Saturday, December 24, 2011

Using Compile Time Assertions to create better code

In my last entry, ISO releases new standard for the C language, I lamented how the C++11 standard has static_assert() and C11 has _Static_assert(), to give compile time assertions.

Static Assertions are also known as Compile Time Assertions. Their use allows us to put compile time check in our source files, that cause the compilation process to stop if the assertion is not valid. The alternative is to check conditions at run-time incurring performance costs, or having detectable bugs crashing our systems. What if you want to use Static Assertions on compilers that are not up to the latest, just released, standards? You use code that will always fail to compile such as:

int main( void )
 int a[ -1 ]; /* Should always fail to compile */

From an exchange David Brown and I had on the AVR-GCC list, we came up with the following:

 * Compile Time Assertion:
 *  Usage: STATIC_ASSERT( (msg_count > last_msg), To_Many_Messages_Defined_for_array_size );
 *  STATIC_ASSERT( 1 == 2, One_Not_Equal_To_Two ); that looks like:
 *   assertion_failed_at_line_767_One_Not_Equal_To_Two

#define STATIC_ASSERT_NAME_(line,message)  STATIC_ASSERT_NAME2_(line,message)
#define STATIC_ASSERT_NAME2_(line,message) assertion_failed_at_line_##line##_##message
#define STATIC_ASSERT(claim, message) \
       typedef struct { \
         char STATIC_ASSERT_NAME_(__LINE__,message) [(claim) ? 1 : -1]; \
       } STATIC_ASSERT_NAME_(__LINE__,message)

Admittedly it is a bit of a kludge, however it is still better than letting known issues make it into working code. The native compiler versions should be used when they exist. For example I use the above code myself to detect when an enumerated value list is about to overflow the size of a 8-bit byte:

enum MessagesTag{
STATIC_ASSERT( Messages_Last >= 255U, Messages_No_Longer_Fits_In_Byte );

Some unsuspecting person, such as a future Me, could add a number of Messages over the years, and not realize there are now to many for the code to operate correctly.

For more information on compile time assertions check out:

ISO releases new standard for the C language

As a Christmas Present to all, the International Organization for Standardization (ISO) has published the new specifications for the C programming language, ISO/IEC 9899:2011. All for the whopping low price of $300!

Drafts of what has become known as C1X have been available for free up to now. This is the last free draft that I know of:

So far the critiques of the new standard have been unkind, and I'll add my own on the new Static Assertions; also known as Compile Time Assertions. The C1X standard gives Static Assertions, called _Static_assert:

6.7.10 Static assertions


1: static_assert-declaration: _Static_assert ( constant-expression , string-literal ) ;

While the C++0X standard, released as ISO/IEC 14882:2011, calls the same function static_assert (all lower case, no leading underscore):

"In a static_assert-declaration the constant-expression shall be a constant expression (5.19) that can be contextually converted to bool (Clause 4). If the value of the expression when so converted is true, the declaration has no effect. Otherwise, the program is ill-formed, and the resulting diagnostic message (1.4) shall include the text of the string-literal, except that characters not in the basic source character set (2.3) are not required to appear in the diagnostic message.
[ Example: static_assert(sizeof(long) >= 8, "64-bit code generation required for this library."); -end example ]"

Is it really to much to ask for these two groups to actually communicate with each other?

Thursday, December 22, 2011

Spoof Me Not Anti-GPS Spoofing Technique

As a brief follow up to my Was GPS spoofing used to bring down a drone? entry, I wanted to point out an article in the December 2011 issue of GPS World Magazine, on how one of the ways to mitigate spoofing:

Low-Complexity Spoofing Mitigation by Saeed Daneshmand, Ali Jafarnia-Jahromi, Ali Broumandan, Gérard Lachapelle.

Tuesday, December 20, 2011

Distracted Pilots?

I've covered Distracted Drivers, and Distracted Doctors so far. I don't want to leave out the potential for Distracted Pilots.

The Allied Pilots Association requested from the FAA permission to use iPADs and similar tablets in the cockpit to replace what are known as "Electronic Flight Bags (EFBs)". The FAA granted permission to conduct a six month long feasibility test.

While the goal of replacing heavy and bulky, and out of date as soon as they are printed, paper charts and other required documents, is admirable. I have to wonder what the unintended consequences will be. Paper is simply not prone to spreading electronic virus, and is somewhat limited in what you can do with it as far as distractions go (Paper Airplanes in the Airplane?). The batteries in paper also never go dead.

It is also not clear if this is a case of Bring Your Own Device (BYOD) to work, with who knows what applications are loaded, or a locked down company supplied device from the information I could find.

On the upside maybe a iWhatsIt can be pressed into service when the autopilot fails...

Monday, December 19, 2011

Distracted Doctoring better or worse than Distracted Drivers?

If you thought distracted drivers were bad, what about distracted doctors? As Doctors Use More Devices, Potential for Distraction Grows, from the New York Times.

..."My gut feeling is lives are in danger," said Dr. Papadakos, who recently published an article on "electronic distraction" in Anesthesiology News, a journal. [Electronic Distraction: An Unmeasured Variable in Modern Medicine; November 2011 Volume: 37:11.] "We’re not educating people about the problem, and it’s getting worse."...

I find it a bit ironic that it was my code that created the first electronic prescription. Was it the first electronic doctor distraction too?

Collectively, you and I are creating this 'distraction' mess with the various Embedded System Widgets we make. Anything we can do about it?

Sunday, December 18, 2011

Will the MBEDDR Project save us from using C?

I came across the MBEDDR Project, last night, that seems like it might have some promise to add modern programming practices, such as Closures, Functional Programming, Modules, and others, to C language based embedded systems.

The MBEDDR Language uses JetBrains' Meta Programming System, which is an open source projectional language, as a compiler for the MBEDDR language, that ultimately produces C code to be compiled with your current C compiler.

I have lots of questions myself on this project at this point, such as how easy will it be to get directives like FLASH (IAR) or PROGMEM (AVR-GCC) in the right place? Will it do the Right Thing with volatile? They are also not sure they will open source all of the code; Will they hold back some needed part (FAQ says they might)? Will the code fit in the parts I want to use? At this point it is worth watching and maybe playing with what is currently avaiable.

The project has released code under the Eclipse Public License 1.0. My June 19, 2010 blog entry, I'm Scared, covers my view of Eclipse. It is not a kind one. With Oracles removing its Java from Linux I can't see things improving in the Java area. Any Java code I've ever tried to use has been slow and buggy.

Was GPS spoofing used to bring down a drone?

In my March 23, 2010 blog entry, Politicians replace Air Traffic Control RADAR with GPS, I asked this question:

"Who will be the first Bad Guy to spoof a plane into the ground?"

That question may have now been answered: Iran hijacked US drone, says Iranian engineer:

"...Iranian specialists then reconfigured the drone's GPS coordinates to make it land in Iran at what the drone thought was its actual home base in Afghanistan... 'The GPS navigation is the weakest point', the Iranian engineer told the Monitor, giving the most detailed description..."

The drone in question was a RQ-170 Sentinel.

Published in the Proceedings of the 18th ACM conference on Computer and Communications Security we can find the details of the attack vector that may have been used: On the Requirements for Successful GPS Spoofing Attacks by Nils Ole Tippenhauer, Christina Popper, Kasper B. Rasmussen, and Srdjan Capkun.

