[SystemSafety] What do we know about software reliability?

Nick Tudor njt at tudorassoc.com
Tue Sep 15 14:28:21 CEST 2020 

Thiery - you are bang on with your comments re Ariane and all the points re
software exhibiting a failure rate of 1 (or zero...if it had not
encountered such out of range inputs).  My colleague was on the Board of
Inquiry (the only Brit) so I am very sure that this was a system issue and
not a software 'reliability' issue.  The environment can stimulate the
system and it's software in unexpected ways; Ariane V being just such a
case.  Of course, this was a human error and is the kind of thing that
makes software look like it has a 'reliability'.


Nick Tudor
Tudor Associates Ltd
Mobile: +44(0)7412 074654
www.tudorassoc.com

*77 Barnards Green Road*
*Malvern*
*Worcestershire*
*WR14 3LR*
*Company No. 07642673*
*VAT No:116495996*

*www.aeronautique-associates.com <http://www.aeronautique-associates.com>*


On Tue, 15 Sep 2020 at 11:28, Peter Bernard Ladkin <ladkin at causalis.com>
wrote:

>
>
> On 2020-09-15 11:21 , Coq, Thierry wrote:
> > ...Ariane A501 flight has disproved any probabilistic approach on
> software that would not
> > start with a frequency of failure of 1.
>
> I have no idea what this sentence means.
>
> I think everybody would agree that the environmental circumstances leading
> to failure of the Ariane
> FLight 501 control system were certain to arise during launch. I don't see
> what probability has to
> do with it.
>
> Whatever people's inclinations to statistical evaluations of SW, we are
> about to be deluged by it.
> The DLNN assistance functions in the automation of road vehicles can at
> present only be justified by
> an assessment of their in-service behaviour. There are going to be
> numerical requirements on their
> dependability and vendors will be providing argument that those numerical
> requirements are fulfilled.
>
> The statisticians know well how much evidence has to be produced in order
> to derive conclusions on
> reliability to an appropriate level of confidence. (See, for example,
> Peter Bishop's comment here on
> the Tempe accident.) It is a lot higher than what, as far as I can tell,
> the vendors of such
> equipment are likely be able to produce. What's going to happen?
>
> PBL
>
> Prof. Peter Bernard Ladkin, Bielefeld, Germany
> Styelfy Bleibgsnd
> Tel+msg +49 (0)521 880 7319  www.rvs-bi.de
>
>
>
>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
> Manage your subscription:
> https://lists.techfak.uni-bielefeld.de/mailman/listinfo/systemsafety
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/pipermail/systemsafety/attachments/20200915/2f9e8c13/attachment-0001.html>

More information about the systemsafety mailing list