There is a lot of trust in society, usually people do not expect bad things to happen. This was the case with the Cyprus bank collapse/theft, this was the case with NASA rocket launch that killed the pilots, train crash in Spain, the financial crisis and many more. Yes people use Bitcoin for large transactions, but people also keep large amounts of money in online banks with security similar as MtGox
. For example, how do you know the money you put in your bank will not be stolen? People step in a car each morning expecting it will not crash. In life there are always risks, its something we have to live with (and prepare for).
Because Bitcoin is a peer-to-peer network and you control your money, the risks involved are different. There is no
single point of failure in terms of the network structure. Your car has a single point of failure: its engine. The bank is a single point of failure. With crypto-currency the risks are different.
In addition, how would you transfer 10.000.000 us dollar from Swiss to the US? Its logical that Bitcoin is used for large transfers, you can make payments 24/7, anywhere in the world, almost instantenously.
Do you know of any good scientific sources/papers to validate my assumption that using open source in safety-critical systems is crazy? Or isn't?
Many mission/safety critical systems use open source software. Not scientific papers, but still information:
http://gizmodo.com/the-iss-has-ditched-windows-entirely-for-linux-499593441https://www.suse.com/solutions/mission-critical-computing.htmlhttp://blogs.windriver.com/medical/2011/11/using-linux-in-medical-devices-what-developers-and-manufacturers-need-to-know.htmlI'm having trouble finding good scientific articles on the topic though as I can't seem to find much on using open source and the agile development methods except a 2011 article on IGSTK (Image Guided Surgery ToolKit) which suggests it can be done...
Development methods for open source software depends. GNU/Linux, one of the biggest software project in the world communicates a lot trough a 'mailing list'. Whereas others prefer trough a chat protocol called IRC or forums. Usually in the corporate world they prefer face-to-face meetings with the development team.
You can find some bitcoin related papers here
http://arxiv.org/find/all/1/all:+bitcoin/0/1/0/all/0/1 or than the original bitcoin paper (link is on wikipedia). You may have access to ACM or IEEE database trough your university. Furthermore you may be interested in crypto-currency in general, which research dates back many years before bitcoin. There is also a recent MIT Bitcoin Expo 2014 video. Link and info on
bitprize.org Good luck with your thesis!
First of all: Thank you so much for taking the time for such a thorough reply!
You do misunderstand some central concepts though. What is your background?
Actually proprietary software projects aren't short in the usual sense - six months is a very short time for any piece of commercial software. A lot of open source "projects" though don't really qualify as projects in the usual sense because a project - by scientific definition - has strictly defined boundaries, either by length or resources, and open source projects usually do not have such boundaries.
Also, the Bitcoin core could have been more reliant on openSSL which could have meant every client in the world randomly spitting out private keys or a bug bypassing encryption - a lot could go wrong that would cost people billions if the code was carelessly reviewed. Obviously every piece of code pulled to the Bitcoin core has been carefully reviewed as warranted since it is indeed "critical software" - at least in a sense. And obviously it says so on the core development github page:
Please be patient and help out, and remember this is a security-critical project where any mistake might cost people lots of money.
You also misunderstand the term "development methods" in the scientific sense which refers to how the project is managed and which defined process is used.
Open source projects are usually distributed and very agile in the sense that project members rarely work from the same location and the code is developed in iterations rather than a step at a time.
The traditional approach, that scholars like Barry Boehm have suggested is more suitable for safety-critical projects, is commonly known as the "waterfall model" and is very bureaucratic. Pretty much: Make a thorough plan, stick with it and never go back and make sure to document every tiny thing on the way - as opposed to agile methods, like Scrum, where you work in iterations.
Thanks again for your reply though - it's always nice to get a different perspective on things
P.S.
Proprietary software usually has a short development time, the developers have to work full days on the project, usually get very tired; There is a short time schedule to produce, the costs are high: office costs, tax, management, administration etc. In addition, how can you know (as an outsider) the code produced is safety-critical and not a sloppy mess if it is proprietary software? People's lives are at stake and open source can be a lot cheaper.
^^^That is just terrible project management!
People don't get more work done by working 12 hours instead of 8 - simply ancient thinking
People interested in project management from a professional or hobbyist perspective should read Tom DeMarco's "The Deadline: A novel about project management" - it's solid science but a helluva lotta fun to read
