[SystemSafety] Modelling and coding guidelines: "Unambiguous Graphical Representation"

Matthew Squair mattsquair at gmail.com
Wed Mar 2 13:05:52 CET 2016 

I'm thinking that when your graphical language becomes Turing complete you should give up on using it for critical applications. 

Matthew Squair

MIEAust, CPEng
Mob: +61 488770655
Email; Mattsquair at gmail.com
Web: http://criticaluncertainties.com

> On 2 Mar 2016, at 10:45 PM, Martyn Thomas <martyn at thomas-associates.co.uk> wrote:
> 
>> On 01/03/2016 14:15, paul_e.bennett at topmail.co.uk wrote:
>> There was a saying that went something like
>> 
>> "You can make it simple enough there are obviously no errors
>> or you can make it so complex there are no obvious errors"
>> 
>> I tend to favour the former approach.
> 
> 
> This comes from Tony Hoare's Turing Award lecture.
> 
> "There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult. It demands the same skill, devotion, insight, and even inspiration as the discovery of the simple physical laws which underlie the complex phenomena of nature."
> 
> He also said (about PL/1):
> 
> "At first I hoped that such a technically unsound project would collapse but I soon realized it was doomed to success. Almost anything in software can be implemented, sold, and even used given enough determination. There is nothing a mere scientist can say that will stand against the flood of a hundred million dollars. But there is one quality that cannot be purchased in this way — and that is reliability. The price of reliability is the pursuit of the utmost simplicity. It is a price which the very rich find most hard to pay."
> 
> and (among many other profound insights):
> 
> "The real value of tests is not that they detect bugs in the code, but that they detect inadequacies in the methods, concentration, and skills of those who design and produce the code." 
> 
> 
> Martyn
> 
> 
> 
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20160302/ddc2f2f8/attachment-0001.html>

More information about the systemsafety mailing list