Re: [SystemSafety] Software reliability (or whatever you would prefer to call it) [UNCLASSIFIED]

Date: Fri, 6 Mar 2015 15:17:47 +0100

Right, and this is the problem at least for process industries making huge use of this type of behaviour.

Bertrand Ricque
Program Manager
Optronics and Defence Division
Sights Program
Mob : +33 6 87 47 84 64
Tel : +33 1 58 11 96 82

-----Original Message-----
Sent: Friday, March 06, 2015 2:31 PM
To: systemsafety_at_xxxxxx Subject: Re: [SystemSafety] Software reliability (or whatever you would prefer to call it) [UNCLASSIFIED]

This message has been marked as UNCLASSIFIED by King, Martin (NNPPI)

Many safety shutdown systems will spend a considerable proportion of their time (90%+) in one of two plant states (operational and maintenance) with parameters that are quite limited in range. The two dominant states usually have parameter values that are quite disparate. Most of the remainder of the time is spent transitioning between these two states. In an ideal world the limited range of parameter values that will cause a shutdown will never occur - in practise they will normally occur extremely rarely over the life of the plant. Is this really the input value distribution that we want to test our equipment with?

Martin King
(My opinions etc, not necessarily those of my employer or colleagues!)

-----Original Message-----
Sent: 06 March 2015 13:04
To: systemsafety_at_xxxxxx Subject: Re: [SystemSafety] Software reliability (or whatever you would prefer to call it)

I agree. That's why I added the point about explicit assumtions before using such measurements to predict the future.

There is usually a hidden assumption that the future input distribution will match that encountered during the measurement. But it's hard to justify having high confidence that such an assumption will prove correct.


On 06/03/2015 12:32, Derek M Jones wrote:
> Martyn,
>> The company calculates some measure of the amount of usage before
>> failure. Call it MTBF.
> Amount of usage for a given input distribution.
> A complete reliability model has to include information on the
> software's input distribution.
> There is a growing body of empirical work that builds fault models
> based on reported faults over time. Nearly all of them suffer from
> the flaw of ignoring the input distribution (they also tend to ignore
> the fact that the software is changing over time, but that is another
> story).

The System Safety Mailing List

The following attachments and classifications have been attached: The data contained in, or attached to, this e-mail, may contain confidential information. If you have received it in error you should notify the sender immediately by reply e-mail, delete the message from your system and contact +44 (0) 1332 622800(Security Operations Centre) if you need assistance. Please do not copy it for any purpose, or disclose its contents to any other person.

An e-mail response to this address may be subject to interception or monitoring for operational reasons or for lawful business practices.

(c) 2015 Rolls-Royce plc

Registered office: 62 Buckingham Gate, London SW1E 6AT Company number: 1003142. Registered in England.

The System Safety Mailing List
systemsafety_at_xxxxxx #
" Ce courriel et les documents qui lui sont joints peuvent contenir des informations confidentielles, être soumis aux règlementations relatives au contrôle des exportations ou ayant un caractère privé. S'ils ne vous sont pas destinés, nous vous signalons qu'il est strictement interdit de les divulguer, de les reproduire ou d'en utiliser de quelque manière que ce soit le contenu. Toute exportation ou réexportation non autorisée est interdite Si ce message vous a été transmis par erreur, merci d'en informer l'expéditeur et de supprimer immédiatement de votre système informatique ce courriel ainsi que tous les documents qui y sont attachés."

" This e-mail and any attached documents may contain confidential or proprietary information and may be subject to export control laws and regulations. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. Unauthorized export or re-export is prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system." #

The System Safety Mailing List
systemsafety_at_xxxxxx Received on Fri Mar 06 2015 - 15:17:56 CET

This archive was generated by hypermail 2.3.0 : Tue Jun 04 2019 - 21:17:07 CEST