[SystemSafety] Modelling and coding guidelines: "Unambiguous Graphical Representation"

paul_e.bennett at topmail.co.uk paul_e.bennett at topmail.co.uk
Wed Mar 2 13:00:33 CET 2016 

On 02/03/2016 at 11:45 AM, "Martyn Thomas" <martyn at thomas-associates.co.uk> wrote:
>
>On 01/03/2016 14:15, paul_e.bennett at topmail.co.uk wrote:
>> There was a saying that went something like
>>
>> "You can make it simple enough there are obviously no errors
>> or you can make it so complex there are no obvious errors"
>>
>> I tend to favour the former approach.
>
>
>This comes from Tony Hoare's Turing Award lecture.
>
>"There are two ways of constructing a software design: One way is 
>to
>make it so simple that there are obviously no deficiencies, and the
>other way is to make it so complicated that there are no obvious
>deficiencies. The first method is far more difficult. It demands 
>the
>same skill, devotion, insight, and even inspiration as the 
>discovery of
>the simple physical laws which underlie the complex phenomena of 
>nature."

Thanks Martyn. I knew I had heard it somewhere within SCSC circles.

>He also said (about PL/1):
>
>"At first I hoped that such a technically unsound project would 
>collapse
>but I soon realized it was doomed to success. Almost anything in
>software can be implemented, sold, and even used given enough
>determination. There is nothing a mere scientist can say that will 
>stand
>against the flood of a hundred million dollars. But there is one 
>quality
>that cannot be purchased in this way — and that is reliability. The
>price of reliability is the pursuit of the utmost simplicity. It 
>is a
>price which the very rich find most hard to pay."
>
>and (among many other profound insights):
>
>"The real value of tests is not that they detect bugs in the code, 
>but
>that they detect inadequacies in the methods, concentration, and 
>skills
>of those who design and produce the code."

In this, plentiful review and inspection also helps to detect these
deficiencies. I am often surprised how little effort goes into review in 
many organisations. Even those with ISO9001 accreditation.


Regards

Paul E. Bennett IEng MIET
Systems Engineer

-- 
********************************************************************
Paul E. Bennett IEng MIET.....<email://Paul_E.Bennett@topmail.co.uk>
Forth based HIDECS Consultancy.............<http://www.hidecs.co.uk>
Mob: +44 (0)7811-639972
Tel: +44 (0)1392-426688
Going Forth Safely ..... EBA. www.electric-boat-association.org.uk..
********************************************************************

More information about the systemsafety mailing list