IRC logs for #trustable for Friday, 2016-12-16

*** ctbruce has quit IRC00:05
*** AlisonChaiken has joined #trustable05:28
*** ctbruce has joined #trustable08:32
*** ctbruce has quit IRC09:13
*** ctbruce has joined #trustable09:23
*** ctbruce has quit IRC09:34
*** ctbruce has joined #trustable09:56
*** laurenceurhegyi has joined #trustable10:42
*** tiagogomes has quit IRC11:04 homepage is missing the tabs which navigate to the other pages11:13
laurenceurhegyifor me, at least. anyone else?11:14
laurenceurhegyiI'm look for the 'Other Projects' page.11:14
*** tiagogomes has joined #trustable11:14
paulsherwoodlaurenceurhegyi: ^^11:32
* paulsherwood will check what happeneed to the tabs11:32
*** laurenceurhegyi has left #trustable11:38
*** laurenceurhegyi has joined #trustable11:40
laurenceurhegyiSome encouraging news - we now have some representation on the C Safety and Security Study Group from folk involved with open source static analysis tools11:41
laurenceurhegyiOne person keen to get on board is a chap names Kostya Serebryany, who works at Google and is involved with both ASAN and MSAN.11:42
laurenceurhegyiAlisonChaiken, it was your comments on here that highlighted these projects to me, so thanks.11:42
laurenceurhegyiI'm currently trying to work out who is involved in UBSAN and see if they're interested in joining.11:43
*** toscalix has joined #trustable13:58
ChrisPolinHi all, I've been working on a basic 'workflow/guideline/System Structure' (for want of a better name) for satisfying the criteria of linking requirements/standard compliance to code and the developer responsible for it. It's very high-level and preliminary, with a lot of gaps to be filled in, but consider it an initial framework and I'm very open to suggestions as to what is feasible and what is not.14:57
laurenceurhegyiBy the end of next week, we need to get to the point whereby we can look at this method / system structure and the requirements and say ‘yes, that’s what we should create, that would be trustable’.14:59
laurenceurhegyiA lot of it is currently theoretical, of course.14:59
*** sambishop has quit IRC16:36
*** ctbruce has quit IRC16:53
AlisonChaikenCool, laurenceurhegyi.17:02
AlisonChaikenWhat puzzles me about the discussion is how we can tell if our methods make a system more trustable.17:03
AlisonChaikenThe topic seems to lack well-defined metrics that I am aware of.17:03
jmacsGood question17:03
AlisonChaikenFor the coming fancy neural-nets stuff, I do think in it's mostly in C++ or Go, not C.17:04
AlisonChaikenI remain a C programmer myself, but for a while I was assigned to the HW group at work, because the real SW engineers consider C to be 'firmware.'17:04
AlisonChaikenBTW, laurenceurhegyi, we're already running the SANs as part of our nightly build.17:21
AlisonChaikenThere are some parts of the code that aren't up to it (did someone mention Qt?), but at least our own code passes.17:22
laurenceurhegyiThat's good to know about running the SANs, AlisonChaiken.17:31
laurenceurhegyiThat's interesting to note re things that aren't being written in C17:32
laurenceurhegyiI think a key thing for the Study Group will be to carefully define and limit the scope of places where it is reasonable to use C for safety-critical software and provide clear guidance about alternatives that would be better for other purposes.17:33
laurenceurhegyiRegarding <AlisonChaiken> The topic seems to lack well-defined metrics that I am aware of.17:34
laurenceurhegyiDo you mean the trustable discussion in general, or the C safety and security study group?17:35
*** toscalix has quit IRC18:00
AlisonChaikenI mean trustable in general.  I'm not trying to criticize anyone.18:05
AlisonChaikenIs there a 'gold standard' for trustability?   What is one metric?18:05
AlisonChaikenI also don't mean to imply C++ is better, but if that's what people use, then trustability needs to include it.18:06
laurenceurhegyiYes, agreed.18:12
laurenceurhegyimetrics is an interesting question indeed18:12
laurenceurhegyiI find myself thinking about the following for software to be trustable:18:13
laurenceurhegyi- we know where it comes from18:13
laurenceurhegyi- we know how to build it18:13
laurenceurhegyi- we can reproduce it18:13
laurenceurhegyi- we know what it does18:13
laurenceurhegyi- it does what it is supposed to do18:13
laurenceurhegyi- we can update it and be confident it will not break or regress18:13
laurenceurhegyiBut they are, of course, not defined metrics. Not yet, anyway.18:13
AlisonChaikenAssuredly testing plays a major role.18:14
AlisonChaikenOff to the office.   BBL.18:15
*** AlisonChaiken has quit IRC18:15
*** tiagogomes has quit IRC18:26
*** AlisonChaiken has joined #trustable18:35
laurenceurhegyiAbsolutely it does. One of the key things we have focused on when creating the 'system structure' which ChrisPolin linked to above is how to provide a traceable link from requirements, through to tests, through to the code itself (and details on who merged the code, when and why), through to deployment (which we actually need to add to that diagram).18:39
laurenceurhegyiIf you have some time, we welcome all feedback on the System Structure.18:40
laurenceurhegyiAnyway, it's 18:40 here, so I'm off home now. Thanks!18:40
*** laurenceurhegyi has quit IRC18:41
AlisonChaikenVery good, I forwarded the link to the System Structure to the manager who's in charge of Functional Safety, and will have a look myself.18:44
*** AlisonChaiken has quit IRC20:38
*** AlisonChaiken has joined #trustable20:41

Generated by 2.17.3 by Marius Gedminas - find it at!