 | | From: | kevin | | Subject: | Importance of Safety in a real time operating system | | Date: | 12 Jan 2005 10:11:25 -0800 |
|
|
 | I'm currently studing for exams and have come accross a re-occuring
question regarding the Importance of Safety in a real time operating
system. The notes i have from the lectures are terrible. Can anybody
give me an answer as to why safety is an important aspect of a RTOS? I
know the questions sounds embarrassingly simple but all the topics i
have found online arwe either too short or too specific. Any help would
be great
Regards.
kevin
|
|
| | From: | Ed Skinner | | Subject: | Re: Importance of Safety in a real time operating system | | Date: | Wed, 12 Jan 2005 16:13:54 -0700 |
|
|
| And don't forget defense systems where "safety" would, in addition to
the obvious, also need to include the ability to prevent infiltration
attempts of the system that might be intended for its destruction, its
subversion to a different purpose (such as attacking the defenders or,
more interestingly, non-combatants for the purpose of smearing the
defenders), or possibly to clandestinely insert erroneous or misleading
information as a distraction or misdirection.
|
|
| | From: | Paul E. Bennett | | Subject: | Re: Importance of Safety in a real time operating system | | Date: | Thu, 13 Jan 2005 01:11:01 +0000 |
|
|
| Ed Skinner wrote:
> And don't forget defense systems where "safety" would, in addition to
> the obvious, also need to include the ability to prevent infiltration
> attempts of the system that might be intended for its destruction, its
> subversion to a different purpose (such as attacking the defenders or,
> more interestingly, non-combatants for the purpose of smearing the
> defenders), or possibly to clandestinely insert erroneous or misleading
> information as a distraction or misdirection.
I have always considered Safety and Security as extremely close allies.
--
********************************************************************
Paul E. Bennett ....................
Forth based HIDECS Consultancy .....
Mob: +44 (0)7811-639972 .........NOW AVAILABLE:- HIDECS COURSE......
Tel: +44 (0)1235-811095 .... see http://www.feabhas.com for details.
Going Forth Safely ..... EBA. www.electric-boat-association.org.uk..
********************************************************************
|
|
| | From: | Bjorn Reese | | Subject: | Re: Importance of Safety in a real time operating system | | Date: | Thu, 13 Jan 2005 22:14:00 +0100 |
|
|
| Ed Skinner wrote:
> And don't forget defense systems where "safety" would, in addition to
> the obvious, also need to include the ability to prevent infiltration
> attempts of the system that might be intended for its destruction, its
I think you may be talking about "security" here.
Usually "safety" is about protecting the outside world against harm done
by the system, and "security" is about protecting the system against
harm done by the outside world.
--
mail1dotstofanetdotdk
|
|
| | From: | Armin Steinhoff | | Subject: | Re: Importance of Safety in a real time operating system | | Date: | Fri, 14 Jan 2005 11:44:38 +0100 |
|
|
| Bjorn Reese wrote:
> Ed Skinner wrote:
>
>> And don't forget defense systems where "safety" would, in
>> addition to
>> the obvious, also need to include the ability to prevent infiltration
>> attempts of the system that might be intended for its destruction, its
>
>
> I think you may be talking about "security" here.
>
> Usually "safety" is about protecting the outside world against harm done
> by the system,
How can a _military_ system be safety? Its purpose is to harm others :)
and "security" is about protecting the system against
> harm done by the outside world.
>
|
|
| | From: | Paul E. Bennett | | Subject: | Re: Importance of Safety in a real time operating system | | Date: | Fri, 14 Jan 2005 20:49:42 +0000 |
|
|
| Armin Steinhoff wrote:
>
> How can a _military_ system be safety? Its purpose is to harm others :)
The considerations here are to do with intentions of the rightful
owner/user. The system, although it prime purpose is in the intention to do
a great deal of harm to people, it should do no harm to those that are its
users/operators/owners.
