Rigorous-Assurance Points in Software Development
Peter Ladkin
Director, Causalis Limited
Almost fifty years ago, a dependability crisis in software was noted by an international meeting of computer scientists in Garmisch-Partenkirchen. Stored-program computers were just a couple of decades old. We are now approaching the seventieth anniversary of stored-program computers, and they are ubiquitous. In the half-century since the Garmisch meeting, the technology of software dependability has advanced immeasurably. But much of it remains unused in everyday software development. Like most engineered artifacts, software is built to some purpose. That purpose belongs to the “documentation” of the artifact, as do assurances that the built object is fit for the purpose. The dependability of the software depends essentially upon its purpose, and thereby its documentation. A number of us are concerned that standards for critical software development, for example IEC 61508-3, lag years, even decades, behind the state of the art. In 2010, with the help of some eminent colleagues, I formulated a collection of 26 points at which objective properties of the software and documentation could be rigorously assured using industrially-mature techniques, and often were not. None of them appeared in IEC 61508-3. After seven years of discussion, including further research on industrial maturity commissioned from Bernd Sieker, the German National Committee for functional safety of computer-based systems formulated a proposal to be presented to the IEC for a standards document based on those assurance points. I introduce those techniques in this talk.
About Peter Ladkin
Peter Bernard Ladkin has worked primarily in system safety for over two decades, as well as other aspects of software-based system dependability. His method for causal analysis of failures and accidents, Why-Because Analysis (WBA) is used worldwide by some 11,000 engineers. Causalis uses WBA as well as related methods for hazard analysis and failure modes analysis. He is active in electrotechnical-system standardisation, working with German committees on safety and security, functional safety, software safety, and statistical analysis of software, as well as the IEC Maintenance Teams for the international electrotechnical functional safety standard IEC 61508.He has also worked in software verification, distributed-system and communications verification, and symbolic AI, and dabbles in analytic philosophy as well as British Isles, Irish and American folk music for fun, enlightenment and the occasional free beer. His B.A., M.A. and PhD degrees are in various combinations of mathematics, philosophy and logic from the University of Oxford and the University of California, Berkeley. He is a British citizen, Fellow of the IET and holds a U.S. FAA airman’s certificate for single-engine land airplanes with instrument rating.Sponsored by