I've covered how we are becoming to dependent on GPS, and other problems of GPS in the past, alas I expect there will be more GPS issues in the future. GPS is a useful technology, however we must never lose sight of the vulnerabilities that it opens our Embedded Systems up to when we design it into our widgets:

Thursday, December 15, 2011

Will banning Cell Phones in vehicles cause more crashes? Data supports that...

The National Transportation Safety Board has purposed banning the use of Cell Phones in vehicles; No call, no text, no update behind the wheel: NTSB calls for nationwide ban on PEDs while driving.

Problem here is the existing data says this will make the problem worse, as I explained over a year ago (Wish I could learn to capitalize on such foresight happens to me all the time):

"In the Law of Unintended Consequences the site Insurance Institute for Highway Safety, Highway Loss Data Institute, tells us in their September 28th, 2010 report that, Texting bans don't reduce crashes; effects are slight crash increases because the Texter is trying harder to hide what they are doing, becoming even more distracted." --- Emergency Broadcast Alerts coming to your Cell Phone, baning of Mobile Cell Phones, baning of parental rights...

Saturday, December 3, 2011

Animals as Earthquake sensors. Do dogs have precognition?

Ever since the March 2011 Earthquake in Japan that significantlydisrupted the Embedded Supply Chain, I have been fascinated by watching the real time seismology reports from various places around the world, such as The European-Mediterranean Seismological Centre (EMSC) that covers Europe, and the these two U.S. Geological Survey (USGS) sites: Latest Earthquakes in the World - Past 7 days and Latest Earthquakes M1.0+ in the USA - Past 7 days. The USGS says that Earthquakes must be in at least the 2.5 to 3.0 range and above to be felt by humans.

There is also the Volcano Live site, as there is significant correlations between Volcanoes and Earthquakes in regions that have both.

More importantly than just watching the numbers as they are happening, would be a way to know when they are coming in advance. At the first of the month [Dec/2011] Victoria Gill published the article How animals predict earthquakes, that makes reference to the 2010 study Predicting the unpredictable; evidence of pre-seismic anticipatory behaviour in the common toad by R. A. Grant and T. Halliday, published in the Journal of Zoology. This brought to my mind the conversation I heard my Mother telling my Niece over the Thanksgiving Holiday, about my late dog Diamond.

Picture of my dog Diamond

My late father had some chronic heart problems from an industrial accident that burned his lungs in the Steel Industry years ago. He said Diamond, our eight year old dog at the time, saved his life. Alas we had to euthanize her due to liver cancer. Sad.

Apparently Dad had not been feeling well. He actually told Mom to take him to the hospital that morning, but then changed his mind. I knew nothing about this.

That night Diamond started behaving very oddly, unlike anything she had ever done. She kept pawing and whimpering at me, which she just did not do. She took me to the telephone and sat down, continuing to whimper.

For some reason I had the feeling I should call my parents. I got their answering machine. I left a message saying how Diamond was behaving, and asked them if every thing was okay at their place. Out of character for me as well, I've never felt the need to check up on them before. They frequently ate Sunday dinner at my Uncles so there was nothing unusual about them not being home right then.

When they got home about forty-five minutes later, Dad called. He said he was going to the hospital. Dad told Mom "that the Dog knows better than I do. Take me to the hospital."

He told me that Diamonds behavior had scared him in to going to the emergency room. They told him that he had a silent heart attack. One that has none of the classic symptoms. [I once had a classmate that thought he had the flu. The next morning Max was dead of a heart attack. None of us recognized the symptoms. Do NOT assume you know the symptoms of heart problems, find out the many things they can be.]

Diamond calmed right down after the phone call and was fine after that, never to repeat that behavior again.

We were told Dad would not have made morning if it was not for Diamond. Diamond got him almost an other eight years.

Dad always called Diamond his 'Grand-doggie' as we don't have any kids to be grand-children. She loved it when he itched her ears, seems no one else did it as well. We live sixty miles from parents. How did Diamond sense anything at that distance?

Perhaps my personal experience is unconvincing, however others have looked at such phenomena in the past, such as Rupert Sheldrake in his study: Dogs That Know When Their Owners Are Coming Home.

If you are still skeptical get yourself a copy of Mind Machines You Can Build by G. Harry Stine. If the simple devices do not work for you (unlikely), they probably will work for your younger children. From around the time that a child becomes sentient around two to three years of age, to about the age of seven, they exist in a predominately dream like state of Alpha Brain Waves.

The point that I'm truly trying to make with this blog entry is summed up by Sheldrake:

"Science as it's usually practiced is too narrow. At any given time, science works within a paradigm or model. Things that don't fit in are anomalies. There are a lot of things that scientists can't explain, and I believe we can learn the most by studying them."

Our instruments only measure the things that we know how to measure, the true question comes down to How did Diamond know? Now do we make such instruments...

Sunday, November 27, 2011

20th International Obfuscated C Code Contest opens online this week

This week [2011-Dec-1] the 20th International Obfuscated C Code Contest, starts taking online submissions.

What is the IOCCC?:

To write the most Obscure/Obfuscated C program under the rules below.
  • To show the importance of programming style, in an ironic way.
  • To stress C compilers with unusual code.
  • To illustrate some of the subtleties of the C language.
  • To provide a safe forum for poor C code. :-)
To translate that, what they mean is they want the hardest possible to read and understand program written in the C language, that is written that way on purpose. No one wants to see your Boss's code that just happens to come out that way.

I know one prominent author in the Embedded Space that mentions the IOCCC, but they never supply a link to it, as they think it is a bad example of how to do Embedded Systems. Obviously I disagree with that as I already gave you the link above.

The reason I disagree, is that the IOCCC usually exploits one of the many problems that those whom are unaware of them could stumble into. I see it as, that if you see how the problem area of the code is being exploited, you will be more likely to remember to never do it that way in your own code.

IOCCC is also a good stress test for any of your software analysis tools, such as Lint, or MISRA compliance suite.

Somewhat related is Gimple Software, maker of my favorite Lint tool, Bug of the Month challenge. They give you a short C program and you have to find the bug in it. Ever wonder why it is called 'Lint'? Because it is nitpicky!

To make IOCCC code at least look readable, won't help with understanding it much, run it through Artistic Style or Indent. Indent is the simplest to use, AS is the most configurable to get the code to look they way you like to see it. Any code I get from someone I run through AS to get a consistent style, such as the brackets on lines by themselves, and consisting indenting.

Let me know what code you submit, or better yet when you win...

Sunday, October 30, 2011

Is your supply chain under water? Flooding in Thailand

As reported by CBC News a third of Thailand is submerged underwater; Bangkok escapes worst of Thailand flooding.

You may be wondering what this has to do with Software Safety or Embedded Systems. Alas our supply chains are now global, be it Earthquakes (Europe monitoring stations, US World Monitoring, Small daily US Quakes [Did you know Arkansan has more daily earthquakes than California?]), Volcanoes (will the Super Volcano Uturuncu be blowing its top anytime soon?), or Flooding around the world, our ability to get parts to build our widgets suffers along with the effected people of the region whom should always come first.

