[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ieee] Re: Re: Quick Re: to Dick Johnson's Re: COTS scope




Perhaps this is another example of "IEEE 1583 Specific Terminology" but are we all working from the same definition of "mission critical" here? Who certifies systems (or even components) for "mission critical" use? Lots of people and orginizations do lots of things which are clearly critical to their success on Microsoft OSs.


In previous jobs, I have had to perform maintanence and troublshooting on a couple of Pont of Sale systems that were built on Microsoft OSs using Microsoft Visual Basic and Microsoft Access. These are pretty clearly mission critical to the stores that use them. Some kind of certification probably would not have hurt them, but then probably would not have helped all that much, either.

-andrew

On Fri, 3 Dec 2004 13:01:48 -0500 (EST), Vincent J. Lipsio <Vince@LIPSIO.COM> wrote:

My best understanding (and I may be wrong) is that Diebold software runs
on Windows2000 and that its GEMS software uses Access.  I intended the
"DRE" reference to be generic and to include the voting system and not

Fair enough; however, 1583 does not in any way apply to the GEMS or to anything else that is not at the polling place; therefore, it is simply irrelevant to the COTS scope we are discussing.


Inspection of Windows CE would indeed be a major chore. But without

Which is why it is not used in any mission critical system to the best
of my knowledge. There are commercial RTOSes that are used in such systems,
and their source code has been reviewed so that they could be used in those
systems, and I see RTOSes advertise that they are certified for use in
certain types of systems, but to the best of my knoweldge, no Microsoft
OS has ever been certified for any mission critical use.



inspection, how can we have any assurance that there aren't deliberate
backdoors in the OS, for example?

Even in systems where malicious backdoors are not a concern, standards for critical systems require all source code to be reviewed.


If one of the requirements of the P1583 standard is to accommodate
existing DRE designs, however flawed, we should say so explicitly in
the document.

As with price considerations, as I argued earlier this year: If the purpose is to cap development costs, and that concern may preempt the purposes stated in the scope of 1583, then that, too, should be added to the scope.

Other industries are required to treat COTS as we are proposing and,
unless we are indeed trying to accommodate existing flawed designs,
we should also; else, we should say so, as Dave wrote, explicitly in
the document.


Vince



-- andrewb@votehere.com