[SystemSafety] Koopman replies to concerns over Toyota UA case
Derek M Jones
derek at knosof.co.uk
Fri Dec 29 15:19:51 CET 2017
Rod,
Thanks for this.
> Some of you may have seen David Cummings piece voicing his
>
> concerns over the Toyota "unintended acceleration" case here:
>
> https://www.embedded.com/electronics-blogs/say-what-/4459136/Why-every-embedded-software-developer-should-care-about-the-Toyota-verdict
The "peer reviewed" article is here:
www.kellytechnologygroup.com/main/Cummings-IEEE-Tech-and-Society-Article-Dec-2016.pdf
It's always a red flag when someone refers to their article being peer
reviewed. This review process is intended to filter the clueless and
bonkers submissions; there are so many journals now that they have
trouble finding anybody willing to review anything.
> Koopman has now responded with extra top-spin:
>
> https://www.embedded.com/electronics-blogs/say-what-/4459140/A-rebuttal-to----Why-every-embedded-software-developer-should-care-about-the-Toyota-verdict---
Appears to have shot plenty of holes in the original author's
argument, but then I know nothing of the background (but have
been impressed by some of Koopman's academic papers).
Talking about the one theme that I do know something about:
There is a theory of sorts involving the use of global variables.
The idea is that use of global variables makes it easy to
accidentally make use of aliased variables (i.e., the same storage
accessed through two or more different variables). Passing
everything via function parameters significantly reducing the
likelihood of this occurring (it can still be done under the
'right' circumstances).
Use of aliased variables can cause some very strange problems,
when A and B are supposed to be independent but actually refer
to the same location in memory.
The greater the number of global variables the greater the
probability of aliased variables.
So far, so plausible. What evidence is there? Well, it certainly
occurs; I have seen others do it (I have not ticked this box yet).
Does the probability scale linearly, logarithmically (square root
anyone) with number of global variables? Good question that man.
Most research measures executable statements, not variable declarations.
Next time somebody asks you what source code issues industry is
interested in, suggest they investigate variable declarations.
--
Derek M. Jones Software analysis
tel: +44 (0)1252 520667 blog:shape-of-code.coding-guidelines.com
More information about the systemsafety
mailing list