Places like Benchmark Electronics, Toyota, Rohm (Will a simple resistor stop you from shipping your widget?), and Toshiba; Toshiba Semiconductor (Thailand) Co., Ltd. "Damage status: The water is 3 meters high on the site and the surrounding area and approximately 1.5 meters deep in the buildings. Facilities are damaged but no employees have been injured in the factory.", Toshiba Storage Device (Thailand), Co., Ltd. "Damage status: The water is 2 meters high on the site and the surrounding area and more than 1 meter deep in the buildings. Facilities are damaged but no employees have been injured in the factory." - This one is already having a ripple effect on hard-disk prices and supply shortages. Many other places have also been effected.

Worries of disease and chemical contamination of the water are starting, as people are beginning to develop skin rashes.

Natural or man-made EMP attack on the horizon?

About this time last year I published Scientists, Politicians Take Electromagnetic Pulse (EMP) Threat Seriously. Human Exposure to EM Fields. There have been a few events relating to EMP that have transpired over the last year, that I wanted to bring to your attention.

First of all to bring to your attention is Dr. Peter Vincent Pry, a former CIA weapons expert, forty five minute long podcast, on both natural and man-made EMP threats.

Secondly Dr. Pry's site, EMPACT America is a bipartisan, non-profit (with IRS 501(c)4 status) organization for citizens concerned about protecting the American People from a nuclear or natural electromagnetic pulse (EMP) catastrophe.
"The EMP Commission and the National Academy of Sciences warn that a catastrophic EMP event can also occur naturally, from a great geomagnetic storm, with effects virtually identical to those of a nuclear EMP attack, and that such a storm is inevitable, occurring every century or so. Great geomagnetic storms have occurred in the past, but not since the advent of the modern electronic age. Some scientists estimate that the world is overdue for a great geomagnetic storm, that could occur during the next cycle of solar activity, in 2012."
There are a couple items before the politicians, whom are playing political games with our future, that you need to spend some time studying: SHEILDAct, also known as H.R. 668,see below, and Guard The Grid. Give your political representative a call, and tell them to stop screwing around.

H.R. 668:


    This Act may be cited as the 'Secure High-voltage Infrastructure for Electricity from Lethal Damage Act' or the 'SHIELD Act'.


    The Congress makes the following findings:
      (1) According to the Report of the Commission to Assess the Threat to the United States from Electromagnetic Pulse Attack (in this Act referred to as the 'EMP Commission Report'), the society and economy of the United States are 'critically dependent upon the availability of electricity.'.
      (2) According to the EMP Commission Report, 'continued electrical supply is necessary for sustaining water supplies, production and distribution of food, fuel, communications, and everything else that is part of our economy'.
      (3) According to the EMP Commission Report, 'contemporary U.S. society is not structured, nor does it have the means, to provide for the needs of nearly 300 million Americans without electricity.'.
      (4) According to the EMP Commission Report, due to the existing electrical system operating at or near its physical capacity, `a relatively modest upset to the system can cause functional collapse.'.
      (5) According to the EMP Commission Report, electromagnetic pulse (in this Act referred to as 'EMP') is a threat to the overall electrical power system.
      (6) According to the EMP Commission Report, EMP occurs both naturally, such as geomagnetic storms, and via man-made devices.
      (7) According to the EMP Commission Report, while the electric infrastructure `has a degree of durability against . . . the failure of one or a small number of [electric] components,' the current strategy for recovery leaves the United States ill-prepared to respond effectively to an EMP attack that would potentially result in damage to vast numbers of components nearly simultaneously over an unprecedented geographic scale.
      (8) According to the EMP Commission Report, EMP 'may couple ultimately unmanageable currents and voltages into an electrical system routinely operated with little margin and cause the collapse of large portions of the electrical system.'.
      (9) According to the EMP Commission Report, a collapse of large portions of the electrical system will result in significant periods of power-outage and `restoration from collapse or loss of significant portions of the system [will be] exceedingly difficult.'.
      (10) According to the EMP Commission Report, 'should the electrical power system be lost for any substantial period of time . . . the consequences are likely to be catastrophic to civilian society.'.
      (11) According to the EMP Commission Report, 'the Commission is deeply concerned that [negative] impacts [on the electric infrastructure] are certain in an EMP event unless practical steps are taken to provide protection for critical elements of the electric system.'.

See also The Report of the Commission to Assess the Threat to the U.S. from Electromagnetic Pulse Attack, 2005, and Testimony of Dr. Michael J. Frankel Information submitted for the record house homeland security committee hearing cyber security and other (EMP) threats to the power grid JULY 21, 2009.

Projections for the current solar cycle are that there will be increasing solar storm activity in 2012 and 2013. I wonder if this is any coincidence coinciding with the Earth's aliment with the center of the galaxy on December 21st, 2012, the day the Mayan Calendar ends? This alignment happens once every 25,920 years (72 years to move one degree of a 360 degree circle). EMP Gama burst anyone?...

Sunday, October 16, 2011

Is there any training on "Software Safety" available?

I was recently asked if there was any specific training or certification on the topic of Software Safety.

Sadly my answer is I don't think so. I've seen some training specific to DO-178B, some related to FDA device compliance, and an occasional course at the MISRA office in the UK.

Part of the problem is defining what exactly do we mean by "Software Safety", as it always depends on the context. My simple working definition is that I never have to tell a person to "just push the reset button" or "you must reboot to recover". Do you really want to push the reset button on your defibrillator?

It also always must be kept in mind that even if the software is safe, it is still part of a system as a whole. If the system as a whole is unsafe, then having perfect software will not make a safe system.

Michael Barr at Netrino does offer Critical Software Safeguards Course: Lint and MISRA-C, for the Embedded space.

Jack Ganssle also offers his How to Develop Better Firmware Faster, one day class, again for the Embedded Space.

Do you know of any courses that would be relevant? If someone put together such a course what should be in it?

Monday, September 12, 2011

Do you work in the Medical Device field? You won't after 2013 due to this new Tax.

The Advanced Medical Technology Association (AdvaMed)   released a report late last week (Sept. 7th 2011) on how 43,000 jobs in the "Medical Device" field are going to be lost due to yet an other new Tax.

Here is the full report: Employment Effects of the New Excise Tax on the Medical Device Industry.pdf by Diana Furchtgott-Roth and Harold Furchtgott-Roth.

"Medical Device" as defined by the IRS are covered in USC TITLE 26 - Subtitle D - CHAPTER 32 - Subchapter E - § 4191. Section D of Exemptions is the problematic portion to those of us doing Embedded Medical Devices:
"any other medical device determined by the Secretary [of the Treasury] to be of a type which is generally purchased by the general public at retail for individual use."
So now we don't have a doctor nor a person familiar with Embedded System Medical Devices deciding which devices will get a %2.3 excise tax, that will cause Medical Device manufacturers to send yet more jobs overseas to avoid paying the tax, at the Embedded Communities expense.

If you work in the Medical Device field, it is probably time to get your resume in order. I'm going to be polishing up mine, because there is no way to tell what clueless bureaucrat will consider a Medical Device...

Saturday, September 3, 2011

Firmware Engineers of Northeast Ohio Meeting Sept. 13th 2011

Firmware Engineers of Northeast Ohio are holding their monthly meeting on September 13th 2011, 6:00 PM to 9:00 PM EDT.

