[SystemSafety] Modelling and coding guidelines: "Unambiguous Graphical Representation"
Peter Bernard Ladkin
ladkin at rvs.uni-bielefeld.de
Mon Feb 29 07:43:07 CET 2016
On 2016-02-28 23:53 , Les Chambers wrote:
> I look forward to the day when standards bodies screw up the courage to mandate the state engine as
> the core modelling technique in control systems.
First, standards don't mandate. They purport to describe the state of the art.
Second, people who are writing/modifying the international software safety standards are not keen on
telling people how to design and build software. They mostly come from companies which have their
own software development processes and nobody wants to be told to scrap what they are doing and do
something different, especially when that suggestion comes from a competitor. Standards are mostly
concerned to describe checks and balances and things to ensure which best practice has shown necessary.
Third, although state machines have been prominent in the most widely-used development techniques (I
use the word "technique" loosely) such as SA-RT, modern control systems have aspects which cannot
effectively be modelled as transducers. For one example, communications (most control systems
nowadays are distributed in some sense). For another example, the requirement for industrial robots
that, when they are operating, no human shall enter the protected space is realised today by
artificial-vision sensors rather than by building a metal cage with an interlock on the door. I
don't know anyone who does that kind of visual pattern recognition using a state machine.
> Without these two fundamental approaches I and many people like me would have a huge problem
> understanding our own code two weeks after we wrote it
That might be why Fagan inspections are such a good idea.
> When will these standards wonks understand that pussyfooting around using terms like "unambiguous
> graphical representation" is unhelpful, creating a massive ambiguity in the standard itself which,
I think you'll find out that that is coming rather than going. People developing the highest quality
software are keen on assuring determinism and like to use the word "unambiguous", I think for good
reason. And almost everybody uses graphical representations somewhere during SW development (the
Lustre graphics in SCADE, for example). Why, there is even a YouTube video explaining to people
about Mealy&Moore machines .... and unsurprisingly it uses what we are calling unambiguous graphical
representations. https://www.youtube.com/watch?v=S352lyPZP00
PBL
Prof. Peter Bernard Ladkin, Faculty of Technology, University of Bielefeld, 33594 Bielefeld, Germany
Je suis Charlie
Tel+msg +49 (0)521 880 7319 www.rvs.uni-bielefeld.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20160229/f483c30c/attachment.pgp>
More information about the systemsafety
mailing list