From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID
	autolearn=no autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,885dab3998d28a4
X-Google-Attributes: gid103376,public
From: Ken Garlington <garlingtonke@lmtas.lmco.com>
Subject: Re: Ariane 5 failure
Date: 1996/10/02
Message-ID: <3252B564.78A9@lmtas.lmco.com>#1/1
X-Deja-AN: 186802246
references: <96100114390546@psavax.pwfl.com>
content-type: text/plain; charset=us-ascii
organization: Lockheed Martin Tactical Aircraft Systems
mime-version: 1.0
newsgroups: comp.lang.ada
x-mailer: Mozilla 2.02 (Macintosh; I; 68K)
Date: 1996-10-02T00:00:00+00:00
List-Id: <comp.lang.ada>


Marin David Condic, 407.796.8997, M/S 731-93 wrote:
> 
>     The real danger is a common mode failure where a design flaw
>     exists in the software used by both channels - they both see the
>     same inputs and both make the same mistake. Of course trapping
>     those exceptions doesn't necessarily guarantee success since
>     either the exception handler or the desired accommodation could
>     also be flawed and the flaw will, by definition, exist in both
>     channels.

The problem also exists if you have a common-mode _hardware_ failure (e.g.
a hardware design fault, or an external upset like lightning that hits
both together).

-- 
LMTAS - "Our Brand Means Quality"
For more info, see http://www.lmtas.com or http://www.lmco.com