  1. Catered meal provided [Munchies are always the most important thing of any meeting aren't they?]
  2. Opening Remarks
  3. Lightning 1 Talks:
    • IEEE Cleveland Computer Society/FENEO event, 'Lightning 1'. Chris Cole's inspiration; four very focused 15 minute talks by four different IEEE Cleveland Computer Society and FENEO members are planed. All are welcome but space is limited, please RSVP here.
      Presentation Topics:
    • When UNIX was a Pup by Dr. Robin Lake
    • Software in the Hardware World by Mike Dahlhausen
    • Real World Examples of Using Open Source Tools in Embedded Development by Christopher Cole
    • TDD for Kernel Module Development by Nick Barendt
  4. Networking. Burned out because of to many years at your current gig? This might be your chance to find something new and exciting.
DeVore Technologies, Inc.
3593 Green Rd.
Commerce Park Four
Suite 525
Beachwood, OH 44122
Be sure to bring in the flier to receive 1 CPD credit.

Sunday, August 7, 2011

"We can always print money" - Alan Greenspan on Meet The Press Aug/07/2011

I've blogged about how the price of our Bills of Materials appears to be going up, previously. A comment on today's, August 7th 2011, Meet The Press by former Federal Reserve chairman Alan Greenspan, promoted me to write this one.

 Mr. Greenspan stated [Transcripts available here] that "the US will always be able to pay its debts because we can print money". Echos of a speech given before the National Economists Club in Washington, D.C. on November 21, 2002 by Ben S. Bernanke, the current chairman of the Federal Reserve, who also said we can control or create inflation by printing money. Rick Kahler once said "A slow, chronic inflation is the most politically palatable way of reducing the debt in a manner that is somewhat unnoticeable to the electorate." In otherwords the more moeny in circulation, the more your money is worth less. Prices are not going up, the value of the money is going down! Do these people actually understand how the system works to say these things?

If you've listened to any of the 'News' this weekend there has been a big stink that Standard & Poor's downgraded the US's Credit Rating, on August 5th, after the stock markets closed. The Governments rebuttal can be found here. What few places are telling you that is more important, is that Dagong, a key credit information and credit solution service provider in China, Downgrading the Credit Rating of the USA, on Tuesday August 2nd. According to reports on the BBC I was listening to on my daily commute, China has already decided to take their money an invest it in its own people, rather than lend more to the US. What many are worried about is what happens if a Treasury Auction is held, and no one shows up? Then it doesn't mater if there is a Debt Limit or not.

Now we need a bit of a history lesson: Andrew Jackson (March 15, 1767 - June 8, 1845) was the seventh President of the United States (1829-1837). Jackson was strongly against the national bank, he vetoed the renewal of its charter and ensured its collapse. This was the last time the US paid off its "National Debt". Alas when Abraham Lincoln (February 12, 1809 - April 15, 1865) was the 16th President of the United States, serving from March 1861 until his assassination in 1865, needed to fund the Civil War, a new bank system was set up. Various incarnations existed, see Paul Warburg's Crusade to Establish a Central Bank in the United States at the Federal Reserve Bank of Minneapolis, until the Federal Reserve Act was passed by Congress at the Christmas recesses of 1913, under suspicious circumstances; there was no "sign and die" to close that session of Congress.
"Controversy about the Federal Reserve Act and the establishment of the Federal Reserve System has existed since prior to its passage. Some of the questions raised include: whether Congress has the Constitutional power to delegate its power to coin money or issue paper money, why it was passed on December 23 while most of Congress was away for Christmas, whether the Federal Reserve is a public cartel of private banks (also called a banking cartel) established to protect powerful financial interests, and whether the Federal Reserve's actions increased the severity of the Great Depression in the 1930s (and/or the severity or frequency of other boom-bust economic cycles, such as the Late-2000s recession)." -- Wikipedia.
The Federal Reserve has not been audited, no one to date really knows what happens to the 'money'. Worse almost no one understands how this sham system works.

Consider this simplified version: In 1913 the Government declares that all 'money' comes from the Federal Reserve (Fed hereafter). You need to have 'money' to run your business and put food on the table. As the only source of 'money' is the Fed you borrow 'money' from them, which is happy to loan it to you, at interest. The interest rate varies, but they'll get more back, you think. Now what is wrong with this picture? If the only source of 'money' is the Fed, where does the 'money' used to pay the interest come from? It has to be borrowed from the Fed. Remember the Government has declared that the Fed is the only source of 'money', you have no choice, unless you want to barter tangible assets, like real Money, coins, from the US Treasury. The National Debt can never be paid off, because if it was the system falls-apart, as the last 5000 years have shown always happens to this type of system in the end.

This schema is really a hidden tax on you and I. It works like this: The Treasury sells bounds, sheets of paper with no intrinsic value, to the Federal Reserve for things that politicians do not have the honesty to come out and say directly that they need to raise our taxes to support. The Fed buys these bonds with 'money' that it created from nothing. This created 'money' is put into circulation, making your money worth less each time it happens. This inflation is the most insidious hidden tax that you and I pay. Few figure this system out because it is usually hidden behind the Orwellian doublespeak of economics such as Quantitative Easing.

For a far more detailed look at the history of 'money' and its coming end, check out The Money Masters, the works of Milton Friedman, and the Laffer curve.

People far wiser than I have told me that when the end of the Dollar comes, it will be over a three day long holiday weekend. Columbus Day is Monday, October 10, 2011, would be such a day. I wonder if it is any coincidence that comet Elenin comes by at the same time...

Wednesday, August 3, 2011

The current Temporal War on planet Earth. The August 2011 edition of Metrologia.

Going on here on Earth right now is a real Temporal War. This Temporal War is not Science-Fiction, it is about the future of Time itself, as in how it is measured. Right on time, the August 2011 issue of Metrologia has appeared. This issue, Volume 48, Number 4, is all about Modern Applications of Timescales:
  • Time, the SI and the Metre Convention
  • Role of the ITU-R in time scale definition and dissemination
  • Evolution of timescales from astronomy to physical metrology
  • Timescales at the BIPM
  • Local representations of UTC in national laboratories
  • Earth rotation monitoring, UT1 determination and prediction
  • Relativistic time transfer in the vicinity of the Earth and in the solar system
  • Solar time, legal time, time in use
  • Time scales, their users, and leap seconds
  • Time references in US and UK astronomical and navigational almanacs
  • Software for timescale applications
  • Timing in telecommunications networks
  • BeiDou Navigation Satellite System and its time scales
  • GNSS times and UTC
The article are free until the end of August 2011, after which time they go behind a paywall.

In this War there are several factions, such as those that believe that Time should be tied to the Earth rotation. The problem is that the Earth rotation is not constant. To keep our clocks on the wall synchronized the concept of Leap Seconds has to be introduced were a second is added or subtracted every six months from Universal Coordinated Time. From the Embedded System perspective this means an hour can legitimately have 61 seconds in it. Have you accounted for that in your system? An hour could also only have 59 seconds. Maintaining time spans across years becomes a problem, necessitating the use of tables of Leap Seconds.

Leap Seconds can currently be tracked at the Time Service Dept., U.S. Naval Observatory.

In one of the other major factions they want to do away completely with the concept of Leap Seconds. The clock-on-the-wall-time would slowly drift away from the look-out-the-window-at-the-Sun-Dial-time. This faction believes that it will simplify our lives as programmers.

