Re: [SystemSafety] NYTimes: The Next Accident Awaits

From: Tom Ferrell < >
Date: Mon, 3 Feb 2014 11:31:45 -0500


As is often human nature, there is a lot in this discussion that is couched in terms of 'either-or' rather than 'both-and.' For many of the reasons cited by Nancy, it would be very difficult to completely replace any of the extant certification frameworks wholesale with safety or assurance cases. For safety cases to be helpful, they need to be combined with many of the aspects of our current certification framework, not used as a complete replacement. I think the idea of an overarching 'case' to help organize and present for review and approval of certification data would be helpful, especially if it can be used to focus limited resources on the correct questions to be asking of any new or modified design/implementation. The current prescriptive guidance used in aviation-related software is only getting ever more detailed and prescriptive. It is causing significant focus to be directed at detailed data generation that increasingly misses system to software requirements allocation issues and emergent system complexity issues. In other words, we have moved from protecting the forest by assuring the trees to trying to protect the forest by assuring the leaves of the trees. It is an unsustainable path. Anything that causes a refocusing on the system, its interaction with other systems, and the contribution of the software to the robustness of those interactions would be very helpful at this point.

Tom Ferrell
Consulting FAA DER



The System Safety Mailing List
systemsafety_at_xxxxxx Received on Mon Feb 03 2014 - 17:31:59 CET

This archive was generated by hypermail 2.3.0 : Sun Feb 17 2019 - 16:17:06 CET