Linux is not reliable enough?

Mark Chambers markc at mail.com
Wed Jul 28 01:20:09 EST 2004


Hah! I'm breaking my promise!  See below.

> Mark,
>
> A couple of comments on your comments (sorry for keeping this going).
>
> > One point I was trying to make is that assuming the underlying hardware
> > is good, all software is theoretically perfect.
>
> I can't imagine this statement being true.  It's true that if the hardware
> is bad, the software may not operate correctly, but the converse isn't
true.
> The following code is incorrect, regardless of the state of the hardware
it
> runs on:
>
>   int a[100], b = 123;
>   a[b] = 0;
>
> I guess I'm taking exception to your use of the phrase "all software".
>
>

What I mean is, if &a = 0x10000, then a[b] will always write 0 to 0x101ec.
That may not be smart, may not be what you intended to do, but the uP will
always do the exact same thing.  (Does this mean 'C' is unreliable because
it lets you do things like that?)

> > That is, given the same set of input conditions it will always produce
> > the same output.
>
> If ...
>
> 0. Asynchronous interrupts are enabled, or
> 1. Your code reads an A/D converter and acts on that data, or
> 2. Your code acts on operator input, or
> 3. One of several other normal situations hold,
>
> then this statement, while true, just doesn't apply. In my experience,
> real-world situations that allow the assumption of software determinism
> are remarkably rare.
>

Yes, but they are different input conditions then.

>
> Ultimately what were talking about here is: who has to be convinced of
> the reliability of the chosen OS?  I personally spent many years
> designing and deploying hospital-grade medical monitors.  If human
> life is at stake, there are regulatory agencies looking over your
shoulder.
>
> In the medical business, there is our own FDA as well as a number of other
> agencies (including the German TUV (IMHO the toughest taskmaster of
> them all)).  You simply aren't going to sell your device until you get
> approval from the appropriate regulatory agency. It is the regulatory
> agencies you need to convince.
>
> What the agencies are looking for in your submission for approval to
> sell your device is extensive test data that your company is willing
> assert is accurate and that demonstrates this reliability.  This is
> a huge task.  So, what you do is "pass the buck."  You find a vendor
> of a commercial OS that already has done this testing and you include
> their test data (and their assertions) in your submission to the
> regulatory agencies.
>
>

I agree completely, and I think you're making my point, that some sort of
instrinsic reliability isn't the real issue, rather what tools you need to
get the job done.

> I suppose I've wandered a bit off-topic here, but it seemed relevant.
>

Sure, it's fun, and we could go round and round until we get real jobs :-)

> Regards,
> Charlie
>
>


** Sent via the linuxppc-embedded mail list. See http://lists.linuxppc.org/





More information about the Linuxppc-embedded mailing list