From: Ken Garlington <garlingtonke@lmtas.lmco.com>
Subject: Re: ARIANE-5 Failure
Date: 1996/06/12
Date: 1996-06-12T00:00:00+00:00 [thread overview]
Message-ID: <31BEA5F1.33FA@lmtas.lmco.com> (raw)
In-Reply-To: 31BEBA98.167EB0E7@escmail.orl.mmc.com
Theodore E. Dennison wrote:
>
> Still, if thy had named their variables Radius.Velocity_Smoothed_N and
> Radius.Velocity_N (their language probably didn't even allow this), the
> odds of this error being discovered by someone before the failure would
> have been MUCH greater.
Well, this notation would have to have been used in the requirements to be
meaningful, and I don't think most systems engineers want to write
math equations in Ada!
There was a study a few years back by a Dr. Avezziani [sp] attempting to
show the worth of N-version programming. He had several teams use a high-quality
software development process to build a subset of a flight control system.
There was only one common-mode error found. Each team had been given a photocopy
of the control law diagrams to implement. There was a number, something like
5.122, on one of the gains. However, the smudged photocopy made it look like
5,122. Each team used the constant 5,122 in their code. (I'm not sure how this
proved the use of N-version programming, but that's another issue).
It's amazing how tiny changes in dense notations add up to big errors. Maybe the
real lesson learned is to use better equation editors, and avoid the Xerox
machine!
>
> --
> T.E.D.
> | Work - mailto:dennison@escmail.orl.mmc.com |
> | Home - mailto:dennison@iag.net |
> | URL - http://www.iag.net/~dennison |
--
LMTAS - "Our Brand Means Quality"
next prev parent reply other threads:[~1996-06-12 0:00 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
1996-06-06 0:00 ARIANE-5 Failure John McCabe
1996-06-07 0:00 ` Tronche Ch. le pitre
1996-06-07 0:00 ` Bert Peers
1996-06-07 0:00 ` Ken Garlington
1996-06-07 0:00 ` Robert Dewar
1996-06-07 0:00 ` John McCabe
1996-06-07 0:00 ` David Weller
1996-06-07 0:00 ` Ken Garlington
1996-06-08 0:00 ` Samuel Mize
1996-06-09 0:00 ` ARIANE-5 Failure (DC-X works) Eugene W.P. Bingue
1996-06-08 0:00 ` Robert Dewar
1996-06-09 0:00 ` Samuel Mize
1996-06-10 0:00 ` ARIANE-5 Failure Dale Stanbrough
1996-06-10 0:00 ` ARIANE-5 Failure (DC-X works) Robert Dewar
1996-06-12 0:00 ` Samuel Mize
1996-06-13 0:00 ` Robert Dewar
1996-06-17 0:00 ` David Zink
1996-06-18 0:00 ` Robert Dewar
1996-06-12 0:00 ` Theodore E. Dennison
1996-06-15 0:00 ` Robert Dewar
1996-06-13 0:00 ` Ken Garlington
1996-06-14 0:00 ` Robert Dewar
1996-06-17 0:00 ` Ken Garlington
1996-06-18 0:00 ` 4GL code in a deliverable (was: ARIANE-5 Failure) Arthur Evans Jr
1996-06-19 0:00 ` Ken Garlington
1996-06-20 0:00 ` Robert Dewar
1996-06-24 0:00 ` Ken Garlington
1996-06-24 0:00 ` Ken Garlington
1996-06-09 0:00 ` ARIANE-5 Failure Dale Stanbrough
1996-06-10 0:00 ` ARIANE-5 Failure (DC-X works) Ken Garlington
1996-06-14 0:00 ` Robert Dewar
1996-06-17 0:00 ` Ken Garlington
1996-06-19 0:00 ` 4THGL code Warren Taylor
1996-06-12 0:00 ` Automatic code generation (was ARIANE-5 Failure (DC-X works)) Steve Vestal
1996-06-08 0:00 ` ARIANE-5 Failure Jim Kingdon
1996-06-09 0:00 ` Jim Kingdon
1996-06-09 0:00 ` Jim Kingdon
1996-06-09 0:00 ` Robert Dewar
1996-06-10 0:00 ` Keith Thompson
1996-06-10 0:00 ` Dewi Daniels
1996-06-12 0:00 ` Theodore E. Dennison
1996-06-12 0:00 ` Ken Garlington [this message]
1996-06-13 0:00 ` Theodore E. Dennison
1996-06-13 0:00 ` Jan Kok
1996-06-10 0:00 ` William Clodius
1996-06-07 0:00 ` Theodore E. Dennison
1996-06-10 0:00 ` William Clodius
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox