RE: [sc] question about software versus hardware



RE: [sc] question about software versus hardware

From: Mark Coates <Mark.Coates_at_xxxxxx>
Date: Mon, 16 Feb 2009 13:36:30 -0000
Message-ID: <B9AFB6B047652846AEBC7800AB12C860928821@xxxxxx>
Robert,

I'll have a stab at this...

1	

O	Try and prevent the state from happening first, that's a good
principle, rather than putting effort into fire fighting after the
event. 
E.g. it would be more effective not to use asbestos than rely on
protective equipment to safeguard you from it.
O	You could always do both. 
If I were to identify both they I would expect to justify why not both.
O	An important thing to realise is that any safeguard introduced
may also fail to operate for the same reason that the system entered the
unsafe state; i.e a common mode failure, e.g. if the operating system
"crashed" and it was required for the initial function *and* the
safeguard then that failure mode would nullify any effects of the
safeguard.


2

O	If you are discussing software, then software is always
reliable; i.e it will always fail or succeed in the same way, it is 100%
reliable. The software may be systematically unsafe because of a flaw,
e.g. in the requirements or coding, but it's reliably unsafe. The
failure in software is a failure in the processes which introduce a flaw
which is not then identified and removed later in the lifecycle, either
by an act of omission or commission.

3

O	I'll let someone else field this.




Mark Coates


-----Original Message-----
From: Schaefer, Robert P (US SSA)
[mailto:robert.p.schaefer@xxxxxx] 
Sent: Monday, February 16, 2009 12:51 PM
To: safety-critical@xxxxxx
Subject: [sc] question about software versus hardware

Hello,

 

 This is my first posting to this list, please forgive me if I break

  protocol. I am a quick study. Here are my questions.

 

 1. In the design of barriers that prevent access to unsafe states,

     is there a general recommendation for hardware (physical barriers)

     over software (logical barriers)? Or is this a context dependent

     judgment call?

 

 2. This has probably come up before but which is more important 

     overall, reliability or safety?  Or is this a chicken and egg kind

     of thing (which came first)?

 

 3. With the known and ongoing failures in software reliability 

     would you consider it a mistake to ever trust software for

     (your) safety?

 

 thank you for your consideration

 robert schaefer

 robert.p.schaefer@xxxxxx


________________________________________________________________________
This e-mail has been scanned for all viruses by Star. The
service is powered by MessageLabs. For more information on a proactive
anti-virus service working around the clock, around the globe, visit:
http://www.star.net.uk
________________________________________________________________________

Visit our web site at www.scottwilson.com

Privilege and Confidentiality Notice.

This e-mail and any attachments to it are intended only for the party to whom they are addressed.  They may contain privileged and/or confidential information.  If you have received this transmission in error, please notify the sender immediately and delete any digital copies and destroy any paper copies.

Thank you.

The ultimate parent company of the Scott Wilson Group is Scott Wilson Group plc.  
Registered in England No. 5639381
Registered Office: Scott House, Alencon Link, Basingstoke, Hampshire, RG21 7PP
Received on Mon 16 Feb 2009 - 13:37:13 GMT