[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Race condition...

To: Bob Gustafson <bobgus@xxxxxxx>
Subject: Re: Race condition...
From: Larry Dickson <tjoccam@xxxxxxxxxxx>
Date: Mon, 15 Mar 2010 07:38:46 -0700
Cc: "Marc L. Smith" <mlsmith@xxxxxxxxxxxxx>, occam-com@xxxxxxxxxx, java-threads@xxxxxxxxxx
Delivery-date: Mon, 15 Mar 2010 14:39:23 +0000
Envelope-to: ats@xxxxxxxxxxxxxxxx
In-reply-to: <1268658566.23447.351.camel@xxxxxxxxxxxxxxxx>
List-help: <mailto:sympa@kent.ac.uk?subject=help>
List-id: <java-threads.kent.ac.uk>
List-owner: <mailto:java-threads-request@kent.ac.uk>
List-post: <mailto:java-threads@kent.ac.uk>
List-subscribe: <mailto:sympa@kent.ac.uk?subject=subscribe%20java-threads>
List-unsubscribe: <mailto:sympa@kent.ac.uk?subject=unsubscribe%20java-threads>
References: <464b8e0e1003150552m54daabceh8e6c1154bc02944f@xxxxxxxxxxxxxx> <1268658566.23447.351.camel@xxxxxxxxxxxxxxxx>
Sender: Mailing_List_Robot <sympa@xxxxxxxxxx>

It seems to me we need to educate the regulators and designers. The key is discontinuous response. To test again by doing much the same thing is no test. Example: random keyboard input to

Become fiery ball? [N,y]

where the N means the default answer is "no". That means you have to have a y followed by an Enter to get a fiery ball, which is about a 1 in 6000 chance on an 80-key keyboard. So the retest is unlikely to reproduce the error, but it will kill a lot of people among millions of users.

Once they understand this, the question becomes how to design a continuous response with no exceptions. Answer: not any of the ways that have become standard in the last 20 years. (I just bought an Arduino and looked at its textbook, "Making Things Talk," to get a naive view of how the world of embedded control is trending, and there are ill-defined abstracted layers everywhere.)

Larry Dickson

On Mar 15, 2010, at 6:09 AM, Bob Gustafson wrote:

> Just needs a dose of Formal Methods..
> 
> and/or Model Checking..
> 
> More at http://en.wikipedia.org/wiki/Formal_methods
> 
> Bob G
> 
> On Mon, 2010-03-15 at 08:52 -0400, Marc L. Smith wrote:
>> ...of one kind--or another!    ;-)
>> 
>> Prius Incident Stumps Investigators
>> By REUTERS
>> Published: March 15, 2010
>> http://www.nytimes.com/reuters/2010/03/15/business/business-us-toyota-prius-investigation.html?_r=1&hp
>> 
>> 
>> 
>> 
>> 
>> 
> 
>

References:
- Race condition...
  - From: Marc L. Smith
- Re: Race condition...
  - From: Bob Gustafson

Prev by Date: Re: Race condition...
Next by Date: Communicating Process Architectures 2011 - Call for Papers
Previous by thread: Re: Race condition...
Next by thread: Communicating Process Architectures 2011 - Call for Papers
Index(es):
- Date
- Thread