• FizzyOrange
    link
    fedilink
    arrow-up
    8
    arrow-down
    1
    ·
    1 day ago

    you can say that without a spec as well but what does “wrong” mean then? It just means you personally disagree with its behavior.

    Nope. Specs can have bugs. Here are the bugs in the C++ spec for example:

    https://www.open-std.org/jtc1/sc22/wg21/docs/cwg_toc.html

    As I said, specifications are useful and desirable, but the SIL’s dogmatic “no spec = unsafe” is clearly not based in reality.

    • copacetic@discuss.tchncs.de
      link
      fedilink
      arrow-up
      5
      ·
      1 day ago

      In SIL world, the C++ issues would not be considered bugs but maybe change requests.

      The SIL philosophy (as far as I know it from ASIL) is “unsafe unless convinced otherwise”. That seems like a good idea when the lifes of humans are on the line. Without a spec how would you argue that a system/product is safe?

      (Aside: Software in itself cannot be safe or unsafe because without hardware it cannot do anything. Safety must be assessed holistically including hardware and humans.)