From: Samuel Mize <smize@link.com>
Subject: Re: Critique of Ariane 5 paper (finally!)
Date: 1997/08/13
Date: 1997-08-13T00:00:00+00:00 [thread overview]
Message-ID: <33F20BCE.AB3@link.com> (raw)
In-Reply-To: dewar.871389016@merv
Robert Dewar wrote:
>
> Bertrand says
>
> <<As convincingly as I could, my colleagues and I
> have explained: why in our view
> software technology crucially requires the systematic use of
> Design by Contract; why Design by Contract is a
> necessary condition to avoid more Ariane-like failures;
> and what is missing in this respect in such approaches
> as Java, Ada, C++, IDL.>>
>
> Your argument at *best* says that DBC might have been a *sufficient*
> condition for avoiding the Ariane failure. Even there, it seems
> over-facile and rather academic, and does not seem to understand
> fully the exact nature of the Ariane problem.
DBC proponents have said that using DBC IMPLIES review of
requirements, review of design, and testing the component.
In this case, the claim that DBC would "probably" have prevented
the crash is nugatory but true.
However, the claim that "widely accepted industry practices" would
not have done so is false. Requirements review, design review, and
in-situ test are standard for a mission-critical component. Not
ONE of these was done for the Ariane 5 INS. To claim that this is
"widely accepted industry practice" is disingenuous at best, and
appears intentionally misleading to a lot of us.
It is this false claim that destroys the argument that DBC is
"a necessary condition to avoid more Ariane-like failures."
It's rather like saying that a new method of navigation would
"probably" have prevented the Exxon Valdez crash. True, but
only because ANY navigation would have prevented it!
> But to make the jump from sufficient to necessary is completely
> without basis, and can only be regarded as advertising puffery.
Which appeared in a column in IEEE Computer magazine, positioning
it deceptively as a technical item instead of an ad.
Samuel Mize
next prev parent reply other threads:[~1997-08-13 0:00 UTC|newest]
Thread overview: 66+ messages / expand[flat|nested] mbox.gz Atom feed top
1997-08-03 0:00 Critique of Ariane 5 paper (finally!) Ken Garlington
[not found] ` <dewar.870870888@merv>
[not found] ` <33E8FC54.41C67EA6@eiffel.com>
1997-08-07 0:00 ` Juergen Schlegelmilch
1997-08-07 0:00 ` Ken Garlington
1997-08-07 0:00 ` Ken Garlington
[not found] ` <33EB4935.167EB0E7@eiffel.com>
1997-08-08 0:00 ` Bertrand Meyer
1997-08-08 0:00 ` Ken Garlington
1997-08-08 0:00 ` Ken Garlington
1997-08-11 0:00 ` Don Harrison
1997-08-11 0:00 ` Bertrand Meyer
1997-08-12 0:00 ` Robert Dewar
1997-08-13 0:00 ` Bertrand Meyer
1997-08-13 0:00 ` Ken Garlington
1997-08-16 0:00 ` Robert Dewar
1997-08-17 0:00 ` Bertrand Meyer
1997-08-19 0:00 ` Ken Garlington
1997-08-20 0:00 ` Robert Dewar
1997-08-21 0:00 ` Thomas Beale
1997-08-21 0:00 ` Robert Dewar
[not found] ` <33FD8685.AAAE3B4F@stratasys.com>
1997-08-22 0:00 ` Robert Dewar
[not found] ` <3401811D.1700E7BE@stratasys.com>
1997-08-25 0:00 ` Jon S Anthony
1997-08-29 0:00 ` Ken Garlington
1997-08-29 0:00 ` Jeff Kotula
1997-09-02 0:00 ` Ken Garlington
[not found] ` <33FE8732.4FBB@invest.amp.com.au>
1997-08-26 0:00 ` Nick Leaton
[not found] ` <33FFA324.4DB9@flash.net>
[not found] ` <34013F3E.27D4@invest.amp.com.au>
1997-08-29 0:00 ` Ken Garlington
1997-08-23 0:00 ` Ken Garlington
1997-08-20 0:00 ` Robert Dewar
[not found] ` <33FB3B29.41C67EA6@eiffel.com>
1997-08-20 0:00 ` Bertrand Meyer
[not found] ` <5tv9cs$85q@nntpa.cb.lucent.com>
[not found] ` <340341CA.2F1CF0FB@eiffel.com>
1997-08-27 0:00 ` Samuel Mize
1997-08-29 0:00 ` Ken Garlington
1997-08-21 0:00 ` W. Wesley Groleau x4923
1997-08-22 0:00 ` Bertrand Meyer
1997-08-22 0:00 ` W. Wesley Groleau x4923
1997-08-16 0:00 ` Robert Dewar
1997-08-13 0:00 ` Samuel Mize [this message]
1997-08-13 0:00 ` Ken Garlington
[not found] ` <33F22AD8.41C67EA6@eiffel.com>
1997-08-13 0:00 ` Bertrand Meyer
1997-08-13 0:00 ` Ken Garlington
[not found] ` <33F28DBF.794BDF32@eiffel.com>
1997-08-13 0:00 ` Bertrand Meyer
1997-08-15 0:00 ` Ken Garlington
1997-08-15 0:00 ` Jon S Anthony
1997-08-16 0:00 ` Ken Garlington
1997-08-14 0:00 ` Jon S Anthony
1997-08-14 0:00 ` Bertrand Meyer
1997-08-15 0:00 ` Jon S Anthony
1997-08-14 0:00 ` Matthew Heaney
1997-08-14 0:00 ` geldridg
1997-08-14 0:00 ` Samuel Mize
1997-08-15 0:00 ` Thomas Beale
1997-08-15 0:00 ` Samuel Mize
1997-08-15 0:00 ` Bertrand Meyer
1997-08-15 0:00 ` Jon S Anthony
1997-08-16 0:00 ` Ken Garlington
1997-08-14 0:00 ` Robert S. White
1997-08-15 0:00 ` Ken Garlington
1997-08-16 0:00 ` Robert Dewar
1997-08-09 0:00 ` Marinos J. Yannikos
-- strict thread matches above, loose matches on Subject: below --
1997-08-21 0:00 aek
[not found] ` <33FC66AD.9A0799D4@calfp.co.uk>
1997-08-22 0:00 ` Robert S. White
1997-08-22 0:00 ` Samuel Mize
1997-08-22 0:00 ` Samuel Mize
1997-08-23 0:00 ` Ken Garlington
[not found] ` <33FFA4B1.3543@flash.net>
1997-08-26 0:00 ` Nick Leaton
[not found] ` <3406BEF7.2FC3@flash.net>
[not found] ` <3406E0F7.6FF7ED99@calfp.co.uk>
1997-09-02 0:00 ` Ken Garlington
1997-08-22 0:00 Critique of Ariane 5 paper (finally) AdaWorks
1997-08-22 0:00 Critique of Ariane 5 paper (finally!) Marin David Condic, 561.796.8997, M/S 731-96
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox