From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.4 X-Received: by 2002:a24:8343:: with SMTP id d64-v6mr12147193ite.32.1522179679116; Tue, 27 Mar 2018 12:41:19 -0700 (PDT) X-Received: by 2002:a9d:5220:: with SMTP id e32-v6mr2601507oth.3.1522179678931; Tue, 27 Mar 2018 12:41:18 -0700 (PDT) Path: eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!feeder.eternal-september.org!news.unit0.net!peer02.am4!peer.am4.highwinds-media.com!peer02.iad!feed-me.highwinds-media.com!news.highwinds-media.com!199-v6no5404807itl.0!news-out.google.com!d3-v6ni3513itf.0!nntp.google.com!u184-v6no5422704ita.0!postnews.google.com!glegroupsg2000goo.googlegroups.com!not-for-mail Newsgroups: comp.lang.ada Date: Tue, 27 Mar 2018 12:41:18 -0700 (PDT) In-Reply-To: Complaints-To: groups-abuse@google.com Injection-Info: glegroupsg2000goo.googlegroups.com; posting-host=47.185.233.194; posting-account=zwxLlwoAAAChLBU7oraRzNDnqQYkYbpo NNTP-Posting-Host: 47.185.233.194 References: <9ed9edb1-3342-4644-89e8-9bcf404970ee@googlegroups.com> <26a1fe54-750c-45d7-9006-b6fecaa41176@googlegroups.com> <656fb1d7-48a4-40fd-bc80-10ba9c4ad0a4@googlegroups.com> User-Agent: G2/1.0 MIME-Version: 1.0 Message-ID: <0e59a988-ed21-4e45-a2ed-7a51995dbe6c@googlegroups.com> Subject: Re: Killing software and certification (was: Ada-Oriented GUI) From: "Dan'l Miller" Injection-Date: Tue, 27 Mar 2018 19:41:19 +0000 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Received-Bytes: 7096 X-Received-Body-CRC: 3191495048 Xref: reader02.eternal-september.org comp.lang.ada:51216 Date: 2018-03-27T12:41:18-07:00 List-Id: On Tuesday, March 27, 2018 at 1:32:32 PM UTC-5, Alejandro R. Mosteo wrote: > On 23/03/18 10:05, Jeffrey R. Carter wrote: >=20 > > Autopilots have to be certified to DO178B/C. They'll continue to be=20 > > written in Ada and not kill us. > >=20 > > Self-driving cars, though operating in a much more complex environment,= =20 > > don't seem to need any certification, and will probably kill us all. >=20 > I'd like to revisit this point in light of the recent Uber news, but=20 > also let's not forget for example this one which is simpler than fully=20 > autonomous cars: >=20 > https://en.wikipedia.org/wiki/2009=E2=80=9311_Toyota_vehicle_recalls >=20 > I'm not in the industry, and I'd be surprised that unverified software=20 > were allowed to run in civilian environments where failures basically=20 > amount to a very dangerous situation. True, a human driver is still=20 > required to be ready, but let's not be disingenuous about how well that= =20 > can work for several hours of testing/driving. >=20 > After a bit of googling around I see that there are automotive standards= =20 > for certification (the one I see more often mentioned is ISO 26262).=20 > About enforcement, I also read that regulation varies by US state. I=20 > haven't found anything definite about Europe. https://en.wikipedia.org/wiki/ISO/TS_16949 IATF 16949:2016 is the active quality-management regime for the automotive = industry that replaces QS9000 (North-American-only analogue of the aerospac= e industry's AS9000 and the telecom industry's TL9000) and prior ISO 16949 = editions. Just as AS9000 and TL9000 and the predecessor QS9000, IATF 16949= is ISO9001 with some teeth (e.g., transparent publicly-visible anonymized = degree-of-compliance-versus-competitors statistics; effectively the same re= cursive requirements on all subcontractors and suppliers as on the top-leve= l automobile-assembly manufacturer). That said, USA law is effectively an extrapolated variant of pre-1776 Briti= sh common law (with the exceptions of Louisiana which is effectively extrap= olated Napoleon-era French law at the time of the Louisiana Purchase and a = few states that are derivatives of the then Spanish Empire). What that mea= ns is that generally we have a collection of systems of law that demand tha= t companies (and individuals) act responsibly a priori on their own volitio= n to avoid being negligent and thus liable in civil lawsuits that a-posteri= ori-ly claw back money for the cascading ramifications of negligence. In p= articular, most of the USA (neither at the state nor federal nor municipal = levels) has nothing much that resembles socialist system of laws that crimi= nalize noncompliance with (our voluntary-membership industry-/guild-interna= l) regulations. Indeed, being a member of an inferior =E2=80=9Cguild=E2=80= =9D of unwise industry =E2=80=98best practices=E2=80=99 (e.g., joining a no= nrigorous industry-standard organization) or lack thereof is generally not = illegal, hence why Silicon Valley often declares that they follow different= /looser regimes of industry best practices than joining the more rigorous m= odern equivalent of guilds. (I use guild there to call to mind the state o= f British law's thinking in the centuries leading up to 1776.) The primary= laws in that criminalize bad-acts themselves (as opposed to mere civil-law= clawback/fine penalties for perceived negligence) are in the financial/emb= ezzlement domain, not the technical engineering domain (except in the domai= ns regulated by licensed professional engineers providing services directly= to the public). Indeed, compliance as an industry/guild to best practices= in the industry can be almost tantamount to a safe harbor from judgements = in civil-law prosecution, especially when a jury is taught about the compan= y's meticulous adherence to the regime of best practices. Given the existe= nce of that de facto safe harbor in lawsuits, it is unclear why Silicon Val= ley companies tend to abhor joining such quality-management organizations a= nd abhor performing their work under a regime of rigor that would not only = improve their quality but also insulate them to a degree from lawsuits. [I= am not a lawyer; do not rely on these statements in any legalistic way.] In other words, in the USA, our laws are effectively historically libertari= an, not socialist: it is up to the consumer to read the label on a product= to see whether the product has been designed and manufactured in accordanc= e with various voluntary regimes of best-practices in industry-standards (i= .e., the ones that that individual holds dear at a personal level as their = own personal belief system), not on the manufacturer to be forced to join t= hose organizations, not on the management within those companies to obey th= ose industry standards or be prosecuted, not at a one-size-fits-all societa= l level. If you as a consumer buy an inferior-designed product, then it su= cks to be you for not engaging in caveat-emptor/buyer-beware, except to cla= w back wrongs after a mishap/wreck/death/maiming, and except certain catego= ries of consumer goods for children that are more tightly regulated since c= hildren cannot speak for themselves due to being minors.