On the aspect of security for Safety Critical Systems, the medical records
in a hospital should be secure against un-authorised alterations and any
alterations made really should be logged in a tamper proof way. Nice
scenario in a UK TV drama* this week explores the problems that can occur
when such systems are not secure (and it is very frightening).
* "The Commander" UK ITV1 Mondays 21:00hrs.
--
********************************************************************
Paul E. Bennett ....................
Forth based HIDECS Consultancy .....
Mob: +44 (0)7811-639972 .........NOW AVAILABLE:- HIDECS COURSE......
Tel: +44 (0)1235-811095 .... see http://www.feabhas.com for details.
Going Forth Safely ..... EBA. www.electric-boat-association.org.uk..
********************************************************************
|
|
| | From: | Everett M. Greene | | Subject: | Re: Importance of Safety in a real time operating system | | Date: | Fri, 14 Jan 2005 09:28:05 PST |
|
|
| Armin Steinhoff writes:
> Bjorn Reese wrote:
> > Ed Skinner wrote:
> >
> >> And don't forget defense systems where "safety" would, in
> >> addition to
> >> the obvious, also need to include the ability to prevent infiltration
> >> attempts of the system that might be intended for its destruction, its
> >
> >
> > I think you may be talking about "security" here.
> >
> > Usually "safety" is about protecting the outside world against harm done
> > by the system,
>
> How can a _military_ system be safety? Its purpose is to harm others :)
But not harm the users. In naval shipboard systems, the
captain doesn't want to look out the window and be staring
at the business end of one of his weapons.
> and "security" is about protecting the system against
> > harm done by the outside world.
|
|
| | From: | Paul Keinanen | | Subject: | Re: Importance of Safety in a real time operating system | | Date: | Sat, 15 Jan 2005 16:09:10 +0200 |
|
|
| On Fri, 14 Jan 2005 09:28:05 PST, mojaveg@mojaveg.iwvisp.com (Everett
M. Greene) wrote:
>> How can a _military_ system be safety? Its purpose is to harm others :)
>
>But not harm the users. In naval shipboard systems, the
>captain doesn't want to look out the window and be staring
>at the business end of one of his weapons.
Many military systems are more or less active in peace time (at least
in military exercises) and you do not want to hurt outsiders. It would
be quite bad if you hit a passenger ship by mistake or fire 180
degrees in the wrong direction due to a sign error.
A malfunctioning military system could be interpreted as a provocation
and even start a war. What might have happened, if during the Cold War
a missile would have been launched by mistake against the enemy...
Paul
|
|
| | From: | Paul E. Bennett | | Subject: | Re: Importance of Safety in a real time operating system | | Date: | Wed, 12 Jan 2005 21:57:03 +0000 |
|
|
| kevin wrote:
> I'm currently studing for exams and have come accross a re-occuring
> question regarding the Importance of Safety in a real time operating
> system. The notes i have from the lectures are terrible. Can anybody
> give me an answer as to why safety is an important aspect of a RTOS? I
> know the questions sounds embarrassingly simple but all the topics i
> have found online arwe either too short or too specific. Any help would
> be great
It rather depends on the application. If your RT system is to be in control
of moving machinery, high energy systems, medical databases, medical
devices, space-craft, or things of that nature, then safety will be a
concern.
You will need to identify the system hazards, evaluate the level of risk
they present and take mitigating steps to ensure that the level of risk is
minimised. Not all the mitigation can be achieved in the software so the
safety assessment is always going to be a whole system consideration. See
IEC61508 (parts 1 to 7) for the generic standard and guidance on the topic.
--
********************************************************************
Paul E. Bennett ....................
Forth based HIDECS Consultancy .....
Mob: +44 (0)7811-639972 .........NOW AVAILABLE:- HIDECS COURSE......
Tel: +44 (0)1235-811095 .... see http://www.feabhas.com for details.
