On Jun 2, 2009, at 10:50 PM, Martyn Thomas wrote:
> And when the approach taken by a standard is shown to be
> fundamentally unscientific, a professional abandons that standard
> and works on a new one.
Given my informal prompting of a number of professionals, I can only
report a couple that I think are working on
new standards, neither of them an alternative to 61508 (one is,
obviously, DO-178C). I would classify my colleagues'
views as follows: (a) the debate is pointless; 61508 is obviously
broken and inadequate for the applications in which
I work; the 61508 committee participants apparent refuse to listen to
or attempt seriously to answer any arguments which
tell them so, or to bring their work up to scratch in any acceptable
manner; (b) <silence>.
The majority of those who are silent had previously expressed views
such as those in (a), but had obviously tired of
Amongst those people are software engineers, and researchers who work
on software engineering issues, with
significant international reputations, who are the most cited or
amongst the most cited in their fields; who have worked
on significant, very visible assessments of software and software-
based systems; who have achieved the highest
honors available to those working primarily on the engineering of
software. And then there's me, too.
Contrast this situation with Bill Black's optimistic if not
enthusiastic clarification of how swimmingly the 61508 maintenance
action is progressing. Almost everyone almost agrees, differences
should be reconciled soon with only minor problems
remaining, and suggestions for changes received were mostly editorial.
The first question that occurs to one is: are these groups of people
living on the same planet?
Checking the internet addresses, the answer appears to be yes. How can
One answer was volunteered by a colleague of mine, privately:
"Voyez M. xxxxxxxxx, qui pratique la politique de l'autruche"
So, let's assume a newcomer to this mailing list, an engineer who has
worked a few years, or many years, on
safety-related systems with programmable-electronic components and who
is looking here for some guidance.
Heshe reads Bill's encomium. What does heshe conclude? 61508's the
thing for me and my company! We are
so much going to improve the quality of our products if we use this
standard! Thank goodness all these people
have worked so hard on it for so long!
This engineer is thereby missing an important piece of information.
This piece of information is: that a large majority
of prominent dependable-software experts who know anything about 61508
at all think that 61508's implications for,
and guidance concerning, the software bits of those programmable
electronic systems are, well, la politique de l'autruche.
Then our engineer might like to ponder another piece of information.
None of the national committees nor the international
committee responsible for 61508, nor the committees responsible for
its "maintenance" (currently 30% overdue, gee,
it's almost like a software project!) contain, as far as I know, even
one prominent dependable-software expert with an
international reputation. Unlike, for example, the U.S. National
Research Council's Committee on
Certifiably Dependable Software Systems, which contains, well, lots of
In other words, our engineer could, correctly, conclude that these
61508 committees are attempting to regulate stuff that
they don't know anything about (along with some stuff that they do
know something about). And they appear to
be screwing it up. Which, our engineer might go on to think, might
well be why this person Martyn Thomas, whoever
he is, is saying
> The standards-making process is broken.
But wait, thinks our engineer, not so fast. Maintenance requires
soliciting comments from everyone and anyone, and
Bill Black reports
> A large number of comments were received mostly of an editorial
So, heshe thinks, there are these people such as Thomas and Ladkin
grumping on mailing lists about 61508 who
can't even be bothered to send in their comments for consideration
during the maintenance stage. They're
probably just poseurs who like to blabber.
But here heshe needs another piece of information. One prominent
software engineer, who has accumulated a certain
number of honors for his services to software engineering, spent some
time and effort fitting his critical comments and
suggestions for improvement into the extremely restrictive format
required by "official" IEC commentary procedures,
and then had his entire set of comments rejected *without
explanation*. In other words, he tried hard and his stuff
was just thrown out, out of hand. I've got a copy.
In other words, there is good evidence that the maintenance committee
just listens to the stuff it wants to listen to,
such as "comments...of an editorial nature" and throws out other
stuff. Our engineer may be reminded here of two
concepts which occurred above: "politique", "autruche".
> Can anyone name a single, credible expert in software engineering
> for safety-related systems who would be willing to go on record as
> supporting IEC 61508?
(No, Martyn, no one can. But it's an unfair question - if somebody
whom we thought of as a credible expert actually
went on record as supporting it, heshe would thereby lose that
So what's going to happen? Rolf complains that no one joined in from
certain critical industries in 1989-1997, but I
doubt he, or anyone else, can explain why the people such as Martyn
and myself who have been discussing the
strengths and weaknesses of 61508 in detail on this list and elsewhere
for the better part of a decade were ignored
during the recent maintenance action. Where is that going to lead?
Nonsense about software - not only that, but the
same old nonsense - for another ten years, and then the head-in-the-
sand bit all over again? What, really, will be
the outcome of all this?
Peter Bernard Ladkin, Professor for Computer Networks and Distributed
University of Bielefeld, 33594 Bielefeld, Germany
www.rvs.uni-bielefeld.de +49 521 880 73 19
[The content of this part has been removed by the mailing list software]
Received on Thu 04 Jun 2009 - 08:11:45 BST