From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: ffc1e,a48e5b99425d742a X-Google-Attributes: gidffc1e,public X-Google-Thread: 1108a1,5da92b52f6784b63 X-Google-Attributes: gid1108a1,public X-Google-Thread: 107d55,a48e5b99425d742a X-Google-Attributes: gid107d55,public X-Google-Thread: f43e6,a48e5b99425d742a X-Google-Attributes: gidf43e6,public X-Google-Thread: fac41,a48e5b99425d742a X-Google-Attributes: gidfac41,public X-Google-Thread: 103376,a48e5b99425d742a X-Google-Attributes: gid103376,public From: Chris Brand Subject: Re: Papers on the Ariane-5 crash and Design by Contract Date: 1997/03/19 Message-ID: <33308284.365E@hacemx.hac.com>#1/1 X-Deja-AN: 226891065 References: <332B5495.167EB0E7@eiffel.com> Organization: Hughes Canada Systems Division Newsgroups: comp.lang.eiffel,comp.object,comp.software-eng,comp.programming.threads,comp.lang.ada,comp.lang.java.tech Date: 1997-03-19T00:00:00+00:00 List-Id: Bertrand Meyer wrote: > > We have made available on-line the paper that Jean-Marc Jezequel > and I published in the January issue of IEEE Computer about the > June 1996, software-induced $500-million crash of the Ariane 5 > mission, and the lessons it holds for software development > -- in particular the role of contracts for reusable software. > In your paper, you note that "Any team worth its salt would have checked systematically that every call satisfies the precondition.", which is, of course, equally true with the code in Ada, or any other language. It is interesting that you chose not to comment on the statement in the report that "it was jointly agreed not to include the Ariene 5 trajectory data in the SRI requirements and specification.". In which case, examination of the preconditions would have been unlikely to prevent the problem, because the expected trajectory was not in the requirments or specification for the re-used software. I feel that Eiffel's assertions are a good idea, but the suggestion that the use of them could have avoided the Ariene 5 crash is wrong. -- Chris Stating my own opinions, not those of my company.