Re: [SystemSafety] Research topics

From: René Senden < >
Date: Fri, 26 Jul 2013 10:16:21 +0200


Thank you Peter…  

Although my query was pretty open, indeed I have a particular interest for research which is suitable for a PhD, and which particularly focusses on system-safety.

This very question has been on my mind for years now. As one starts to think about it, it does lead to other questions which are not easy to answer.

In my opinion, system-safety as a science, if there is any such thing at this time, is an applied science. Its objective must be, or at least include, to improve safety

in the practice of developing, maintaining & operating critical engineered software-intensive systems. A lot of foundational questions have to be asked, first of all

because some of them can be answered, and second of all because they lead to other important questions. Without a foundation it is impossible to build anything,

the same goes for an applied science such as we discuss here. Which criteria are applied for research in this field, and how do we decide what is worthy to explore/investigate?

What methods are suitable/helpful for our research? What really does go on out there in the real world, how can we find out, why doesn’t anyone write about this, and how

do we expect to make progress until this is actually being done? How do we deal with the empirical aspect of research? Why aren’t we putting more effort into seeking parallels

with other scientific disciplines that deal with very similar problems?  

I realize that my viewpoint is messy and wide and at times a bit too philosophic for some…    

From: Peter Bernard Ladkin [mailto:ladkin_at_xxxxxx Sent: vrijdag 26 juli 2013 7:05
To: René Senden
Cc: <systemsafety_at_xxxxxx Subject: Re: [SystemSafety] Research topics  

That reminds me. I thought about that some. The answer is that I don't know. I don't know about the "3" and I don't know about the "prioritize". They sound like arbitrary management constructs, but the question was free-form.  

Then I recall Rene suggested something about "suitable for a Ph.D." - am I right? Ph.D.s differ hugely in their requirements (mine was extreme - it took me thirteen years, including breaks, and I was the second person to finish from my entering year. Whereas Bielefeld has stipendia for doing doctoral degrees in certain "Graduate Schools" that expect one to finish in two. In Berkeley Math in the 1970's, two years was what people took to get through the qualifying exams with "normal progress" and, with some luck, maybe select a possible thesis topic!). That restricts it even further. It's a little like asking "what are the three biggest issues with driving today?" and then adding "on the way to obtaining your driving licence". Not a criticism, please understand - just an observation.  

I was also intrigued by some of the answers, because it shows what people think of as "research" and it's clear there are many different conceptions out there.  

For example, I don't think fiddling around with DO178 counts for me as research. I understand that you can get "research funding" for such things, but that is an artifact of how SW-related resources work. (I remember us talking twenty-five years ago about how a lot of USG "research" funding seemed like some agency trying to get bespoke SW written on the cheap. We mostly didn't think that was a great idea - it didn't necessarily turn out to be that cheap for what you got, partly because the contract didn't specify that the deliverables had to work in any of the usual senses of "work" :-) ). It counts for me as engineering development.  

But I also agree that, in engineering, research and development are highly intertwined. There is a lot of so-called engineering research that is just pure math, and not very inspiring pure math at that (unfortunately a lot in one of my specialities, program verification); to me, something only as "engineering" if you can look at some artifact and see it working as claimed. (Well, apart from the statistical stuff which Bev does, which also counts to me as engineering. People can probably think of another few dozen exceptions. But I still count "what does it do and how?" as key.)  

For example, the math in my doctoral thesis, which is what I was better at, was implemented in SW, which I was not so good at. But which, incidentally, I wrote by myself over a number of months with a third-party interface spec, then handed off to the SW integrator, who found a data-type-endpoint that I hadn't secured within a couple hours of handover; fixed; integrated in the larger KBSA system within another couple of hours - and then ran AFAIK bug-free for the next few years. That was a mixed procedural/declarative programming language called REFINE, which unfortunately is now dead. It was also a relatively small program, but it implemented a moderately sophisticated temporal-interval data-type to do temporal and calendrical calculations, so it wasn't trivial (but I would claim that, wouldn't I?). So when I babble on about SW properties and assurance, it comes from my personal experience.  

For me, many of the biggest research problems with today's systems, which are becoming predominantly dependent on digital-computing technology, lie in SW. Here are my suggestions concerning research in SW.  

There is a dearth of practical methods for defining appropriate properties of SW involved in the safety of the systems in which that SW runs, and assuring that delivered SW has those properties. What are those kinds of properties? How can you use them to define or enhance safety properties of the system in which that SW runs? How can you assure SW has those properties? How can you have confidence in your assurance methods?  

Given our past history, that's probably enough research for the next half-century.  

PBL Prof. Peter Bernard Ladkin, University of Bielefeld and Causalis Limited

On 25 Jul 2013, at 22:50, René Senden <rene.senden_at_xxxxxx

Thank you all for your interesting contributions..  

From: René Senden [mailto:rene.senden_at_xxxxxx Sent: zondag 14 juli 2013 12:13
To: systemsafety_at_xxxxxx Subject: Research topics  

Suppose you were to prioritize, say, 3 research topics. Which would you select?



The System Safety Mailing List
systemsafety_at_xxxxxx


The System Safety Mailing List
systemsafety_at_xxxxxx Received on Fri Jul 26 2013 - 10:16:35 CEST

This archive was generated by hypermail 2.3.0 : Thu Apr 25 2019 - 20:17:05 CEST