Re: [SystemSafety] Does "reliable" mean "safe" and or "secure" or neither?

From: Chris Hills < >
Date: Sun, 24 Apr 2016 16:54:12 +0100


Hi All

As I started this (and was only expecting a couple of replies referring me to the same definition) I thought I should chip in.

Re
My issue is that software (whether good or bad) doesn't change over time. Talking about "software reliability" (therefore) doesn't make sense and is likely to lead to confusion.

Whist software does not change often there are so many paths through it and variables in it if can be said to have reliability. It may have a bug in it, be that in the implementation design or requirements, (or for that matter no bug just no one planed for that input series) that causes unexpected behaviours possibly non repeatable and apparently random responses.
So like mechanical things software can be unreliable.

Also " We can choose to define any terms that we use in a particular domain in any way that we like " I am sure that is loosely from Alice in Wonderland? The Turtle I think. IF we all have different definitions we are in the Tower of Babel. Having standard definitions eg a dictionary we can communicate successfully.

AFAICS we have no firm definitions of reliability for software. Also that reliable does not mean safe or secure but might in some instances.

Now out to walk does and carry on writing presentation. MISRA-C is going "safe and secure" as we are looking at rules to cover security. I know! In an idea world we would be using SPARK or Modula 2 :-)

Regards

   Chris

Phaedrus Systems Ltd
FREEphone 0808 1800 358 International +44 1827 259 546 Vat GB860621831  Co Reg #04120771
Http://www.phaedsys.com chills_at_xxxxxx

-----Original Message-----
From: systemsafety
[mailto:systemsafety-bounces_at_xxxxxx Michael J. Pont
Sent: 24 April 2016 15:28
To: 'The System Safety List'
Subject: Re: [SystemSafety] Does "reliable" mean "safe" and or "secure" or neither?

Mike,

We can choose to define any terms that we use in a particular domain in any way that we like.

Where these terms conflict with general use of the same word, we make it more likely that people reading the documents - etc - will be confused (in my view). Confusion tends to result in Bad Things Happening in this business. We (therefore) want to avoid confusion.

Two seconds on Google gives me this definition of reliability:

"Definition of reliability. 1 : the quality or state of being reliable. 2 : the extent to which an experiment, test, or measuring procedure yields the same results on repeated trials."

I see "2" as the useful (and general) definition here. It may even be compatible with O'Conner.

My issue is that software (whether good or bad) doesn't change over time. Talking about "software reliability" (therefore) doesn't make sense and is likely to lead to confusion.

(Hardware reliability is fine; System reliability is also fine, where System = Hardware + Software.)

---

While I'm here, "Reliability" isn't my only source of concern ...

People like to say things like:

"Faults may give rise to errors which may give rise to failures".

This usage is common in this domain but isn't (in my view) very helpful,
because "fault" and "error" mean much the same thing to most people (at
least those working in my variety of English).

Again, we can define these terms as we see fit but - if our goal is to avoid
confusion - this doesn't seem to be the best starting point ...

Michael.

-----Original Message-----
From: systemsafety
[mailto:systemsafety-bounces_at_xxxxxx
Mike Ellims
Sent: 24 April 2016 13:23
To: 'Coq, Thierry' <Thierry.Coq_at_xxxxxx
<systemsafety_at_xxxxxx
Subject: Re: [SystemSafety] Does "reliable" mean "safe" and or "secure" or
neither?


