Re: [sc] Structural testing



Date view Thread view Subject view Author view

Wolfgang Ehrenberger (340015850853-0001(at)t-online.de)
Wed, 01 May 2002 14:01:04 +0200


Brian Wichman has stated: > Unfortunately (in my view) IEC 61508 does not give any > guidance on the metric to be satisfied on the use of > structural testing for each SIL. For simplicity, > consider three levels of testing: > > 100% statement coverage > 100% branch coverage > 100% MCDC (as per DO-178B) > > One can therefore suggest that by analogy with DO-178B, > SIL4 should require 100% MCDC. But what about SIL1-3? > > What would *You* advise? Again for simplicity, let us > assume that there is no technical reason why 100% could > not be achieved (or perhaps we exclude those cases which > can be shown to be technically impossible). > > I will post my own views. If you are happy for me to. The reason that IEC 61508 does not mention any required coverages for tests is its probabilistic basis. Dependent on the demand profile of the application even high test coverages may lead to desasterous losses. Therefore one can say: If one decides for coverage testing one is more or less obliged to aim at correctness of the considered code. Correctness can be achieved in a combiation of testing and analysis or proving. There seems to be only one small exception: If a fault in the code is detected one may be able to prove that it will never lead to a failure in one particular application. Best Regards Wolfgang


Date view Thread view Subject view Author view