Re: [SystemSafety] Does "reliable" mean "safe" and or "secure" or neither?

From: Matthew Squair < >
Date: Fri, 22 Apr 2016 08:17:07 +1000


I think it was Lewis who pointed out that for a representational system to work, both parties need both a common first and higher order set of expectations
about their own behavior as well as about the expectations and behaviour of the other. Which applies to people as much to computers :)

On Thu, Apr 21, 2016 at 10:37 PM, Tim Schürmann < tschuerm_at_xxxxxx

> Hi Bertrand,
> if i get you right, you're saying: One needs to access/address the
> previous experience/knowledge of a person (with respect to culture/work
> etc.) to make sure the underlying mental model of understanding/meaning
> is similar/the same?
>
> Regards
> Tim
>
> On Do, 2016-04-21 at 12:25 +0000, RICQUE Bertrand (SAGEM DEFENSE
> SECURITE) wrote:
> > Hi Les,
> >
> > This is very interesting. We had some few weeks ago a discussion about
> the meaning of integrity in a French workgroup. It happens that in French,
> the meaning of "intégrité" encompasses the same scope that the meaning of
> integrity in English, but that among the different meanings the "moral" one
> appears after the "untouched/intact" meaning.
> >
> > Thus for the reader of a standard, the first connotation that comes in
> mind is not the same. One can even doubt about the relevancy of standards
> using undefined(or weakly defined) terms leading to such diverse
> interpretations..
> >
> > Looking in standards, we were trying to find the technical
> "sub-attributes" of "integrity" and it appeared to us that this was not
> defined in any sector. There is a kind of "feeling" that it has some
> relationship with systematic errors/failures but there is nothing further.
> >
> > That's the reason why we are currently working on the technical content
> associated with the term. Could we define a metric for integrity ? E.g. has
> a system with 75% coverage diagnostics more integrity than a system with 50
> % ? Are there features or attributes building integrity ? Etc...
> >
> > Bertrand Ricque
> > Program Manager
> > Optronics and Defence Division
> > Sights Program
> > Mob : +33 6 87 47 84 64
> > Tel : +33 1 58 11 96 82
> > Bertrand.ricque_at_xxxxxx > >
> >
> > -----Original Message-----
> > From: Les Chambers [mailto:les_at_xxxxxx > > Sent: Thursday, April 21, 2016 2:10 PM
> > To: 'Peter Bernard Ladkin'; RICQUE Bertrand (SAGEM DEFENSE SECURITE);
> 'Andy Ashworth'; 'Christopher Johnson';
> systemsafety_at_xxxxxx > > Subject: RE: [SystemSafety] Does "reliable" mean "safe" and or "secure"
> or neither?
> >
> > Peter
> > On your pronouncement: "This is utter nonsense"
> > I am surprised at such a subjective turn of phrase for one who alleges
> to be a seeker of objective definition. Get a grip son. The sentence is
> laced with pride and lacks intellectual rigour. It ranks with "this is
> s..t" or "I'm surrounded by idiots!"
> >
> > Further, it lacks integrity because it does not support the end-to-end
> process of corrective action. In this sense it is not whole or entire.
> Decades of sitting in engineering reviews has taught me that such emotional
> and ambiguous utterances such as this waste people's time, a precious
> commodity when you're building systems with other people's money.
> > In contrast, explicit defect definitions such as: incorrect fact,
> ambiguity, standards non-compliance, inconsistent with our observations of
> ... cut to the chase pointing the author to exactly where he or she needs
> to go to either correct the defect or further justify the statement. It
> also focuses on the work not the person. "utter nonsense" implies
> foolishness in the author (I note that I am not offended. I do not crave
> your gratitude for my posts. Gratitude has a short memory, better to say
> what one thinks because one thinks it is right).
> > In addition, your defect definition does not explicitly identify the
> element of the offending paragraph that requires correction. Which part do
> you find nonsensical?
> >
> > As it happens my reference to the secular seeker of moral clarity
> conflicting with religious faith is consistent with what I have observed.
> It is based on a personal experience where I accidentally trod on a seminar
> participant's strongly held religious beliefs. But that's another story ...
> > The end result unfortunately was that the conversation stopped. What
> positive ideas that may have come out of the interaction were lost. Hence
> the need for caution in these areas. Anger snuffs out the lamp of the mind.
> >
> > On: 'we use the word "integrity" for it, because one has to have a word
> for it and that's as good as any' ...
> >
> > I think we can do better than this. These words need to trigger states
> of mind and ultimately action. This can't happen if they're not understood
> or remembered. The literature of rhetoric and storytelling is way ahead of
> the engineering profession on this. I'm constantly amazed at how well the
> story theorists have turned the subjective into useful objective patterns
> that integrate so well with the way our brains are wired and influence us.
> Why do you think we will never forget:
> >
> > Never in the field of human conflict has so much been owed by so many to
> so few
> >