There are also a few lessor factions at play. Based on input from the International Astronomical Union, the Bureau International des Poids et Mesures, the Consultative Committee for Time and Frequency (CCTF), the International Telecommunication Union (ITU), is close (in 2012) to the moment of making a decision on whether or not to decouple UTC from its tight link to the rotation of the Earth.

Who is going to win this Temporal War? I do not know, it might come down to the group with the biggest Ray-Gun. One thing is for sure, that in a year or two keeping accurate Time in our Embedded Systems might just get a lot harder. Follow the daily battle and decide which camp you want to put your future with, on the Leap Second List.

Sunday, July 31, 2011

29 miners lost their lives because safety systems failed

On April 13, 2010, Davitt McAteer was asked by former WV Governor Joe Manchin, III to form an independent investigation panel to investigate the cause of the Upper Big Branch Mine explosion that took place on April 5th 2010, and to offer recommendations to prevent future explosions. The panel has issued its final report to the Governor, the Governor's Independent Investigation Panel (GIIP). The report can be viewed here, and errata here.

On April 5th 2010 at 3:01 PM local time twenty-nine miners died and one was seriously injured with life altering injuries as the enormously powerful blast rocketed through two and one-half miles of underground workings of the Upper Big Branch mine, nearly 1,000 feet beneath the surface. Of the 29 men killed, 19 died as result of carbon monoxide intoxication, and the remaining ten died as a result of injuries suffered in the devastating mine explosion. To date this is the most deadly coal mining disaster in the United States in 40 years.

For the rest of this blog to make sense to those who have never had the experience of being in a real production coal mine we need to define a couple of terms:
  • Longwall: A method of extracting coal seams from a long working face. As the workings advance in a continuous line, which may be several hundreds of yards in length, space from which the coal has been removed is either allowed to collapse or is completely or partially filled or stowed with stone and debris.
  • Longwall Shields: At UBB the longwall mining machine had 176 shields, roof shields or supports, each measuring 1.75 meters wide (or about 5.74 feet.) One "pass" on the longwall is a complete trip by the shearer from shield #1 to shield #176; a second "pass" would be the return trip from shield #176 to shield #1.
  • Methane (CH4): Odorless, colorless and highly combustible,is the most common hazardous gas found in underground coal mines.
The picture below is one from my personal archives, not one from the report, which has several pictures of evidence and memorials. My picture shows a typical Joy longwall shearing machine.

The report gives a minute by minute sequence of events leading up to the disaster, and the agonizing wait of the families for days to find out if their husbands and fathers would ever return home. The final identification of the deceased came when they removed the bodies on April 10, 12 and 13. A family member told the Governor's Independent Investigation Panel that this time was particularly agonizing because each family was holding out hope that their loved one was one of the missing, not one of the dead.

Picking up the event log moments before the explosion:

At 2:59:38 PM, the crew cut power to the longwall by disconnecting the shearer manual stop button, as logged by the Joy Network Architecture (JNA) control system sold by Joy; a system that I was once imminently familiar with in a past life. This shutdown is standard industry procedure when potentially serious problems occur on a longwall, and it is something that had to be done manually.

Also the electrical breaker to the shearer, located at the headgate, was found "knocked," meaning that the power to the shearer had been manually disconnected. The removal of power in this manner can only be done by someone at the headgate. A person must both push in a button and pull a lever. The disconnect has a visible "off" position. The water to the longwall face also was turned off at the headgate, something I personally find odd. Longwall crews do not leave the face area unless it is quitting time or there is an emergency. The longwall face at Upper Big Branch was 1,000 feet wide with 176 shield bases for a miner to step over. Walking through this narrow space and having to duck, and not kill your shins as I can personally attest to, in the low areas means a miner would have to have a good reason to leave the longwall face. Investigation tells us that these men witnessed something ominous and took steps to try to avert a disaster. Regrettably, they were not able to do so.

3:01 - 3:02 PM, Explosion erupts through the mine blasting debris out the portals and lasting for several minutes. The carbon monoxide monitoring system alarms and mine fan records show a major disruption to the ventilation.
Governor's Independent Investigation Panel has concluded that the ignition point for the blast was the tail of the longwall. As the shearer cut into the sandstone mine roof, the resulting sparks ignited a pocket of methane, creating a fireball. The fireball in turn ignited the methane that had accumulated in the gob during the Easter weekend and leaked onto the longwall face. The fireball traveled into the tailgate area, where accumulations of coal dust provided fuel for a second, more deadly, force. This dust-fueled blast ricocheted in multiple directions, traveling across the longwall face, into the tailgate entry, and through more than two miles of the mine.
The report states that deep water collected - at times neck-deep - (I've personally waded through waist deep water in mines), and tracking systems that did not work, as well has reports of shortcuts taken in safety in the name of profit.

The comment on page 65 "band-aid approach" hit me personally. I've been in mines, many of them over the years. I once asked the longwall foreman that I was with why the 4400VAC trailing cable (powers the shearer) had so many band-aid's (several layers deep) on it, "did it get an ouchy or what?" I recall asking. His answer was chilling: "Management thought we were using to much electrical tape, so they refused to give us more. They don't care how many band-aids we use."

I also found the cartoon on page sixteen by Nick Anderson from the Houston Chronicle offensive, it has no place in a report that claims to be objective. Steve Fiscor Editor-In-Chief of Coal Age Magazine also feels the report lacks objectivity.

Ultimately, 29 miners lost their lives in the Upper Big Branch mine because multiple safety systems failed in a major way, from technology to management to government regulators. Read the report and keep it in mind when you thing of taking a shortcut in safety, or some boss starts pencil whipping you. Do you want a death on your conscious because of a shortcut in the name of production?

By the way the Department Of Labor does have an opening for a mine inspector, if you are interested: Mine Safety and Health Inspector (Metal/Non Metal) - Labor, Mine Safety and Health Administration (MSHA) - Warrendale, PA...

Judge Finds Ford Fraudulently Concealed Electronic Causes of Unintended Acceleration

This week, July 27 2011, Safety Research & Strategies, Inc published two documents taken from the court of Senior Judge William T. Swigert of the Fifth Judicial Circuit in Sumter County, Florida.

This 51-page decision, by Judge Swigert excoriated Ford for systematically concealing a long history, stretching back to the 1970s, of studying the problem of electromagnetic interference and unintended acceleration.

SRS has an on going page devoted specifically to new Toyota Sudden Unintended Acceleration studies. It is interesting to note that in 2004 Toyota licensed some of its technology to Ford.

Last week July 21,2011, SRS published How NHTSA and NASA Gamed the Toyota Data, covering issues of Tin Whiskers (see my past blogs Soldering Defect Database: How many ways can a solder joint fail? More than you might think and The Anatomy of a Race Condition: Toyota vs AVR XMega), 'losing' the data the NASA report was based on, and other dubious practices. What NHTSA's Data Can Tell Us about Unintended Acceleration and Electronic Throttle Control Systems. by R. A. Whitfield of Quality Control Systems Corporation gives a brief analysis of the raw National Highway Traffic Safety Administration (NHTSA) data.

In my past blog entry The Anatomy of a Race Condition: Toyota vs AVR XMega on NASA's on Toyota's sudden acceleration problem, I went into some of the details as to what I believe is happening. I explain why the Sudden Acceleration issue would not issue a diagnostic code if the problem is based in the firmware of the engine control unit, which is something I never seen covered in any of these reports. Guess they are all done by people with no experience in designing the systems they are reporting on?

