[SystemSafety] The Importance of Standards

[Les Chambers]

Well said Peter and Andrew
I feel your pain. But courage, your suffering is insignificant compared to 
that of Catholic Priest Jan Hus (1369 - 1415) as the Pope's men burned him at 
the stake for his sins.
Hus' special crime was to push back against pathological behaviours of the 
Roman Catholic Church of his day. These behaviours repeat in various contexts 
throughout history. With the IEC we have deja vu all over again.
My best pass at a behavioural model is as follows:
An elite, having come into possession of a body of knowledge (BOK), sought 
after by the masses, declares its members holy and proceeds to limit the 
common folk's access to that BOK. Typical motivations are ego, power and 
money.

The actions that lead Hus to the stake included: 
1. Calling for a higher level of morality among the priesthood. Financial 
abuses, sexual immorality, and drunkenness were common among the priests of 
Europe.

2. Calling for preaching and Bible reading in the common language.

3. Opposing the sale of indulgences. 
(These were documents of personal forgiveness from the Pope which were sold 
for sometimes exorbitant prices. You could go to heaven for a pot of gold ... 
apparently.)

The essence of these actions projected onto the IEC's role in today's safety 
critical systems development are as follows:
1. Morality among the priesthood. Religious belief is an apt metaphor for 
alignment with the principles of safety critical systems development. Your 
belief needs to be strong to engage with confidence in exchanges such as ...
CEO: "Well son, what do I get if I spend an additional million dollars on this 
smoke extraction system?"
Systems Engineer: "Sir, trust in IEC 61508, if you spend an additional million 
dollars nothing bad will befall you." 
(followed by industry sector specific disaster case studies - my favourite for 
chemical processing is Bhopal preceded by this image: 
famouspictures.org/bhopal-gas-disaster-girl/)
Systems Engineer: "Can you imagine being held responsible for this sir?"
A good Christian needs easy access to the Christian Bible. A good Muslim needs 
ready visibility of a Quran. While working in a Muslim country I was impressed 
with the way Muslims consider their spirituality at prayers five times a day. 
Would that systems engineers were that devout. 
It is well known that communities with free access to information flourish. 
Those whose enlightenment is blocked by the vested interests of a few "holy 
men" remain in the dark ages. The keepers of the IEC business model should 
reflect on their actions and cease their immoral blocking, rent seeking 
behaviour. 
Choosing to do nothing is to invite the modern equivalent of a Reformation. 
See Martin Luther and the "Ninety-Five Theses", 1517. The BS of indulgences 
ran too deep for Luther. He pushed back in the tradition of Jan Hus 102 years 
after his brutal execution.

2. Preaching and reading in the common language. Standards such as IEC 61508 
need to be explained line by line.  In the 1990s I did exactly this, 
explaining ISO 9001's application to software development to a few hundred 
Australians. I was blown away by how such a simple standard could generate so 
much confusion and so much conversation. Personally, it was fun. I attracted 
much positive feedback. The most common comment was. "Oh! Thank you Les. Now I 
understand WTF I'm supposed to do." 
Without dialog with knowledgeable humans (or smart AIs), expecting these 
standards to be understood and implemented ... ever ... is analogous to 
expecting your congregation to do good and be good by lecturing them in Latin.

A contributing factor to the success of my ISO 9001 courses was that I could 
afford to include an original ISO 9001 in my course notes. This is not 
possible with IEC 61508. Copyright restrictions must represent a minefield for 
people who attempt to provide training in this standard. 
I note that, in scope and complexity, ISO 9001 is to IEC 61508 as Conrad's 
Heart of Darkness is to Tolstoy's War and Peace. You need a multidisciplinary 
team to "preach" it effectively and over a period of weeks. I suspect that 
this task will ultimately fall to an AI. We are already embarked on that path. 
Go to chat.openai.com and ask "How do I comply with IEC 61508" or command the 
AI to "Generate a IEC 61508 compliant safety plan outline". The openai chat 
bot is a general tool, it will fit you up with a delicious linguine recipe - 
with white clam sauce - if you're that way inclined. 
Imagine the possibilities if it was trained in the minutiae of 61508 
compliance!

3. Selling indulgences. The modern business "goes to heaven" when it gets its 
invoices paid. Yes indeed, the standards compliance imperative becomes a 
potent moral force when attached to conditions of contract. If you don't 
comply you don't get paid. The contractor's first step therefore is to 
purchase the indulgence of the IEC but unlike the indulgences of old, the 
whole team requires elevation to heaven not just one rich person. You 
therefore need multiple copies of the  standard, which at its current list 
price creates a problem - which is usually solved by a descent into copyright 
criminality at the Xerox machine. Wither morality now?
But what of your average bear, an open source developer for example, without 
the luxury of  a wealthy company to provide a copy of the standard or an 
employee of a wealthy company without contracts that require standards 
compliance? 
I'll tell you what ...
The grave's insatiate maw,
The void, the vast abyss,
The nothingness, the shade,
The silence and the sleep.    - "The Dark" by Emily Brontë
... of the rank ignorance that kills people.
Each year we add more punters to the ranks of this dark rank. Consider only 
two companies in one industry sector. Ford and GM alone have committed to a 
collective > 40 billion EV development budget for 2020 - 25. Given the 
productivity of the average developer and the need for millions of lines of 
safety critical code in an EV we have a massive demand for software engineers 
with safety credentials. With the glacial takeup of 61508/26262 style 
standards, actively obstructed by IEC "holy men", these jobs will be taken by 
inexperienced people with no concept of a hazard or a hazard reduction 
technique and no craving for the fellowship of the meaty red team code review. 
Ergo the IEC's pricing policy is a hazard with potential for devastating down 
stream effects. They should be leading but instead they are acting as dead 
weight.

