From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00
	autolearn=unavailable autolearn_force=no version=3.4.4
Path: 
 eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: "Alejandro R. Mosteo" <alejandro@mosteo.com>
Newsgroups: comp.lang.ada
Subject: Killing software and certification (was: Ada-Oriented GUI)
Date: Tue, 27 Mar 2018 20:32:29 +0200
Organization: A noiseless patient Spider
Message-ID: <p9e2nu$t5c$1@dont-email.me>
References: <p8lpr4$bgl$1@dont-email.me> <p8t4t6$1j4v$1@gioia.aioe.org>
 <ea8acda4-bb00-43f5-b826-170bd8e0c2c9@googlegroups.com>
 <p8u168$1ag6$1@gioia.aioe.org>
 <9ed9edb1-3342-4644-89e8-9bcf404970ee@googlegroups.com>
 <p8u5j3$1ise$1@gioia.aioe.org>
 <26a1fe54-750c-45d7-9006-b6fecaa41176@googlegroups.com>
 <p8umk5$shj$1@franka.jacob-sparre.dk>
 <656fb1d7-48a4-40fd-bc80-10ba9c4ad0a4@googlegroups.com>
 <p91fae$3fs$1@franka.jacob-sparre.dk> <p92g02$r91$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Tue, 27 Mar 2018 18:32:30 -0000 (UTC)
Injection-Info: h2725194.stratoserver.net;
 posting-host="31e98aedf601001fedf5100c61aa4cc4";
	logging-data="29868"; mail-complaints-to="abuse@eternal-september.org";
	posting-account="U2FsdGVkX1/XN07xm1oOuUaYhmwgfyIB"
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.6.0
In-Reply-To: <p92g02$r91$1@dont-email.me>
Content-Language: en-US
Cancel-Lock: sha1:WUcOnOtfxoDBa551QFHx4WyjNVo=
Xref: reader02.eternal-september.org comp.lang.ada:51214
Date: 2018-03-27T20:32:29+02:00
List-Id: <comp.lang.ada>

On 23/03/18 10:05, Jeffrey R. Carter wrote:

> Autopilots have to be certified to DO178B/C. They'll continue to be 
> written in Ada and not kill us.
> 
> Self-driving cars, though operating in a much more complex environment, 
> don't seem to need any certification, and will probably kill us all.

I'd like to revisit this point in light of the recent Uber news, but 
also let's not forget for example this one which is simpler than fully 
autonomous cars:

https://en.wikipedia.org/wiki/2009–11_Toyota_vehicle_recalls

I'm not in the industry, and I'd be surprised that unverified software 
were allowed to run in civilian environments where failures basically 
amount to a very dangerous situation. True, a human driver is still 
required to be ready, but let's not be disingenuous about how well that 
can work for several hours of testing/driving.

After a bit of googling around I see that there are automotive standards 
for certification (the one I see more often mentioned is ISO 26262). 
About enforcement, I also read that regulation varies by US state. I 
haven't found anything definite about Europe.

Also, it's not the same software for a drive-by-wire part than for an 
autonomous car.

I'm under the impression that these autonomous car outfits are at the 
time closer to a research environment than to that of a well-established 
industry. I.e., code is produced faster, hence bugs are more likely.

In the end I'm not sure where I want to go with this post. It's simply 
that I find the topic very interesting. If anyone with actual knowledge 
on the status of automotive software certification (or any informed 
ideas) would share some thoughts I'll be eager to read.

Álex.