[SystemSafety] Does "reliable" mean "safe" and or "secure" or neither?

Nick Tudor njt at tudorassoc.com
Sat Apr 23 19:43:33 CEST 2016 

DO-178C

On Saturday, 23 April 2016, Peter Bernard Ladkin <
ladkin at rvs.uni-bielefeld.de> wrote:

> On 2016-04-23 13:34 , Nick Tudor wrote:
> > As previously established...software does not have a reliability.
>
> I think there is pretty much a consensus that the term "software
> reliability" does have a specified
> meaning in software engineering. There is even a Handbook of Software
> Reliability Engineering
> published by IEEE Computer Society Press (edited by Michael Lyu, 1995).
>
> If anyone wants to claim the term has no meaning, then they are
> contradicting the IEC, and the IEEE,
> both in its standards and in its handbook-publishing, which I show below,
> and apparently ANSI
> (indirect reference from Koopman's 1999 course notes) as well as the
> standard texts
> Laprie-Avizienis-Randell-Landwehr 2004 and its predecessor Laprie 1992,
> Leveson 1995, Bedford and
> Cooke 2001, Rausand 2014, Birolini 2014, Somerville 2004. Phil Koopman
> gave a course on "Software
> Reliability" in 1999 whose notes are on-line (he uses the IEEE
> definition). Littlewood has been
> publishing in the area of software reliability for going on half a century
> (I'm not sure he'll thank
> me for saying that :-) ) as well as having been the long-time editor for
> IEEE TSE for articles on
> software reliability. There is, at City University London, a Centre for
> Software Reliability with a
> very distinguished research staff, many of whom are here. There is also
> another one at Newcastle
> University, which started and runs one of Europe's most successful
> industry-academic safety interest
> groups (until Tom and Joan finally retire in a few months).
>
> That's a long list of notable people/textbooks/handbooks as well as two
> major electrotechnical
> standards organisations, who think the term has meaning, as well as two
> universities who use it in
> the names of research organisations of theirs. And that's just what I can
> put together quickly from
> what I have to hand. Not only that, these sources basically agree on what
> the meaning is, as we
> shall see below.
>
> Then there is Nick Tudor, who claims the term has no meaning, who claims
> it has been so
> "established" here that it has no meaning. What astonishes me is that Nick
> thinks he has any support
> at all for that view.
>
> Here are the definitions.
>
> Electropedia, the on-line version of IEC 60050, which defines all
> technical terms in IEC standards,
> says, in definition 191-01-24, that
> [begin cite IEC 60050]
> 191-01-24 reliability, <of an item>
> [is the]
> ability to perform as required, without failure, for a given time
> interval, under given conditions
> [end cite IEC 60050]
>
> where an "item" is
>
> [begin cite IEC 60050]
> 191-01-01 item
> [is the]
> subject being considered
>
> Note 1 to entry: The item may be an individual part, component, device,
> functional unit, equipment,
> subsystem, or system.
>
> Note 2 to entry: The item may consist of hardware, software, people or any
> combination thereof.
>
> [end cite IEC 60050]
>
> A similar definition was available in the same document in 1985,
> referenced by the IFIP WG 10.4
> dependability vocabulary (Laprie 1992). The 2004
> Avizienis-Laprie-Randell-Landwehr vocabulary (an
> update of Laprie 1992) says (as did Laprie 1992) that reliability is
> continuity of correct service.
> Since the original referred to the IEC definition, I think it's fair to
> presume that the authors
> meant their shorter version to say something similar, but using different
> words. They obviously
> think the concept of reliability is applicable to software, as evidenced
> in this quote (from the
> 2004 document) "Reliability growth models, either for hardware, for
> software, or for both, are used
> to perform reliability predictions from data about past system failures".
>
> Leveson talks about software reliability explicitly on pp28-30 of Safeware.
>
> Phil Koopman has a whole series of lecture notes for a course given in
> 1999 entitled "Software
> Reliability" at https://users.ece.cmu.edu/~koopman/des_s99/sw_reliability/
> The notes say that ANSI
> and the IEEE Handbook use the definition "According to ANSI, Software
> Reliability is defined as: the
> probability of failure-free software operation for a specified period of
> time in a specified
> environment. [ANSI91][Lyu95]" That is obviously conformant with the IEC
> definition, specifying the
> item as a piece of software.
>
> Meine van de Meulen's collection of definitions (Definitions for Hardware
> and Software Safety
> Engineers, Springer 2000) has an entry for "Software Reliability" (of
> course), and quotes IEEE
> 982.1, 1988 and IEEE 729, 1983: "the probability that software will not
> cause the failure of a
> system for a specified time under specified conditions........" IEEE 729
> is the Standard Glossary of
> Software Engineering Terminology. IEEE 982.1 is the Standard Dictionary of
> Measures to Produce
> Reliable Software. Van de Meulen also cites the definition from the
> well-known book Musa et al.,
> Software Reliability; measurement, prediction, application (McGraw-Hill
> 1987).
>
> Bedford and Cooke's standard text on Probabilistic Risk Analysis:
> Foundations and Methods (Cambridge
> U.P., 2001) has a whole chapter, Chapter 12, entitled "Software
> Reliability".
>
> Marvin Rausand's book on Reliability of Safety-Critical Systems (Wiley,
> 2014) defines reliability as
> "the ability of an item to perform a required function, under given
> environmental and operational
> conditions, and for a stated period of time" and further clarifies
> "...item may be an element, a
> channel, a subsystem or the complete SIS, and it may include both hardware
> and software."
>
> Alessandro Birolini's text on Reliability Engineering: Theory and Practice
> (Springer 2014) has an
> entry in the index for "software reliability" which directs to "software
> quality", which refers to
> Section 5.3 Design Guidelines for Software Quality. Software quality is
> "the degree to which a
> softare package possesses a stated combination of quality attributes"
> (p160) and a list of such
> quality attributes is given in Table 5.4 Important Software Quality
> Attributes and Characteristics,
> amongst which is "Defect Freedom (Reliability)" defined as "Degree to
> which a software package can
> execute its required functions without causing system failures".
>
> Ian Somerville's standard text Software Engineering (7th edition, Pearson
> 2004) has a definition in
> his accompanying slides (I don't have the text to hand):
> "Software reliability
> How likely is it that a software component will produce an incorrect
> output. Software failure is
> usually distinct from hardware failure in that software does not wear out."
>
> I'm now bored. Time for a glass of wine and some Chaucer (Bernard
> O'Donoghue's got a great new
> "guided selection" out).
>
> PBL
>
> Prof. Peter Bernard Ladkin, Faculty of Technology, University of
> Bielefeld, 33594 Bielefeld, Germany
> Je suis Charlie
> Tel+msg +49 (0)521 880 7319  www.rvs.uni-bielefeld.de
>
>
>
>
>
>

-- 
Nick Tudor
Tudor Associates Ltd
Mobile: +44(0)7412 074654
www.tudorassoc.com

*77 Barnards Green Road*
*Malvern*
*Worcestershire*
*WR14 3LR*
*Company No. 07642673*
*VAT No:116495996*

*www.aeronautique-associates.com <http://www.aeronautique-associates.com>*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20160423/5c523f8a/attachment-0001.html>

More information about the systemsafety mailing list