> > You remember this as soon as you hear it because it's a classic
> ascending tricolon. Orators since before Cicero have known that people find
> this rule of three satisfying, complete and motivating. Very useful if you
> need to pad out a bad argument with rhetoric. Integrity on the cheap.
> >
> > Churchill did it again after the Battle of Al Alamein
> >
> > Now this is not the end.
> > It is not even the beginning of the end.
> > But it is, perhaps, the end of the beginning.
> >
> > Another tricolon this time with chiasmus (swapping beginning and end).
> >
> > And to round out my rule of threes, another one. In the 1920s F Scott
> Fitzgerald blew away the literary community with:
> >
> > "That’s my middle-west—not the wheat or prairies or the lost Swede towns
> but the thrilling, returning trains of my youth and the street lamps and
> sleigh bells in the frosty dark and the shadows of holly wreaths thrown by
> lighted windows on the snow."
> >
> > My overall point is that the states of mind and thought patterns of
> human beings can be influenced by words presented in the right patterns.
> The engineering profession should know more about this, especially as we
> attempt to program "higher" intelligence into computers. Further, high
> integrity systems are created by high integrity people. Looking into and
> defining what constitutes integrity in human behaviour is the sacred
> mission of us all, including the standards developer. So get on with it.
> >
> > Cheers
> > Les
> >
> > -----Original Message-----
> > From: Peter Bernard Ladkin [mailto:ladkin_at_xxxxxx > > Sent: Thursday, April 21, 2016 1:00 PM
> > To: Les Chambers; 'RICQUE Bertrand (SAGEM DEFENSE SECURITE)'; 'Andy
> Ashworth'; 'Christopher Johnson';
> systemsafety_at_xxxxxx > > Subject: Re: [SystemSafety] Does "reliable" mean "safe" and or "secure"
> or neither?
> >
> > Les,
> >
> > On 2016-04-20 23:18 , Les Chambers wrote:
> > > But here's the thing, any standards body that goes down this path will
> > > soon encroach upon the territory of established religion whose moral
> codes often diverge even though their collective central core is probably
> the same.
> >
> > That is utter nonsense.
> >
> > We are talking about properties of systems and code and trying to figure
> out which of them are objective and which not. Most of us in standards want
> to be able to define something like the trustworthiness of a system, in
> this case with respect to safety or security properties, and we use the
> word "integrity" for it, because one has to have a word for it and that's
> as good as any. No one has yet succeeded in defining an objective property,
> in the way in which many people have succeeded in defining objectively what
> it is for code to fulfil its specification. I guess we shall continue to
> try until we succeed.
> >
> > BTW, I was preoccupied with other things yesterday and failed to notice,
> until too late, that what I thought had become a private chat, between four
> people who know each other, wasn't. Participants here will appreciate at
> least in principle that my private chatter differs in style from my public
> communication. Mea culpa. I hope no one was offended.
> >
> > PBL
> >
> > Prof. Peter Bernard Ladkin, Faculty of Technology, University of
> Bielefeld, 33594 Bielefeld, Germany Je suis Charlie
> > Tel+msg +49 (0)521 880 7319 www.rvs.uni-bielefeld.de
> >
> >
> >
> >
> >
> >
> >
> > #
> > " Ce courriel et les documents qui lui sont joints peuvent contenir des
> informations confidentielles, être soumis aux règlementations relatives au
> contrôle des exportations ou ayant un caractère privé. S'ils ne vous sont
> pas destinés, nous vous signalons qu'il est strictement interdit de les
> divulguer, de les reproduire ou d'en utiliser de quelque manière que ce
> soit le contenu. Toute exportation ou réexportation non autorisée est
> interdite Si ce message vous a été transmis par erreur, merci d'en informer
> l'expéditeur et de supprimer immédiatement de votre système informatique ce
> courriel ainsi que tous les documents qui y sont attachés."
> > ******
> > " This e-mail and any attached documents may contain confidential or
> proprietary information and may be subject to export control laws and
> regulations. If you are not the intended recipient, you are notified that
> any dissemination, copying of this e-mail and any attachments thereto or
> use of their contents by any means whatsoever is strictly prohibited.
> Unauthorized export or re-export is prohibited. If you have received this
> e-mail in error, please advise the sender immediately and delete this
> e-mail and all attached documents from your computer system."
> > #
> > _______________________________________________
> > The System Safety Mailing List
> > systemsafety_at_xxxxxx >
> --
> Kind Regards
> Tim Schürmann
>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety_at_xxxxxx >

-- 
*Matthew Squair*
BEng (Mech) MSysEng
MIEAust CPEng

Mob: +61 488770655
Email: MattSquair_at_xxxxxx
Website: www.criticaluncertainties.com <http://criticaluncertainties.com/>



_______________________________________________ The System Safety Mailing List systemsafety_at_xxxxxx
Received on Fri Apr 22 2016 - 00:17:21 CEST

This archive was generated by hypermail 2.3.0 : Tue Jun 04 2019 - 21:17:08 CEST