[SystemSafety] A Fire Code for Software?

Steve Tockey Steve.Tockey at construx.com
Tue Mar 6 21:41:07 CET 2018 

Martyn,
Not necessarily just ³how many?², but also ³who?². As I wrote elsewhere:


³TWA flight 599
The safest way to travel is by airplane, but it wasn¹t always that way.
Many of the laws, regulations, and procedures that make air transport so
safe today can be traced back to a single event: the crash of TWA Flight
599 on March 31, 1931. That crash killed Knute Rockne, coach of the then
top ranked Notre Dame college football team, along with 428 seven of the
team¹s star players:

"The national outcry over the air disaster that killed Rockne (and the 7
others) triggered sweeping changes to airliner design, manufacturing,
operation, inspection, maintenance, regulation and
crash-investigation‹igniting a safety revolution that ultimately
transformed airline travel worldwide, from the most dangerous form of
travel to the safest form of travel"

Chapter 1 cited a broad set of major software failures‹all of which were
rooted in mainstream software development and maintenance practices. But
as serious as those were, they were mere brushes with disaster. Far worst
is yet to come.

A software equivalent, in terms of public outcry, of TWA 599 is avoidable.
However, if nothing changes in how mainstream software is developed, it is
inevitable. Are you willing to wait for the software equivalent of TWA
599? I'm not. We already know how to make safe and reliable software. And,
the very things that make software safe and reliable also make it easier
and cheaper to build and maintain. You don¹t have to spend more time and
money to get better software; building software better saves time and
money.

Either we sit back and wait for a major software disaster big enough to
cause public outcry like TWA 599, or we act now to avoid it. Either way,
we can¹t keep developing increasingly critical software the way we always
have and expect the long-term results will be any different.²


As long as the victims are, shall I say, anonymous, they won¹t get much
sympathy except from their loved ones. But just one or a few high profile
victims can change everything.


‹ steve




-----Original Message-----
From: systemsafety <systemsafety-bounces at lists.techfak.uni-bielefeld.de>
on behalf of Martyn Thomas <martyn at thomas-associates.co.uk>
Date: Tuesday, March 6, 2018 at 11:24 AM
To: "systemsafety at lists.techfak.uni-bielefeld.de"
<systemsafety at lists.techfak.uni-bielefeld.de>
Subject: Re: [SystemSafety] A Fire Code for Software?

How many would we need before anything changed?

Martyn


On 06/03/2018 19:13, paul_e.bennett at topmail.co.uk wrote:
> On 06/03/2018 at 7:00 PM, "Derek M Jones" <derek at knosof.co.uk> wrote:
>> As I keep reminding people,
>> safety related software has a (lack of) dead body problem.
> I am certain there are dead bodies around, caused by software errors.
> However, whether those dead bodies have been properly ascribed to
> the software as a cause is debatable.
>
> The Toyota case left us with several dead bodies attributable to poor
> system design and shoddy software.
>
> I don't know how many eventually died from the Therac case.
>
> We should be cataloguing these dead body cases somewhere central,
> perhaps with the financial backing of insurance companies, so that
> there is a central resource where the lessons can be given.
>
> Regards
>
> Paul E. Bennett IEng MIET
> Systems Engineer
> Lunar Mission One Ambassador

_______________________________________________
The System Safety Mailing List
systemsafety at TechFak.Uni-Bielefeld.DE

More information about the systemsafety mailing list