Sunday, July 3, 2011

Transmission and Reception of Longitudinally-Polarized Momentum Waves By Robert K. Zimmerman

I just opened my July/August 2011 edition of QEX magazine; The Forum for Communications Experimenters published by the Amateur Radio Relay League, to find: Transmission and Reception of Longitudinally-Polarized Momentum Waves By Robert K. Zimmerman, NP4B, VE3RKZ. [A subscription is required to read the article, it is not on line. Support your local library.]

Robert Zimmerman, NP4B/VE3RKZ, describes five years of research at McMaster University in "Transmission and Reception of Longitudinally-Polarized Momentum Waves." James Clerk Maxwell's famous equations [See my note below] of electromagnetic radiation predict an alternative form of radiation, which Zimmerman refers to as vector potential radiation. He was involved in research that results in a demonstration of the communications potential of what was previously considered to be only a theoretical curiosity.

In the context of 'Longitudinally' studies, it is important to note that what we find in our text books today are not truly James Clerk Maxwell equations but the corruption of Maxwell's work by Oliver Heaviside.

Maxwell's true equations are in the form of Quaternions. Quaternions are a relative of complex numbers often used to parametrize rotations in three dimensional space. In modern computer work they are frequently used to rotate objects without build up of round off error, as you can rotate a quaternion faster than you can rotate a matrix. Quaternions (and their kin) are described in far more details in this document (with errata and addenda), from the Boost Math Library.

Maxwell's 20 Quaternion Equations may be found here at Rex Research ('Rex' can always use some support, help him out and buy something there). The importance of 'Potential' was dropped by Heaviside because Heaviside did not understand the math.

What I'm truly perplexed by is Robert Zimmerman apparent belief that what he is calling Longitudinally-Polarized Momentum Waves is a new discovery. Robert implies that his work is new, and the publication of something that you can really build and experiment with following his construction article is new. Perhaps it is due to the different terminology used over the years?

Roberts article describes how to send 'Momentum Waves' and receive them using a six inch "U" shaped plasma tube that you can pick up at most hardware stores, with in depth construction tips.

Using a plasma based receiver in Ham Radio can be traced back to the article in the February 1980 issue, Plasma-Diode Experiments by Dr. Harry E. Stockman, in Ham Radio Magazine,
 which is based up on these from the 70's:
  • Abnormal glow discharge detection of visible radiation N. S. Kopeika, J. Rosenbaum, and R. Kastner Applied Optics, Vol. 15, Issue 6, pp. 1610-1614 (1976) doi:10.1364/AO.15.001610
  • N. S. Kopeika, J. Rosenbaum, and R. Kastner, "Abnormal glow discharge detection of visible radiation," Appl. Opt. 15, 1610-1614 (1976)
  • Abstract: "Extension of abnormal glow discharge detection of electromagnetic radiation to visible wavelengths is observed with inexpensive commercial indicator lamps. The spectral response and mechanisms of detection are discussed and advantages over gas-filled photo-diodes noted. Responses from different discharge regions are observed and their implications considered."
  • General Electric Glow Lamp Manual 2nd Edition see graph on page one and description on page two.

Around 2007 I was communicating with Dr Ted Anderson about his new "Plasma antennas [that] can magically vanish; New antennas made from plasma, rather than metal, have advantages of being stealthy, reconfigurable, and resistant to jamming". [Note that Plasma antennas may be nested, will get back to the geometry later.] Dr. Ted's group was putting together a web site and had big plans for this new antenna, especially in light of its military applications. Such an antenna can only be detected when running, and due to its high bandwidth it does not have to be running long to communicate data using spread spectrum techniques. A standard metal based antenna can be detected and targeted by an enemy with the proper equipment. Dr. Ted said "I am preparing a package for you on the plasma antenna. I will be sending it soon. Please give me a couple of days. Perhaps we can work together." then dropped off the face of the earth, as did his web site.

Jumping back in history again we find the work of James Harris Rogers (Again curtsy of Rex Research, whom needs support), from 1919, whom I've mentioned before. Rogers work was used in World War One to communicate with submarines. Hams of the day also experimented with Rogers antennas when they were published in Electrical Experimenter magazine.

Tom Bearden once made the comment that Rogers' work had been rediscovered at least five times then quickly "lost", it worked to well apparently. Was Dr. Ted "lost"? Hopefully with Robert's publication in a well respected magazine in the Ham Radio experimenter field this work will not get "lost" again.

Citing Bearden's work is considered dubious by many, however some of his earliest papers are required reading, such as:

I'd not waste time on later works, as explained here, nor most of what you find on Internet. You need to find the original books from the 70's and early 80's.

Rogers work is known by a few other names and related research such as the Aharanov-Bohm Effect (Physics), Poynting Vector (Mathematics), Scalar Waves (Pseudoscience). The differences comes down to issues of geometry but I've not got my head wrapped around all of that yet.

An other rare term referring to this field work is Curl-Free Magnetic Vector Potential by Raymond C. Gelinas assigned to Honeywell:

  • 4,429,280, 31 Jan 1984, Apparatus and Method for Demodulation of a Modulated Curl-Free Magnetic Vector Potential.
  • 4,429,288, 31 Jan 1984, Apparatus and Method for Modulation of a Curl-Free Magnetic Vector Potential Field.
  • 4,432,098, 14 Feb 1984, Apparatus and Method for Transfer of Information by Means of a Curl-Free Magnetic Vector Potential Field.
  • 4,447,779, 8 May 1984, Apparatus and Method for Determination of a Receiving Device Utilizing a Curl-Free Magnetic Vector Potential Field.
  • 4,605,897, 12 Aug 1986, Apparatus and Method for Distance Determination Between a Receiving Device and a Transmitting Device Utilizing a Curl-Free Magnetic Vector Potential Field.
  • 4,491,795, 1 Jan 1985, Josephson Junction Interferometer Device for Detection of Curl-Free Magnetic Vector Potential Fields.
  • There is also 5,845,220: Communication method and apparatus with signals comprising scalar and vector potentials without electromagnetic fields , H. Puthoff.

The Aharanov-Bohm Effect is most relevant to Robert's work above: Significance of Electromagnetic Potentials in in the Quantum Theory by Y. Aharonov and D. Bohm in The Physical Review, vol. 115, no. 3, Aug. 1959.

Abstract: In this paper, we discuss some interesting properties of the electromagnetic potentials in the quantum domain. We shall show that, contrary to the conclusions of classical mechanics, there exists effects of potentials oncharged particles, even in the region where all the fields (and therefore the forces on the particles) vanish. We shall then discuss possible experiments to test these conclusions; and, finally, we shall suggest further possible developments in the interpretation of the potentials.

and Quantum Interference and the Aharonov-Bohm Effect" Yoseph Imry and Richard A. Webb in Scientific American, vol. 260, no. 4, Apr. 1989.
Abstract: Can electrons be influenced by a nearby magnet so well shielded that its force field cannot be detected? The counter intuitive answer is yes: an energy emanation from the magnet known as the potential does indeed affect the electrons' wave function. This quantum-mechanical effect is being brought to bear on the development of new microelectronic devices.