My suggestions for breaking down barriers to adoption are:
1.Packaging. Package standards with an AI.
2. Accessability. Make them available on line at a peppercorn rental eg as a 
Netflix subscription.
3. Synthesis. Provide open access to standard updates. My personal experience 
in begging visibility of candidate 61508 updates is akin to a known pedophile 
requesting access to a childcare centre. I am, apparently, insufficiently 
holy. A career, commencing 1975, in developing, living with and training the 
faithful in safety critical systems development is insufficient. I've searched 
my soul. Could it be that I also need to give up the women?
No matter, the naysayers of open access should study the evolution of Linux - 
an infinitely more complex piece of intellectual property (ask 
chat.openai.com). 

Finally I say to you IEC "holy men".
Your business model is not sustainable. The demand of the faithful is too 
great, the supply of wisdom is too pricey, the disappointment in your low 
level of morality is growing.
There will be blood.
There will come a Martin Luther.
There will be a Reformation.
The communities that depend on these standards will split just as the 
Protestants parted from the Catholic Church.
Repent now, open your standards, or risk "the vast abyss" of irrelevance!

As for you Andrew Banks, keep the faith, its unlikely they'll burn you at the 
stake for speaking the truth. The holy have evolved past that (one would 
hope); evidence Martin Luther dying quietly in bed aged 62. Be aware though 
that attempting to sell an overpriced closed standard to an open source 
community WILL get you singed. The failure of the IEC to spot the oxymoron 
betrays an eye-watering lack of insight. 

Cheers
Les

> Hi Peter
> 
> A good post.  For my sins, I've recently picked up the role of chairing an 
ISO study group into the use of ISO/IEC standards in the open source community 
- and in particular the barriers to adoption.
> 
> When I suggested that cost was a serious barrier, this didn’t go down well 
- for example, even the flagship software life cycle processes standard, 
ISO/IEC/IEEE 12207, is CHF 208 for a single-user licenced copy.  Heck, people 
get hot under the collar when asked to pay £5.00 for a copy of MISRA C.
> 
> The sale of standards (nationally and internationally) keeps a lot of people 
in employment - but not those of us doing the work (we rely on supportive 
employers).
> 
> Andrew
> 
> -----Original Message-----
> From: systemsafety <systemsafety-bounces at lists.techfak.uni-bielefeld.de> On 
Behalf Of Peter Bernard Ladkin
> Sent: 09 December 2022 11:46
> To: The System Safety List <systemsafety at techfak.uni-bielefeld.de>
> Subject: [SystemSafety] The Importance of Standards
> 
> Back in 2016, I wrote a short article comparing the approach of EUROCAE ED-
153 to software safety and that of IEC 61508. It was presented at the 11th IET 
International Conference on System Safety and Cyber Security in 2016.
> 
> Papers weren't required to accompany talks. But I wrote the paper and it was 
duly "published" in that USB sticks containing written accompaniments to talks 
were distributed with the conference materials. (Martyn Thomas pointed to the 
irony of a Cyber Security conference distributing USB sticks without any kind 
of assurance.)
> 
> The proceedings are available. The IET offers them for sale for £79. 
> https://digital-library.theiet.org/content/conferences?pageSize=100&page=1
> 
> Most academic publishers offer individual papers for sale. I do not agree 
with the kinds of prices they charge, but £79 is way above those prices.
> 
> I did approach the IET about this. They responded that individual papers are 
available at no charge to all IET members and affiliates (that is, people 
entitled to log in to IET on-line services). I guess that solves it for 160+K 
people.
> 
> But no one has to go that route. It's up on ResearchGate, a 
preprint+published-paper collector. 
> ResearchGate informed me today that 6,000 people have read it.
> 
> That paper was written when I was a German public servant with my salary 
paid by German taxpayers, as also Managing Director of the tech-transfer 
company Causalis on whose behalf I donated it pro bono publicum. I do not 
agree with restricting its distribution. I want it to be open access and, 
thanks to ResearchGate and my still-maintained Uni WWW site (and its mirror, 
paid for by Causalis) it is.
> 
> The main point I wish to make is this. 6,000 people have wanted to know the 
similarities and differences between ED-153 and 61508. They have their 
reasons, and I surmise it is not because they find my paper more entertaining 
to read than Stephen King.
> 
> Engineering standards are a public good. Except they are not public.
> 
> We are currently running through the German comments on IEC 61508 Ed3 CD. We 
have had three full days of discussion, just on which ones to forward to the 
IEC and which ones not to, and a further three full days are planned. That is 
300 person-days, just for that one task (and then there is the huge effort put 
in by particular people to collate and sort the comments and ease the 
discussion. I am currently in awe at the skill of one colleague who conducted 
yesterday's 7-hour meeting flawlessly, without apparently cognitively phasing 
in and out, probably beyond my capabilities.)
> 
> When this decade-long task is finally finished, the result will be proudly 
........ sold by the IEC to anyone with CHF 1400. (And, may I say, actively 
copyright-protected.)
> 
> John Knight, RIP, Martyn Thomas and I have repeatedly expressed our 
discontent with this and other aspects of engineering standardisation 
https://scsc.uk/scsc-126
> 
> Standards are important. We need to move to a model in which they work as a 
public good.
> 
> PBL
> 
> Prof. i.R. Dr. Peter Bernard Ladkin, Bielefeld, Germany
> Tel+msg +49 (0)521 880 7319  www.rvs-bi.de
> 
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
> Manage your subscription: https://lists.techfak.uni-
bielefeld.de/mailman/listinfo/systemsafety

--

Les Chambers

les at chambers.com.au

+61 (0)412 648 992