[SystemSafety] The mindset for safety-critical systems design

Tom Ferrell tom at faaconsulting.com
Wed Sep 19 10:57:06 CEST 2018


No particular answer on incremental software,  however I wanted to note that this topic is likely to become a major burning question for safety-critical development soon.  All of the eVTOL designers want to roll out SW updates just as the autonomous auto folks are doing.  The current civil cert process is not setup to accommodate.  There are many of us trying to figure out when and under what circumstances, and most importantly,  with what level of 'reproving' will be needed.  Frequencies under discussion range feom on demand to something a bit more reasonable say once or twice a year.



Sent from my Verizon, Samsung Galaxy smartphone


-------- Original message --------
From: Tim Schürmann <tschuerm at techfak.uni-bielefeld.de>
Date: 9/19/18 10:39 AM (GMT+01:00)
To: systemsafety at lists.techfak.uni-bielefeld.de, olwen.morgan at btinternet.com
Subject: Re: [SystemSafety] The mindset for safety-critical systems design

Hi :)


On 18.09.2018 17:11, Olwen Morgan wrote:
>
> The two cardinal principles of critical systems design are:
>
> 1.    Whatever is not there cannot go wrong (so do not include any
> functions that you do not need).
>
> 2.    Whatever is there is less likely to go wrong the simpler it is.
>
> [...]
In the context of the above stated principles, what would be your take
on the 'Incremental development of software'
favored by Brooks in his book 'The Mythical Man-Month'? (Original Idea:
Harlan Mills 1971, afaik).

Kind regards
Tim

_______________________________________________
The System Safety Mailing List
systemsafety at TechFak.Uni-Bielefeld.DE
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20180919/e25bc90f/attachment-0001.html>


More information about the systemsafety mailing list