Once we know the other names, we find a detector by Robert Shannon [I know that particular detector was destroyed in a fire. There is one remaining housing to build a new one if I ever make the time]. Bob lists several Translation Modes to exchange between electromagnetic waves and 'potentials': Magnetostatic Detectors, Electrostatic Detectors, and Plasma (NE2 bulbs are easy to play with).

I think I'll head off to my work bench and fire up some NE2's... Maybe we'll bump into each others signals...

I'll leave you with one closing item for you to speculate on:
T. E. Bearden, "Virtual State Engineering and its Implications," NTIS ADA065762, 1978.

Abstract: Experimental evidence of zero-point energy of vacuum has been established beyond question. Soviet direct measurement of this energy has been reported. Prigogine's Nobel Prize work confirms that in theory a highly disordered, chaotic, virtual state, zero-point energy can be cohered to crosstalk into observable quantum change and even macroscopic energy production. Several simple devices can be demonstrated to observably tap zero-point energy. Extension of the theory onto even a simplified hyperspace model indicates direct applications in certain specialized amplifiers. Consideration of multiple simultaneous observation (Everett's interpretation of quantum mechanics) ties together virtual and observable states into the same time change, allowing super position of virtual state into observable state. By considering virtual state patterns to be carried by the individual photon, then superposition effects can be obtained upon a target radiated by a radar beam if each and every photon of the radar beam contains one virtual state pattern in common, added into its other (incoherent) virtual state patterns. Sufficient superposition of the coherent pattern in the target produces real observable changes which may have significant applications. Such applications include electron current dissolution (dudding of electro-magnetic circuits), cancellation of electromagnetic fields, de-activation(dudding) of nuclear warheads by transmutation of fissionable materials, and simple production of particle beams of enormous power density. Electron current dissolution is also effective against the nervous systems of biological targets. It thus appears that electromagnetic radiators such as radars could possibly be made into universal, all-purpose weapons effective against every major battle element. A mechanism and a theory for direct amplification of the virtual state into observable state is given. At least one known device, Moray's free-energy apparatus, successfully applied virtual state engineering to produce 55 kilowatts of power from a 55-pound device by tapping zero-point energy.

Is 'Reality' nothing but a mind trip? Are you getting ideas of what happens when you do things like four wave mixing of potentials, or nested geometry?...

Tuesday, June 21, 2011

Rest In Peace Bob Pease

Does the Universe have a sense of irony? Sadly it seems so. Another analog legend Bob Pease died in a car crash while returning from Jim Williams private memorial service.

What is even more ironic is that Bob wrote the book How to Drive into Accidents - And How Not to, and he was not wearing his seat-belt!

To me not wearing a seat-belt is simply incomprehensible. There is no rational argument that you can come up with to justify not wearing one. Buckle Up!

I had the pleasure of meeting Bob in Cleveland at one of his seminars. We struck up a conversation on 'Floobydust' of all things...

Floobydust is a contemporary term derived from archaic Latin miscellaneous, whose disputed history probably springs from Greek origins (influenced, of course, by Egyptian linguists) -- meaning here "a mixed bag." -- National Semiconductor Audio Handbook, 1976 Corporation.

Sunday, June 19, 2011

Rest In Peace Jim Williams

This week has been a sad one for anyone doing analog design. Jim Williams of Linear Technology died suddenly and unexpectedly from a stroke on June 12th. More on Jim here.

Jim is survived by his wife Siu and son Michael. His family requests that donations in Jim's memory be made to The Parkinson's Institute, 675 Almanor Avenue, Sunnyvale, CA 94085.

Archive of Jim's analog design collected writings can be found here and here. After reading those you will understand why we have lost the best among us.

I once had my own Jim Williams encounter, back at the height of the Dot Com Bubble around 1998, when I was writing Circuit Cellar Online Resource Pages. Out of the blue Jim called me up to tell me that I was miss applying his LT1088 (Yes it was his design, that he had to convince LT to make it), RMS wave form to Heat converter. We had a lengthy discussion on how to measure esoteric wave forms from even more esoteric sources (always work with First Principles if you can, like heat in the LT1088).

We never know when our own number is going to come up. Find an industry that lets you spend more time with your family and less time at work...

Sunday, June 12, 2011

Will Cold Fusion or the solar powered bikini, the iKini, power your next embedded system?

The term 'Cold Fusion' has lots of baggage with it today, so most of the research takes place under the term Low Energy Nuclear Reactions or Chemically Assisted Nuclear Reaction, or simply LENR-CANR.

A summary of Andrea A. Rossi's Cold Fusion Generator has been put together by Sterling D. Allan and Hank Mills.  Nickel and Hydrogen in the presence of proprietary catalyst under pressure  are claimed to produce 15,000 thermal Watts output with 400 thermal Watts input.  There have been independent tests to confirm numbers like this.

From what I've gathered a company operating under the name AmpEnergo is going to distribute Rossi's technology in the Americas.  There are a couple of different web sites calming to be AmpEnergo's and it is not clear to me which one is the legitimate one.  From an official document issued by the Ohio Secretary of State, Jennifer Brunner, AmpEnergo is apparently registered to operate in Ohio.

A lot more details can be found in the "April 2011, updated May 2011" LENR-CANR News.  Decide for yourself if this technology looks 'real'.

I have little background in chemistry, other than what I've learned related to batteries, however to me Rossi's stuff looks more like a thermogenic compound, than 'Cold Fusion'.  That is, a compound that generates heat.  In Harold King's novel, that I've mentioned beforeRed Alert a couple of different thermogenic compounds are used.  One based on Aluminum powder and one based on Iron powder.  A line from the book: "How do you know the big one [the Iron based one] has not gone off yet?  Because we are still here!"...

If 'Cold Fusion' is not 'hot' enough for you then maybe this hot little number by Andrew Schneider will be.  He has created something that might power your next Embedded System. A solar bikini, known as the iKini. Your imagination might come up with some interesting tests for the system model.  Not sure what more I could possibly say about this here?  I do hope he is better at hardware design than web design as neither of his web sites rendered correctly in any browser I tried.

Myself if I was doing a practical solar design I'd use some  Ixys IXOLARTM High Efficiency Solar Cells that can be handled by normal pick-and-place equipment.  They can be gotten from Mouser.  The cells would be followed up with a Maximum Power Point Tracker from either ST, SPV1040, or the Linear Tech LT3652 chip or LTM8062  μModule.

A good friend of mine, the late John Draper, had a patent 4,651,080 "High Efficienty Battery Charging System"; March 17, 1987, that put solar cells in a unique series-parallel combination to match the inherent impedance of a Lead Acid cell.  If any one is interested I'll post the internal test documents of SylCell, the company that was going to promote this technology before John's untimely death.  Tests showed large increases in charging efficiency.

Software Quality and Software Costs by Capers Jones

"An occupation where failures and disasters are the top cost drivers is not a true engineering discipline.  To become a true engineering discipline, software engineering needs better quality control, better quality measures, and better economic analysis than current norms." - Capers Jones in ASQ/SQP June 2011.

This month's (June/2011) issue of the American Society for Quality's Software Quality Journal, has a 'Must Read' article, "Software Quality and Software Costs" by Capers Jones where he explores the application of two metrics frameworks - software cost of quality and software defect containment. Both to model and manage the cost and quality consequences of poor requirements and spending time on debugging, instead of not putting the bugs in the first place.

