.techfak.uni-bielefeld.de<mailto:systemsafety at lists.techfak.uni-bielefeld.de>>
Subject: Re: [SystemSafety] OpenSSL Bug
On 4/16/14 11:36 AM, Steve Tockey wrote:
Actually I'm going to respectfully disagree with that. I'm going to claim
I can trace it back to incomplete requirements & resulting inadequate
design.
I agree that this trace is possible. It is possible for nearly all (perhaps all) errors in software to be analyzed so as to find a plausible way in which the error is "really" a mistake in requirements.
Just as it is possible to "blame" the pilot for nearly every airplane accident, so, too it is possible to "blame" the requirements for nearly every software problem. The latter is no more useful than the former.
--
cMh
C. Michael Holloway, Senior Research Engineer
Safety Critical Avionics Systems Branch, Research Directorate
NASA Langley Research Center / MS 130 Hampton VA 23681-2199 USA
office phone: +1.757.864.1701 often forwarded to +1.757.598.1707
The words in this message are mine alone; neither blame nor credit NASA for them.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20140416/210149a4/attachment.html>
More information about the systemsafety
mailing list