From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: *** X-Spam-Status: No, score=3.8 required=5.0 tests=BAYES_00,INVALID_MSGID, RATWARE_MS_HASH,RATWARE_OUTLOOK_NONAME autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 109fba,b87849933931bc93 X-Google-Attributes: gid109fba,public X-Google-Thread: fac41,b87849933931bc93 X-Google-Attributes: gidfac41,public X-Google-Thread: 114809,b87849933931bc93 X-Google-Attributes: gid114809,public X-Google-Thread: f43e6,b87849933931bc93 X-Google-Attributes: gidf43e6,public X-Google-Thread: 1108a1,b87849933931bc93 X-Google-Attributes: gid1108a1,public X-Google-Thread: 103376,b87849933931bc93 X-Google-Attributes: gid103376,public From: "George Wolke" Subject: Re: OO, C++, and something much better! Date: 1997/01/26 Message-ID: <01bc0ba4$4a10fa60$51a0adce@crc3.concentric.net>#1/1 X-Deja-AN: 212347245 references: <32DF458F.4D5C@concentric.net> <32DF94DC.6FF8@watson.ibm.com> <32DFD972.37E4@concentric.net> <5bphq4$5js@mulga.cs.mu.OZ.AU> <32E05FAF.47BA@concentric.net> <32EB753C.678B@jmpstart.com> organization: Concentric Internet Services newsgroups: comp.lang.c++,comp.lang.smalltalk,comp.lang.eiffel,comp.lang.ada,comp.object,comp.software-eng Date: 1997-01-26T00:00:00+00:00 List-Id: James O'Connor wrote in article <32EB753C.678B@jmpstart.com>... > Curious, was the catastophe because of Smalltalk? Or because of bad > design/requirements analysis? I would be more inclined to guess the > later. Like the Arianne V that blew up awhile back? Wasn't that > written in Ada? Was it because it was written in Ada or becuase the > designer made a mistake. I would be inclined to think it was the > designer's fault, not the languages. The Ariane V failure was a design error. The design called for using Ariane IV code as the baseline, even though their mission requirements were different. Also, a decision was made to assume the design correct unless an error was observed, rather than to use closed-loop simulation to prove the design sound. What happened was that the design called for limited error checking on conversion routines in order to save of the overall EEPROM usage of the flight software. When a section of code (used only for ground operations, but still enabled for flight) caused a run-time assertion, the system switched to a redundant computer. Unfortunately, the backup was running the same code as the primary and thus it failed too!! Thus the mission failed!