Some ASQ/SQP articles are member only, and a few are available with a free registration.  Some articles such as the one we are discussing here are made available as PDF's under 'Open Access'.  The system may ask you to register with a name and email address, then you may be directed to a page saying you must purchase the article.  However if you click the link again, the article should open due to it being an Open Access article.

Jone's metrics are based on the International Function Point Users Group (IFPUG).  Using Function Points allows for measuring defects across different languages, and in requirement documents where measurements of "Lines of Code" are useless.

To summarize: The Bad, and alas the typical development process today:
  • Either inadequate estimation or the arbitrary rejection of accurate estimates by clients who then imposed unachievable schedules; [Clients refusal to listen to accurate estimates on development time, usually being driven by an unmovable trade show deadline].
  • Inadequate status tracking by management that concealed problems until too late to recover.
  • Poor change control combined with creeping requirements in excess of 1 percent growth per calendar month; [The Creeping Feature Creature is a powerful task master, as late addition requirements contain more bugs].
  • Poor quality control.
  • Testing alone is not very efficient in finding bugs.  Less that 35% effective.

The good, that is proper project planing and management (Always make a case from the point of the bottom line to get the attention of the Bean Counters):

  • The high-quality project schedules will be shorter by about 15 percent.
  • Software Quality and Software Costs in defect removal efficiency will cost about 20 percent less to develop than identical projects with poor quality.
  • Cumulative Total Cost of Ownership of high-quality applications from the start of the first release through five years of maintenance and enhancement will be about 30 percent lower than identical projects with poor quality.
  • Annual maintenance costs will be lower by about 40 percent.
  • For large applications, high quality levels will minimize the chances of failure.
  • High-quality applications tend to have quicker testing schedules and hence quicker overall schedules.
  • The economic value of excellent quality is directly proportional to application size. The larger the software application, the more valuable quality becomes.

"No true engineering discipline should have defect repairs and canceled projects as the two top cost drivers.  For software engineering to become a true engineering discipline, quality control will have to be much better than it is in 2011."

Sunday, May 15, 2011

"Case Studies in Software Safety: Accidents and Lessons Learned", Aug 2nd 2011, by Hardy at NASA GSFC

If you happen to be in the area of NASA Goddard Space Flight Center (GSFC) Building 3 Auditorium on August 2nd, 2011 stop in for the Systems Engineering Seminar on Software Safety. You must register at least four days in advance, see below. For those that can't make it will be available on-line sometime after the 2nd.

The Mission Engineering and Systems Analysis Division (MESAD) of the Applied Engineering and Advanced Technology Directorate(AETD), the Office of Human Capital Management, and the Innovative Partnerships Program (IPP) Office of NASA Goddard Space Flight Center (GSFC) are co-sponsoring a series of seminar presentations on Systems Engineering concepts, philosophies, principles, and practices.

Goddard Space Flight Center

Systems Engineering Seminar

Case Studies in Software Safety: Accidents and Lessons Learned

Presented by:

Terry Hardy, Director, Safety & Risk Management, Great Circle Analytics, LLC

August 2,
2011, 1:00 p.m.

Building 3 Auditorium


Case Studies in Software Safety: Accidents and Lessons Learned

The complexity of our systems is increasing, especially with the use of software and computing systems. System safety approaches are therefore necessary to help manage risk and prevent accidents in these complex systems. An essential element in preventing accidents in the future is learning from past failures. This lecture will present case studies from many different industries describing accidents and mishaps related to software and computing systems. Such case studies can help us identify what can go wrong in our own systems. The focus of the talk will be on software safety as part of a broader system safety effort, and lessons learned will be discussed related to the system safety process. Recommendations will be provided based on lessons learned from those accidents as well as personal experience.


Terry Hardy leads efforts in system safety and software assurance at Great Circle Analytics. Mr. Hardy has over 25 years of experience and numerous publications in the areas of launch vehicles, space propulsion, cryogenics, software, safety analysis, and risk management. Prior to founding Great Circle Analytics, he led software safety and assurance efforts at Special Aerospace Services and at NASA Goddard Space Flight Center; responsibilities included membership on the Constellation Safety Engineering Review Panel. Mr. Hardy also was the Principal Engineer for Reliability in FAA’s Office of Commercial Space Transportation, leading efforts to develop safety, reliability, and risk management regulations, guidance documents, and training. Mr. Hardy holds a BS degree in chemical engineering, an MS degree in chemical engineering, and an MS degree in civil engineering. He also has been certified as a Reliability Engineer, Quality Engineer, and Software Quality Engineer through the American Society for

The Fine Print:

  • Please allow 30 minutes for security check in.
  • Please bring a photo identification.
  • Badging for special situations may be at the Visitor Center Badging Trailer

The really important fine print:

Registration for a visitor badge:
  • Employees and visitors with a Goddard badge need not register.
  • Visitors without a GSFC badge must register for a visitor badge.
  • To register, please send your Name, Citizenship, Organization, Phone, and Email at least FOUR days prior to seminar to: Lindsay Macleod, 301.286.6493, Lindsay.B.Macleod [At]
  • The SE Seminar Committee is only able to process Visitor Registrations for US Citizens.

Sunday, May 8, 2011

NASA Goddard Space Flight Center (GSFC) Software Assurance

Back in the blog I wrote, The Anatomy of a Race Condition: Toyota vs AVR XMega I mentioned the NASA Software Safety Guidebook. Seems that link went viral, as it popped up lots of other places the next day as people spread it around.

I was a bit surprised, but glad, to find that the Software Safety site and this Software Safety blog are listed number one and number two by SEMRush (a 'Competitor Research Service'), beating out NASA themselves at number four, for the term "Software Safety".

Will today's link to NASA's Goddard Space Flight Center's Software Assurance page go viral as well?
"The NASA Goddard Space Flight Center (GSFC) Software Assurance Website provides tools, procedures and training materials for software and safety assurance personnel, software engineers, as well as program and project managers."
Of the most practical day to day value are the numerous Checklists, for example one on Code Inspections, and the Forms and Templates. There are also examples of Procedures, Guidelines, Work Instructions, links to tools etc. The Automated Requirement Measurement (ARM) Tool has been developed as aid to "writing the requirements right," not "writing the right requirements". As of this moment Humans still create the initial requirements for any device or Embedded System, and Humans are prone to errors. Unless an other Human catches the error(s) in a requirement document early in the development life cycle, no downstream tool will clean up the mess or mitigate the cost overruns.

NASA Site for On-line Learning and Resources (SOLAR), has some on line training as well. The Defense Acquisition Guidebook also has a section on Software Safety online training; MIL-STD-882D, "DoD Standard Practice for System Safety".

While in the Software Safety area of space flight check out Software Safety and Rocket Science by Gerard J. Holzmann in ERCIM News. Issue #75 covered Safety-Critical Software.

In my last blog entry I mentioned Circuit Cellar Magazine. In the April 2011 issue George Novacek took on the DO-178B software assurance standard. George details the standard, as best as you can in the allowed couple of pages, then seemed to imply at the end, that doing all of this paper work doesn't make the system much safer. Over the years I've seen both sides. Not having good written requirements leads to nothing but never ending project changes (changes are normal, but if you don't know what your setting out to make, you never know when you are done), cost overruns, and missed deadlines. On the other side having so much paper work that you can never actually ship a product out the door puts any company selling Embedded Systems out of business.