Re: [SystemSafety] Logic

From: Michael Tempest < >
Date: Sun, 16 Feb 2014 16:41:21 +0200


On 2/16/14, Les Chambers <les_at_xxxxxx
> Peter
> I am in furious agreement with Steve Tockey.

And so am I.

I observed two patterns over the 15-odd years that I worked for an airborne military systems house (where I wrote mostly 178B level C "commercial software", since the general practice was to design systems where software could not contribute to hazards): 1) The programmers with an electronics engineering background found it very difficult to express an argument (for example, why it is okay to violate *this* coding standard rule *here*) and even more difficult to review an argument. I fall into this category and I learned to do it badly (by the standards of this list).
2) The programmers with a computer science or computer engineering background generally understood formal methods and were often enthusiastic about them, yet were not able to apply them cost-effectively. Curiously (to me), they were not much better at expressing arguments. They did do slightly better at reviewing arguments.

I remain puzzled that, in addition to the above, these programmers (including myself) did not really understand the meaning of the code they wrote, this lack of understanding did not bother them, and they nevertheless wrote software that worked and was certified, and along the way they reviewed each others' software and found defects. It clearly worked, but...

> We must find a way to bring formal methods out of the lab and into general use.
> My humble suggestion for a starting point is to start with something that
> programmers know and move on from there.

As one of the "highly paid amateur" programmers, that would be very welcome.

Kind regards

The System Safety Mailing List
systemsafety_at_xxxxxx Received on Sun Feb 16 2014 - 15:41:31 CET

This archive was generated by hypermail 2.3.0 : Tue Jun 04 2019 - 21:17:06 CEST