[SystemSafety] Koopman replies to concerns over Toyota UA case

Wed Jan 3 12:08:56 CET 2018

On 03/01/2018 at 7:21 AM, "Andrew Banks" <andrew at andrewbanks.com> wrote:
>
>On 30 December 2017 21:25, Paul Bennett wrote
>
>	Specifying a McCabe Code Complexity limit for individual software
>components is, in my eyes, 
>	more of a trigger to begin asking the questions that need to be
>asked. If the development policy
>	set the MCC at say 9, then any component submitted for review 
>with a
>number above that should
>	begin to get questions asked.
>
>In theory this is a sound idea... similarly with Source Lines of 
>Code
>(another broadly useless/arbitrary metric) - however...
>
>As we in the MISRA C Working Group know from painful experience, 
>too many QA
>Peeps put aside common sense, and apply blind adherence and a tick-
>box
>mentality to rules - eg the frequent requirement for 100% MISRA C
>compliance, with no deviations (which is, generally, infeasible for
>non-trivial projects) which can potentially in some cases result 
>in more
>complex conforming code, than the non-conforming code - especially 
>when the
>Advisory Rules are followed blindly.
>
>So in the suggested case, the QA Clipboard Monitors will simply
>"non-compliant" any module with a MCC above X (without permitting
>debate/concession)

I thought that even for MISRA C there was a note somewhere that suggested
any non-compliance with a rule needed justification and that 100% compliance
was not necessary if such justification was proven to be sound enough. Quality
products require some intelligent work being done.

Regards

Paul E. Bennett IEng MIET
Systems Engineer
Lunar Mission One Ambassador
-- 
********************************************************************
Paul E. Bennett IEng MIET.....
Forth based HIDECS Consultancy.............
Mob: +44 (0)7811-639972
Tel: +44 (0)1392-426688
Going Forth Safely ..... EBA. www.electric-boat-association.org.uk..
********************************************************************