Going Forth Safely ..... EBA. www.electric-boat-association.org.uk..
********************************************************************
|
|
| | From: | John Perry | | Subject: | Re: Importance of Safety in a real time operating system | | Date: | Thu, 13 Jan 2005 09:17:13 -0500 |
|
|
|
kevin wrote:
> I'm currently studing for exams and have come accross a re-occuring
> question regarding the Importance of Safety in a real time operating
> system.
I guess it's time for someone to state explicitly what several others
have implied:
"Safety has nothing to do with an RTOS -- it has only to do with an
application."
This is not to say that an RTOS cannot be used in a safety-critical
application. Specially designed RTOS's are used in quite a few. But
designers of many safety-critical applications (as several in this
community are prone to emphasize) refuse to have anything to do with any
RTOS -- even the high-integrity variants.
The notes i have from the lectures are terrible. Can anybody
> give me an answer as to why safety is an important aspect of a RTOS? I
> know the questions sounds embarrassingly simple but all the topics i
> have found online arwe either too short or too specific. Any help would
> be great
Now, as to whether this answer is acceptable to your professor... :-)
> Regards.
> kevin
>
|
|
| | From: | Stephen Pelc | | Subject: | Re: Importance of Safety in a real time operating system | | Date: | Thu, 13 Jan 2005 20:55:59 GMT |
|
|
| On Thu, 13 Jan 2005 09:17:13 -0500, John Perry wrote:
>"Safety has nothing to do with an RTOS -- it has only to do with an
>application."
>
>This is not to say that an RTOS cannot be used in a safety-critical
>application. Specially designed RTOS's are used in quite a few. But
>designers of many safety-critical applications (as several in this
>community are prone to emphasize) refuse to have anything to do with any
>RTOS -- even the high-integrity variants.
Several of our clients have used Paul Bennetts methods for
safety critical systems, including an anaesthetic ventilator.
My company, MPE, has developed tools to produce US FDA quality
documentation and test files for this directly from the
application source files.
We use a simple multi-tasker within this system, and no
objections to it have been raised. I think that the real
issue here is whether or not you have the full source code
for *everything* on the target system. If you have the
source code, you can perform the same quality control on
it as you can on the application code.
Much to my initial suprise, at least for FDA approval, the
key issue in the cross compiler was how long it had been
available and in which application domains. It seems that
stability is considered adequate in a compiler. That having
been said, one of our compiler has been validated for FDA
approval.
Stephen
--
Stephen Pelc, stephenXXX@INVALID.mpeltd.demon.co.uk
MicroProcessor Engineering Ltd - More Real, Less Time
133 Hill Lane, Southampton SO15 5AF, England
tel: +44 (0)23 8063 1441, fax: +44 (0)23 8033 9691
web: http://www.mpeltd.demon.co.uk - free VFX Forth downloads
|
|
| | From: | Everett M. Greene | | Subject: | Re: Importance of Safety in a real time operating system | | Date: | Thu, 13 Jan 2005 10:36:34 PST |
|
|
| John Perry writes:
> kevin wrote:
> > I'm currently studing for exams and have come accross a re-occuring
> > question regarding the Importance of Safety in a real time operating
> > system.
>
> I guess it's time for someone to state explicitly what several others
> have implied:
>
> "Safety has nothing to do with an RTOS -- it has only to do with an
> application."
>
> This is not to say that an RTOS cannot be used in a safety-critical
> application. Specially designed RTOS's are used in quite a few. But
> designers of many safety-critical applications (as several in this
> community are prone to emphasize) refuse to have anything to do with any
> RTOS -- even the high-integrity variants.
>
> > The notes i have from the lectures are terrible. Can anybody
> > give me an answer as to why safety is an important aspect of a RTOS? I
> > know the questions sounds embarrassingly simple but all the topics i
> > have found online arwe either too short or too specific. Any help would
> > be great
>
> Now, as to whether this answer is acceptable to your professor... :-)
Correct. The first rule for taking tests is to give the
answer the professor expects (which is not always the
"correct" answer, especially in the arts and soft sciences).