> as software does not "fatigue" or randomly "break" the way hardware
> does
Reliability engineering is much more than just fatigue or randomly breaks, it encompasses everything about the control of variation and error in a system, most commonly using statistical methods. BS 4478 defines reliability as "The ability of an item to perform a required function under stated conditions for a stated period of time". O'Conner states that "reliability is usually concerned with failures in the time domain. This distinctions marks the difference between traditional quality control and reliability engineering". He goes on to list a number of reasons why a failure may occur as follows (abridged) - design: which may be inadequate - overstress: i.e. analysis of condition was incomplete and/or incorrect - variation: which includes manufacturing variation - wear out, which is what everyone seems to think of... - error, such as errors in specification Henley and Kumamoto give a potted history of the development of reliability engineering and track its roots to work done by Lusser on the V2 (V1?) missile which was spectacularly unreliable at first. But obviously not a wear out issue... This is of course separate from whether in any context reliability is useful concept e.g. software. You can obviously measure the reliability of Windows98 is terms of mean time between crashes (failures in time) likewise you can measure the reliability of Linux in the same manner. Whether that has any deep meaning aside from the fact that it shows Windows98 to be pants compared to Linux for some distribution of uses/input/outputs a different question. Cheers. -----Original Message----- From: systemsafety [mailto:systemsafety-bounces_at_xxxxxx Coq, Thierry Sent: 24 April 2016 07:24 To: The System Safety List Subject: Re: [SystemSafety] Does "reliable" mean "safe" and or "secure" or neither? Hi I find this list hugely informative. In particular, I find PBL's posts factual, useful, interesting and intriguing. As well as the many other debaters who agree with him or challenge him. As it should be. I wish to express my gratitude to all debaters. However, this last exchange seems to me a debate on authority. On our left, we have DO-178. B now C. On our right, we have IEC, IEEE, Musa, etc. To go further, it is plain fact that the aeronautics industry has demonstrated it doesn't need "software reliability" to deliver highly reliable automated systems, or systems of systems. It seems evident with the knowledge we have of the aeronautics success that in order to use "software reliability" in other industries, or in aeronautics, there needs to be a clear use case where the value of "software reliability" is demonstrated, compared to other methods or techniques, in order to apply "software reliability". The analogy of software and hardware does not seem valid, as software does not "fatigue" or randomly "break" the way hardware does, which is the basis for all probabilistic reliability theories for hardware. The analogy that does seem valid between hardware and software is the presence of systematic faults, in design, manufacturing, installation, testing, misuse, etc. Which in hardware also does not have a probability number. Formal methods can be used to identify such systematic faults in software. If one can be found, then a test environment can be devised in which the software will fail 100% of the time. Random hardware faults do not behave like t hat. Best regards, Thierry Coq The opinions reflected here are my own and are not necessarily those of my employer -----Original Message----- From: systemsafety [mailto:systemsafety-bounces_at_xxxxxx Peter Bernard Ladkin Sent: dimanche 24 avril 2016 03:27 To: The System Safety List Subject: Re: [SystemSafety] Does "reliable" mean "safe" and or "secure" or neither? On 2016-04-23 19:43 , Nick Tudor wrote:
> DO-178C
In the absence of a complete sentence, let me suggest one. ---- DO178C sees no need to assign any meaning to the term "software reliability". It's fine for some industry consortium to find it has no use for a specific concept. RTCA likely has no use for the notion of a cup of tea, either (BS6008). But that doesn't mean it makes any sense to argue that there isn't any such thing as a cup of tea. PBL Prof. Peter Bernard Ladkin, Faculty of Technology, University of Bielefeld, 33594 Bielefeld, Germany Je suis Charlie Tel+msg +49 (0)521 880 7319 www.rvs.uni-bielefeld.de **************************************************************************** ********** This e-mail and any attachments thereto may contain confidential information and/or information protected by intellectual property rights for the exclusive attention of the intended addressees named above. If you have received this transmission in error, please immediately notify the sender by return e-mail and delete this message and its attachments. Unauthorized use, copying or further full or partial distribution of this e-mail or its contents is prohibited. **************************************************************************** ********** _______________________________________________ The System Safety Mailing List systemsafety_at_xxxxxx --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus _______________________________________________ The System Safety Mailing List systemsafety_at_xxxxxx _______________________________________________ The System Safety Mailing List systemsafety_at_xxxxxx _______________________________________________ The System Safety Mailing List systemsafety_at_xxxxxx
Received on Sun Apr 24 2016 - 17:55:50 CEST

This archive was generated by hypermail 2.3.0 : Tue Jun 04 2019 - 21:17:08 CEST