Category: Systems Safety Engineering

  • Andrew Odlyzko on Cybersecurity not Being a Big Deal

    1. In 2019, Andrew Odlyzko published a paper in ACM Ubiquity in which he argued that cybersecurity was not as big a deal as some prognosticators had claimed http://www.dtc.umn.edu/~odlyzko/doc/cyberinsecurity.pdf There are a number of insights, as well as some questionable arguments. I find it worth commenting. Paragraphs are numbered. I abbreviate the author’s name to AO.…

  • System Safety, Cybersecurity, the “Scope” of IEC 61508 and Broken Standards

    IEC 61508, the the international standard for functional safety of systems involving E/E/PE subsystems (which nowadays means mostly every engineered system), is being revised, or “maintained” in the IEC jargon. It started, for the SW part, in November 2014 and for the general-systems and HW part in November 2017, after a request for comments from…

  • Outsourced Engineering-Software Development

    [2019-07-02. Modified to add a working link to the Ladkin-Simons paper on Static Deadlock Analysis.] Bloomberg has an interesting article by Peter Robison on the difficulties Boeing seems to have been having with outsourced software development. Such outsourcing has been going on for decades in all sorts of software-dependent companies, and is a well-developed model. Sometimes…

  • Further Comment on the IEEE Spectrum article concerning MCAS

    Gregory Travis has responded to my comments in the Risks Forum Digest at https://catless.ncl.ac.uk/Risks/31/22#subj23 . He includes a wealth of interesting new information. He only disagrees with one of the points I made concerning the accuracy of his article, namely the categorisation of the frequency of failure of AoA sensors. I said Travis suggests AoA sensors…

  • IEEE Spectrum on Possible Software Involvement in Two Recent Airliner Crashes

    (This article is a modified version of one which appeared in the ACM Risks Forum Digest, Issue 31.21) Gregory Travis published an article on 2019-04-18 on the involvement of the MCAS software on Boeing 737 MAX aircraft in two recent crashes, Lion Air flight 610 and Ethiopian Airlines flight 302, in IEEE Spectrum. The article…

  • Safety and “AI Safety”

    Robert Schaefer just pointed me (via a mailing-list note) to a list of features of “AI safety”, via a reference in the blog of Victoria Krakovna at https://vkrakovna.wordpress.com/2018/11/01/discussion-on-the-machine-learning-approach-to-ai-safety/ . The features of “AI safety” pointed to, from  http://www.foldl.me/2018/conceptual-issues-ai-safety-paradigmatic-gap/ , are Short-term: This work involves immediately practical safety risks in deploying machine learning systems. These include data poisoning, training set…

  • Passwords and Requirements Engineering

    Readers may know that for quite some time I have been working on topics in requirements engineering, in particular for safety requirements. They may recall previous posts here at https://abnormaldistribution.org/index.php/2010/11/09/formal-definition-of-the-notion-of-safety-requirement/ and https://abnormaldistribution.org/index.php/2010/11/09/the-parable-of-the-exploding-apples/ as well as the terminology engineering in OPRA at https://rvs-bi.de/publications/books/RVS-Bk-17-02/Ch03-OPRA.pdf and the derivation of demonstrably-relatively-complete safety requirements in Bernd Sieker’s doctoral thesis (in German) https://rvs-bi.de/publications/Theses/Dissertation_Bernd_Sieker.pdf Unfortunately, requirements analysis and engineering…

  • Automated Road Vehicles and Risk Calculations

    Judging risks is fraught with uncertainty. But say this to a decision theorist and heshe will likely suggest you are contradicting yourself. Decision theorists speak of a risk when all the probabilities are known; they speak of decision-making under uncertainty when some of them are not. I was recently reminded of this by reading Isaac Levi’s introduction to Daniel…

  • The System Architecture of Autonomous Road Vehicles

    Matthew Squair wrote in http://www.systemsafetylist.org/3785.htm I’ll stipulate that a car can drive itself when I see one successfully and safely negotiate…. Beware of the Turing Test and its successors! Back eleven years ago or so, I participated regularly in an aviation forum called PPRuNe https://www.pprune.org , which was started by a couple of professional pilots, for…

  • David Cummings on Phil Koopman/Michael Barr’s Unintended-Acceleration Testimony

    In October 2013, an Oklahoma civil court found that it was more likely than not that faulty control SW had caused a car crash in which the car accelerated, contrary to the apparent intention of the driver, resulting in death and severe injury to the occupants. Readers may find some discussion of this at the…