Hacker News new | ask | show | jobs
by king_magic 2523 days ago
Most software engineers aren’t qualified to have an opinion about the quality of proprietary safety critical software systems that also happen to run against proprietary hardware.

So unless you’ve found an economical way to develop an open source jetliner... honestly, what would be the point of open sourcing safety critical systems to the general public?

I’m not at all saying it should be closed off from external safety inspectors or regulators or anything like that, but I’m not really seeing the value of opening the software up to the general public.
2 comments
adrianN 2523 days ago
You'd be surprised what fraction of a safety critical codebase is just mundane code that anybody can understand with the same amount of effort it takes for "normal" software. The real problem is that most outsiders don't understand the requirements very well (unless you make them public too!), so they can likely only find "simple" code quality issues.
link
king_magic 2522 days ago
That’s essentially my point. Just finding simple code quality issues isn’t going to cut it, especially when you need hundreds of thousands of dollars of hardware to even test the code against.
link
adrianN 2522 days ago
It doesn't hurt either.
link
king_magic 2522 days ago
Open sourcing my MRI scans for the general public to read "doesn't hurt" either. Doesn't mean it's a worthwhile/valuable thing to do.

And I also challenge you on "it doesn't hurt". Consider military adversaries developing targeted attacks against critical infrastructure because it's open sourced.

link
adrianN 2522 days ago
You should assume that military adversaries already have access to the source code. Spies are a thing.
link
king_magic 2522 days ago
So, make it worse by opening it up from the top 5-10 most capable state actors to the next 200?

This just isn’t a good idea. Full stop.

link
Glawen 2522 days ago
Safety critical is by design simple, it is a requirement by the norms to ensure low complexity :)
link
std_throwaway 2523 days ago
Does being qualified grant you access to the code right now? Who decides if you're qualified and if permission is granted?

I assume that currently there's several gatekeepers involved who can shut most independent investigators out.

link
king_magic 2522 days ago
I still really just don’t get where you’re going with this. You’d need hundreds of thousands of dollars worth of hardware to even test these kinds of software systems.

Simply reading the code isn’t going to help you find critical safety flaws.

link