[SystemSafety] What do we know about software reliability?

Michael Jackson jacksonma at acm.org
Fri Sep 18 12:54:46 CEST 2020


Olwen:

> On 18 Sep 2020, at 11:26, Olwen Morgan <olwen at phaedsys.com> wrote:
> 
> If we wish to quantify s/w reliability in probabilistic terms, then we are talking about the mean time between instances of presentation to the system of data that it should handle correctly but does not. To calculate this systematically  (leave alone accurately) one needs a probabilistic model of the input data sources. Regardless of the rigour with which the software has been constructed, without such modelling of input sources there is no *soundly-based* underpinning for any claim of s/w reliability in terms of quantitative MTBF. Also, even if you have modelled the input sources, you still need a decision procedure to determine whether any feasible input will actually result in a run-time error or incorrect behaviour or outputs. The only soundly-based way to do this is formal verification.

The input data sources (sensors) are not alone in the physical interface: there are also the output data recipients (actuators). A formal model of the physical world's behaviour over this input-output interface is the complementary side of the machine-governed world dialogue: it can be regarded as a software specification.

The validity of this interface model depends on the validity of a formal model of the physical world hinterland, serving two purposes. First, to show how the software's future inputs result from its past outputs; second, to show how this physical world behaviour (over a larger alphabet than the sensor and actuator phenomena) satisfies the system requirements.

Michael


More information about the systemsafety mailing list