Re: [SystemSafety] Software reliability (or whatever you would prefer to call it)

From: Derek M Jones < >
Date: Mon, 09 Mar 2015 01:15:51 +0000


Hello,

> It has a simple purpose: to clean up the currently messy and incoherent Annex D of 61508.

If this is the intent then perhaps what is needed is a list of suggested statistical books.

> Our aim here was not to innovate in any way, but to take the premises of the original annex, and make clear the assumptions underlying the (very simple) mathematics/statistics for any practitioners who wished to use it. The technical content of the annex, such as it is, concerns very simple Bernoulli and Poisson process models for (respectively) on-demand (discrete time) and continuous time software-based systems.How

How might a reader interpret an Annex that starts by discussing one statistical technique and then goes on to show how it can be applied in a software situation involving: "... the satisfaction function of P, SatP: I " {“success”, “failure”}"

Does anybody expect the reader to say thanks very much and then proceed to use a different statistical technique?

 > Thus there is an extensive discussion of the issue of state, and how this affects the plausibility of the necessary assumptions needed to justify claims for Bernoulli or Poisson behaviour.

This sounds like a good idea. However, given the uncertainty about which statistical model is appropriate for software reliability, other statistical processes should be discussed at the same level of importance.

> Note that there is no advocacy here. We do not say “Systems necessarily fail in Bernoulli/Poisson processes, so you must assess their reliability in this way”.

There is advocacy in the last paragraph. Which, while not say that systems fail in a particular way, does kind of orient the reader in that direction.

"Further, [Anon15] suggests that the only software to which the Bernoulli-process interpretation
applies is software which makes no use of internal memory, so-called “stateless” software. Our
considerations above show that the execution of deterministic software from an initial state
constitutes a Bernoulli trial, and thus repeated execution a Bernoulli process. There is no condition
on memory use arising from our construal of a the execution of a deterministic program P forming a
Bernoulli process, contrary to what [Anon15] suggests."

> Whilst these are, we think, plausible models for many systems, they are clearly not applicable to all systems.

This would be a very useful statement to include in the annex, along with an extensive discussion of the issue of state, and how this affects the plausibility of the necessary assumptions needed to justify claims for these other plausible models.

-- 
Derek M. Jones           Software analysis
tel: +44 (0)1252 520667  blog:shape-of-code.coding-guidelines.com
_______________________________________________
The System Safety Mailing List
systemsafety_at_xxxxxx
Received on Mon Mar 09 2015 - 02:15:53 CET

This archive was generated by hypermail 2.3.0 : Fri Feb 22 2019 - 05:17:07 CET