[SystemSafety] Bursting the anti formal methods bubble

Matthew Squair mattsquair at gmail.com
Thu Oct 26 11:03:04 CEST 2017


Perhaps we should say that software engineers have a denial problem?
Updating Derek’s original 2009 post a little:

1. Qantas QF72 - a dozen or more serious injuries (Inability of software to
handle Byzantine fault)
2. Ariane 501 - loss of multi-million dollar mission/payload (poor code
reuse)
3. Titan IVB-32 loss of multi-million dollar mission/payload (poor code
reuse)
4. Therac 25B multiple patient deaths (race conditions in software)
5. 2011 24% of medical device recalls by US FDA due to software (multiple
reasons - mostly patient safety related )
6. Toyota cruise control software defect - at least one death and one
severe injury (defective watchdog design + spaghetti code)
7. 2015 A400 crash - Four crew dead and two sever injuries (design fault -
software cal data load error undetectable prior to flight)

Back in the day when riverboat and steam engine boilers went ‘kaboom’ on a
regular basis there was a clear recognition that this was technology
problem and we got firm regulation and the supporting boiler safety codes.
But software? Not so much it appears, my question is why is that?



On 26 October 2017 at 3:43:31 am, Martyn Thomas (
martyn at thomas-associates.co.uk) wrote:

Some of them are here: *JT James*, *A new, evidence-based estimate of
patient harms associated with hospital care*,
Journal of Patient Safety, 2013 Sep;9(3):122-8. doi:
10.1097/PTS.0b013e3182948a69., for the reasons that Harold Thimbleby has
described.

Martyn



On 25/10/2017 17:23, Derek M Jones wrote:


Software engineering has a dead body problem:
http://shape-of-code.coding-guidelines.com/2009/11/18/where-are-the-dead-bodies/


_______________________________________________
The System Safety Mailing List
systemsafety at TechFak.Uni-Bielefeld.DE
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20171026/f979a2dd/attachment-0001.html>


More information about the systemsafety mailing list