Off-the_wall thought: Can today's students use the opinions
of n Usenet posters as evidence of error in something they've
been told by a teacher? Or does it have to be >x% of posters
think the teacher's wrong?
|
|
| | From: | Mark H Johnson | | Subject: | Re: Importance of Safety in a real time operating system | | Date: | Wed, 12 Jan 2005 15:22:46 -0600 |
|
|
| kevin wrote:
> I'm currently studing for exams and have come accross a re-occuring
> question regarding the Importance of Safety in a real time operating
> system. The notes i have from the lectures are terrible. Can anybody
> give me an answer as to why safety is an important aspect of a RTOS? I
> know the questions sounds embarrassingly simple but all the topics i
> have found online arwe either too short or too specific. Any help would
> be great
The "importance of safety" in an RTOS is directly related to the
"importance of safety" of the overall application. I have built a LOT of
RT applications but none have "safety critical" software. So, for that
set of applications, the importance of safety is pretty low.
That does not mean there are not RT applications (and thus RT OS's)
where safety is of high importance. What comes to mind include:
- flight control software on "unstable" aircraft (those that are
unstable without the active flight control system)
- control loading systems where the hardware has sufficient torque to
injure the operator
- computerized medical devices where the dose is controlled by the
computer
and so on. If the computer (or its software) fails to operate properly,
people can be injured or killed.
--Mark
|
|
| | From: | TC | | Subject: | Re: Importance of Safety in a real time operating system | | Date: | Tue, 18 Jan 2005 01:33:54 GMT |
|
|
|
"Mark H Johnson" wrote in message
news:HygFd.7$sc5.0@dfw-service2.ext.ray.com...
> kevin wrote:
>
>> I'm currently studing for exams and have come accross a re-occuring
>> question regarding the Importance of Safety in a real time operating
>> system. The notes i have from the lectures are terrible. Can anybody
>> give me an answer as to why safety is an important aspect of a RTOS? I
>> know the questions sounds embarrassingly simple but all the topics i
>> have found online arwe either too short or too specific. Any help would
>> be great
>
> The "importance of safety" in an RTOS is directly related to the
> "importance of safety" of the overall application. I have built a LOT of
> RT applications but none have "safety critical" software. So, for that set
> of applications, the importance of safety is pretty low.
>
> That does not mean there are not RT applications (and thus RT OS's) where
> safety is of high importance. What comes to mind include:
> - flight control software on "unstable" aircraft (those that are unstable
> without the active flight control system)
> - control loading systems where the hardware has sufficient torque to
> injure the operator
> - computerized medical devices where the dose is controlled by the
> computer
> and so on. If the computer (or its software) fails to operate properly,
> people can be injured or killed.
>
> --Mark
>
The aha moment for me was when an ABB Program Manager explained safety like
this..."Think about designing a system that controls the movement of a 40
ton crucible of molten steel ... "
TC
|
|
| | From: | Markus Heinz | | Subject: | Re: Importance of Safety in a real time operating system | | Date: | Fri, 14 Jan 2005 00:37:07 +0100 |
|
|
| Hello,
On 12 Jan 2005 10:11:25 -0800
"kevin" wrote:
> I'm currently studing for exams and have come accross a re-occuring
> question regarding the Importance of Safety in a real time operating
> system. The notes i have from the lectures are terrible. Can anybody
> give me an answer as to why safety is an important aspect of a RTOS?
Maybe some of the MELODY papers at [1] can shed some light on this
issue. MELODY aims to be a realtime operating system for safety critical
systems.
[1] http://ls3-www.cs.uni-dortmund.de/Melody/pub.html.en
Regards,
Markus
--
Visit my homepage: http://home.arcor.de/markusheinz/
|
|
