Re: [LEAPSECS] a system that fails spectacularly

From: Rob Seaman <seaman_at_noao.edu>
Date: Thu, 8 Dec 2005 07:24:52 -0700

On Dec 7, 2005, at 11:57 AM, Poul-Henning Kamp wrote:

> ISO9000 certification only means that you have documented your
> quality assurance process. There is no requirement that your
> documentation pertains to or results in a quality product.

That was kind of my point, too. We have standards bodies that don't
promulgate their standards. We have standards that use words like
"quality" that don't do anything to ensure quality. We have testing
laboratories that certify systems as compliant without actually
testing compliance. We have individual companies that build products
without understanding the physical context, let alone political or
social context, pertaining to the products.

> Just because it is an agreed international standard doesn't mean
> that it is the best solution to the problem, technically correct,
> technically optimal or even a good thing to begin with.

Agreed. Heartily agreed. See above. But...

We still live on the Earth and the Earth still rotates and that
rotation is still slowing. For some purposes, at some scales of
resolution of the clock or calendar, I myself don't care. For other
purposes, at other scales, you yourself DO care. Would like to see
us discussing the interesting zone in the middle, not asserting naive
blanket propositions.

As far as conforming to an imperfect international standard, if
interoperability is the goal (perhaps universally the case for time
issues), then the proper behavior for a company - one producing
safety critical products, no less - would be to find some way to
swallow the current standard (and their pride) and work to change the
status quo. I'm not upset that folks are trying to change the status
quo - every good standard should be challenged once in a while - I'm
offended at the sophomoric way this has been pursued.

In any event, in a world full of imperfect standards, it remains the
responsibility of the implementers to understand those standards that
pertain - a time based product might be expected to rely on time
standards, for instance - and to characterize their products'
responses to issues related to those standards. Having ignored the
existence of leap seconds, what are the implications for the company
and its products? Ignoring a standard might be a reasonable choice.
Having done so, one might choose to create a product that behaves in
a rational way rather than failing catastrophically. If avoiding
catastrophic failure isn't an option, one might suggest that ignoring
the particular standard is - well - unwise.

Wishing it otherwise doesn't make it so.

Rob Seaman
National Optical Astronomy Observatory
Received on Thu Dec 08 2005 - 06:26:23 PST

This archive was generated by hypermail 2.3.0 : Sat Sep 04 2010 - 09:44:54 PDT