Re: [SystemSafety] Does "reliable" mean "safe" and or "secure" or neither?

Date: Thu, 21 Apr 2016 12:25:06 +0000

Hi Les,

This is very interesting. We had some few weeks ago a discussion about the meaning of integrity in a French workgroup. It happens that in French, the meaning of "intégrité" encompasses the same scope that the meaning of integrity in English, but that among the different meanings the "moral" one appears after the "untouched/intact" meaning.

Thus for the reader of a standard, the first connotation that comes in mind is not the same. One can even doubt about the relevancy of standards using undefined(or weakly defined) terms leading to such diverse interpretations..

Looking in standards, we were trying to find the technical "sub-attributes" of "integrity" and it appeared to us that this was not defined in any sector. There is a kind of "feeling" that it has some relationship with systematic errors/failures but there is nothing further.

That's the reason why we are currently working on the technical content associated with the term. Could we define a metric for integrity ? E.g. has a system with 75% coverage diagnostics more integrity than a system with 50 % ? Are there features or attributes building integrity ? Etc...

Bertrand Ricque
Program Manager
Optronics and Defence Division
Sights Program
Mob : +33 6 87 47 84 64
Tel : +33 1 58 11 96 82

-----Original Message-----
Sent: Thursday, April 21, 2016 2:10 PM
Subject: RE: [SystemSafety] Does "reliable" mean "safe" and or "secure" or neither?

On your pronouncement: "This is utter nonsense" I am surprised at such a subjective turn of phrase for one who alleges to be a seeker of objective definition. Get a grip son. The sentence is laced with pride and lacks intellectual rigour. It ranks with "this is s..t" or "I'm surrounded by idiots!"

Further, it lacks integrity because it does not support the end-to-end process of corrective action. In this sense it is not whole or entire. Decades of sitting in engineering reviews has taught me that such emotional and ambiguous utterances such as this waste people's time, a precious commodity when you're building systems with other people's money. In contrast, explicit defect definitions such as: incorrect fact, ambiguity, standards non-compliance, inconsistent with our observations of ... cut to the chase pointing the author to exactly where he or she needs to go to either correct the defect or further justify the statement. It also focuses on the work not the person. "utter nonsense" implies foolishness in the author (I note that I am not offended. I do not crave your gratitude for my posts. Gratitude has a short memory, better to say what one thinks because one thinks it is right). In addition, your defect definition does not explicitly identify the element of the offending paragraph that requires correction. Which part do you find nonsensical?

As it happens my reference to the secular seeker of moral clarity conflicting with religious faith is consistent with what I have observed. It is based on a personal experience where I accidentally trod on a seminar participant's strongly held religious beliefs. But that's another story ... The end result unfortunately was that the conversation stopped. What positive ideas that may have come out of the interaction were lost. Hence the need for caution in these areas. Anger snuffs out the lamp of the mind.

On: 'we use the word "integrity" for it, because one has to have a word for it and that's as good as any' ...

I think we can do better than this. These words need to trigger states of mind and ultimately action. This can't happen if they're not understood or remembered. The literature of rhetoric and storytelling is way ahead of the engineering profession on this. I'm constantly amazed at how well the story theorists have turned the subjective into useful objective patterns that integrate so well with the way our brains are wired and influence us. Why do you think we will never forget:

Never in the field of human conflict has so much been owed by so many to so few

You remember this as soon as you hear it because it's a classic ascending tricolon. Orators since before Cicero have known that people find this rule of three satisfying, complete and motivating. Very useful if you need to pad out a bad argument with rhetoric. Integrity on the cheap.

Churchill did it again after the Battle of Al Alamein

Now this is not the end.
It is not even the beginning of the end. But it is, perhaps, the end of the beginning.

Another tricolon this time with chiasmus (swapping beginning and end).

And to round out my rule of threes, another one. In the 1920s F Scott Fitzgerald blew away the literary community with:

"That’s my middle-west—not the wheat or prairies or the lost Swede towns but the thrilling, returning trains of my youth and the street lamps and sleigh bells in the frosty dark and the shadows of holly wreaths thrown by lighted windows on the snow."

My overall point is that the states of mind and thought patterns of human beings can be influenced by words presented in the right patterns. The engineering profession should know more about this, especially as we attempt to program "higher" intelligence into computers. Further, high integrity systems are created by high integrity people. Looking into and defining what constitutes integrity in human behaviour is the sacred mission of us all, including the standards developer. So get on with it.


-----Original Message-----
Sent: Thursday, April 21, 2016 1:00 PM
Subject: Re: [SystemSafety] Does "reliable" mean "safe" and or "secure" or neither?


On 2016-04-20 23:18 , Les Chambers wrote:
> But here's the thing, any standards body that goes down this path will
> soon encroach upon the territory of established religion whose moral codes often diverge even though their collective central core is probably the same.

That is utter nonsense.

We are talking about properties of systems and code and trying to figure out which of them are objective and which not. Most of us in standards want to be able to define something like the trustworthiness of a system, in this case with respect to safety or security properties, and we use the word "integrity" for it, because one has to have a word for it and that's as good as any. No one has yet succeeded in defining an objective property, in the way in which many people have succeeded in defining objectively what it is for code to fulfil its specification. I guess we shall continue to try until we succeed.

BTW, I was preoccupied with other things yesterday and failed to notice, until too late, that what I thought had become a private chat, between four people who know each other, wasn't. Participants here will appreciate at least in principle that my private chatter differs in style from my public communication. Mea culpa. I hope no one was offended.

PBL Prof. Peter Bernard Ladkin, Faculty of Technology, University of Bielefeld, 33594 Bielefeld, Germany Je suis Charlie Tel+msg +49 (0)521 880 7319

" Ce courriel et les documents qui lui sont joints peuvent contenir des informations confidentielles, être soumis aux règlementations relatives au contrôle des exportations ou ayant un caractère privé. S'ils ne vous sont pas destinés, nous vous signalons qu'il est strictement interdit de les divulguer, de les reproduire ou d'en utiliser de quelque manière que ce soit le contenu. Toute exportation ou réexportation non autorisée est interdite Si ce message vous a été transmis par erreur, merci d'en informer l'expéditeur et de supprimer immédiatement de votre système informatique ce courriel ainsi que tous les documents qui y sont attachés."

" This e-mail and any attached documents may contain confidential or proprietary information and may be subject to export control laws and regulations. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. Unauthorized export or re-export is prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system." #

The System Safety Mailing List
systemsafety_at_xxxxxx Received on Thu Apr 21 2016 - 14:25:22 CEST

This archive was generated by hypermail 2.3.0 : Tue Jun 04 2019 - 21:17:08 CEST