RE: "Certified" Code Generator

RE: "Certified" Code Generator

From: GRAZEBROOK, Alvery N <alvery.grazebrook_at_xxxxxx>
Date: Mon, 18 Sep 2006 13:56:16 +0100
Message-id: <9A0914A3C6757A45A77DD46D96BC8EA503703F5C@xxxxxx>
I agree, but I think you missed the point. I made this comment because I agree with PBL's premise that simple statistical observation won't give us a useful answer to the question of reliability. PBL jumped in off the deep end with the billions of years, but even the more optimistic position still doesn't give us a useful answer. 

My conclusion ... Simple observation of statistical events won't do anything beyond offering to disprove the claim if the claim is wrong by several orders of magnitude. Therefore, if we want to consider using software at all in these type of systems, and economically we (society) clearly do, we need to approach the problem in a different way.


-- this e-mail expresses personal opinions, not those of my employers. 

-----Original Message-----
From: safety-critical-request@xxxxxx
[mailto:safety-critical-request@xxxxxx]On Behalf Of Martyn Thomas
Sent: 18 September 2006 12:26
To: safety-critical@xxxxxx
Subject: RE: "Certified" Code Generator

Observing Airbus's fleet for (sufficient) thousands of years would provide
evidence that their avionics software (if unmodified for all this time) had
10^-9 pfh.

It would tell you nothing about the pfh of the code generator, on other
source code or for other applications.


Martyn Thomas

-----Original Message-----
From: safety-critical-request@xxxxxx
[mailto:safety-critical-request@xxxxxx]On Behalf Of GRAZEBROOK,
Alvery N
Sent: 18 September 2006 12:10

> When they have used it for a billion years, I think that would
> count as good evidence.

Airbus have an operational fleet of thousands of aircraft, flying thousands
of hours per year. You should only need to observe them for thousands of
years to begin to be statistically significant. Having said that, the oil to
keep them going probably won't last that long, even if the aircraft do.



This mail has originated outside your organization,
either from an external partner or the Global Internet.
Keep this in mind if you answer this message.

This e-mail is intended only for the above addressee. It may contain
privileged information. If you are not the addressee you must not copy,
distribute, disclose or use any of the information in it. If you have
received it in error please delete it and immediately notify the sender.
Security Notice: all e-mail, sent to or from this address, may be
accessed by someone other than the recipient, for system management and
security reasons. This access is controlled under Regulation of
Investigatory Powers Act 2000, Lawful Business Practises.
Received on Mon 18 Sep 2006 - 13:57:51 BST