[SystemSafety] What do we know about software reliability?
Peter Bernard Ladkin
ladkin at causalis.com
Wed Sep 16 16:09:27 CEST 2020
> I think this subject is worthy of more considered thinking than can be achieved over this forum, and would love to see a fully fledged debate to see where software reliability has moved on from when I first looked into it.
I think a distinction also needs to be drawn between evaluation of operational history and
statistical testing. This surfaced long ago in the German debates (in which Bev and Bertrand Ricque
also participated), when we had a participant familiar with theory who was adamant there was no
difference, and three people even more familiar with theory, and also with experience in opeval, who
said oh yes there is.
Dewi came up with a nice example in a MT-3 email exchange. Assuming perfect recording, he asked if
there was a difference between evaluating a million instances over 3 ophours each and evaluating one
instance over 3 million op hours.
The answer is: yes, there is. Suppose the kit goes haywire after ten hours' use because, say, of
uncorrected deviance from calibration. (Remember the Patriot anti-missile system deployed in Saudi
during the Gulf War?) You never see that in the first scenario, but you see it after ten hours with
the second. That fits your abstract scenario, no?
So you really do need histories with comparable deployment times as to what you expect in the new
scenario, even if you are doing stattesting. There are two ways to get that. One is to run a
stattest for a longish time, which usually isn't feasible with the ultrareliability conditions we
hope for, and the other is to institute a sort of "proof test interval", by means of which, in
deployment, the software is rebooted at an interval comparable with the longest test/evaluation
period - and you had also better make sure that all causal variables are reset when you reboot (not
necessarily easy, as I remarked in my last note).
Of course, you could theoretically get that scenario in pure opeval, but I can't think of a
plausible instance.
PBL
Prof. Peter Bernard Ladkin, Bielefeld, Germany
Styelfy Bleibgsnd
Tel+msg +49 (0)521 880 7319 www.rvs-bi.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.techfak.uni-bielefeld.de/pipermail/systemsafety/attachments/20200916/12ab7e36/attachment.sig>
More information about the systemsafety
mailing list