[SystemSafety] Correctness by Construction
Steve Tockey
steve.tockey at construx.com
Tue Jul 14 19:16:36 CEST 2020
Paul E. Bennett wrote:
³Add to that, keeping tabs on suitable hardware to run those tools specific
to a particular incarnation of the real system, maybe even mothballing
some hardware for the purpose of going back to run a very old version
that might only run under a no longer maintained tool-set. That would be
truly draconian.²
I have been led to believe by trusted insiders that at least one avionics
vendor does exactly that for their DO-178C Level A software. To be able to
reconstruct exact bit-wise replicas of any version of the code ever
released to production, they not only archive the code, they archive the
entire tool chain along with sufficient hardware to be able to run that
tool chain. The avionics vendor in question is said to be sitting on a
veritable museum of antique computing hardware.
-----Original Message-----
From: systemsafety <systemsafety-bounces at lists.techfak.uni-bielefeld.de>
on behalf of "paul_e.bennett at topmail.co.uk" <paul_e.bennett at topmail.co.uk>
Date: Tuesday, July 14, 2020 at 3:52 AM
To: "systemsafety at lists.techfak.uni-bielefeld.de"
<systemsafety at lists.techfak.uni-bielefeld.de>
Subject: Re: [SystemSafety] Correctness by Construction
On 7/14/2020 at 10:16 AM, "Olwen Morgan" <olwen at phaedsys.com> wrote:
>
>On 13/07/2020 20:01, Michael Holloway wrote:
>>
>> How does /draconian/ configuration management differ from
>>normal, sensible configuration management such as what is required by
>>(for example) DO-178C>
>> *
>> *
>*It doesn't.*
>
>*I'm merely pointing out that, by common standards of practice, it
>has to be *very* disciplined. All CM processes I've seen control the
>artefacts produced in the process. The only one I've ever seen
>that controls the tools is the Altran-Praxis CM process that they used
>for iFacts, among other projects. When, as I have done for the best
>part of three decades, I've proposed to clients that they should control
>tools as well as artefacts, all but those you could count on a mutilated
>hand have actually balked at the idea.*
>
>*
>
>*Olwen*
Add to that, keeping tabs on suitable hardware to run those tools specific
to a particular incarnation of the real system, maybe even mothballing
some hardware for the purpose of going back to run a very old version
that might only run under a no longer maintained tool-set. That would be
truly draconian.
Regards
Paul E. Bennett IEng MIET
Systems Engineer
Lunar Mission One Ambassador
--
********************************************************************
Paul E. Bennett IEng MIET.....
Forth based HIDECS Consultancy.............
Mob: +44 (0)7811-639972
Tel: Due to relocation - new number TBA. Please use Mobile.
Going Forth Safely ..... EBA. www.electric-boat-association.org.uk..
********************************************************************
_______________________________________________
The System Safety Mailing List
systemsafety at TechFak.Uni-Bielefeld.DE
Manage your subscription:
https://lists.techfak.uni-bielefeld.de/mailman/listinfo/systemsafety
More information about the systemsafety
mailing list