On Sunday, 27 November 2016 at 05:43:11 UTC, Shachar Shemesh
wrote:
On 26/11/16 07:50, Walter Bright wrote:
I'd like to know what really happened with the code.
But as someone who has worked on flight critical systems for
airliners,
the designs are required to account for any single failure of
anything.
That means all inputs must be validated for "reasonableness",
and the
same for outputs. If any of this is outside reasonable bounds,
there
must be failover to a backup method.
My experience is slightly different. More accurately, I think
your experience is too narrow.
Yes, civilian aviation code gets a very high level of scrutiny.
Number's I've heard range from 1:9 to 1:18 ratio between
resources spent writing the code and resources spent testing
it. Code is written to extremely high standards, that relate to
the level of dependency flight safety has on the code.
So, code actually flying the aircraft > code used to display
flight critical information to the pilot > code used to display
information the pilot may depend on > code used to display
generic information.
That last category, BTW, may run Windows and off the shelf
applications.
So that part corroborates Walter's story, BUT
THIS ONLY APPLIES TO CIVILIAN AIRCRAFTS
This level of standard does not apply to:
* Military aircrafts
* Spaceships
* Auto car industry
* Medical equipment
I'm sure there's more
Even drones, until fairly recently (around 2008), were
completely unregulated. I'm talking about huge unmanned flying
platforms, some as big as four seat airplanes.
In some of those fields, things aren't as bad as that. The car
industry is slowly getting better. High financial stakes in the
space field cause caution. The military aviation field is done
by much of the same players as the civilian aviation, and thus
some care is carried over.
As far as regulations go, however, we're screwed.
Shachar
My real world experience differs from yours but probably it comes
down to the organisation you're with and for larger companies
even which group. I've worked in military aviation, commercial
drones for mining and exploration, not military, and medical
devices and it was all heavily regulated software. I haven't come
across too many cowboy outfits. I cannot speak for the other
industries you mention such as automotive.
The problem we face today in medical is not the lack of scrutiny
and regulation but that regulations have not caught up with the
security issues. The latest FDA guidelines address this somewhat
for for pre and post market devices but there are many devices
out there running a full linux with nothing more than SSH
disabled. The majority will still have a root user account and
probably even enable root over serial console.
bye,
lobo
