From: Adrien Plisson <aplisson-news@stochastique.net>
Subject: Re: Would You Fly an Airplane with a Linux-Based Control System?
Date: Fri, 26 Nov 2004 23:22:25 +0100
Date: 2004-11-26T23:22:25+01:00 [thread overview]
Message-ID: <41a7ac28$0$30716$ba620e4c@news.skynet.be> (raw)
In-Reply-To: <mailman.125.1101477285.10401.comp.lang.ada@ada-france.org>
Marius Amado Alves wrote:
> This is better. Now, can you prove this? That the ship could get out of
> control and crash on a city for example? If C had been used instead? Or
> if the exception had not been catched? (Probably not invoking the backup
> system.)
ok, let's take an example.
the system seems to control data associated with the trajectory of the
ship. if a value arrives and overflows and if the exception is not
catched, there is a lot of chances the value will be truncated and used
as a normal value.
the result depends on the action you take with this value:
we will first consider the system is using this value to control
directly the trajectory, by acting on directionnal engines. the value is
less than the real value. you try to correct the trajectory but don't
correct enough, the ship is going out of its programmed path.
- at best, it will then miss the orbit it was programmed for: the
satellites will become useless or eventually crash on other satellites
on the same orbit, pieces of those satellites may fall down on earth.
- at worst, the correction is so bad the ship continue to be out of the
path. the more the ship derives, the more the exception arises and is
not caught, the more the values are wrong. the ship gets out of control,
and start to fall down. since it is out of control, we cannot predict
where it will fall... (maybe on cuba which will think of a strike from
the u.s. then reply with the atomic bomb. WW3 is starting).
the second case is that those values are stored and used as a reference
to calculate the absolute position of the ship throughout its journey.
obvioulsy, the ship will never take the right path and we are back in
the best case of the first consideration.
the predictability of the path the ship will take with these truncated
values is like predicating the weather: you are able to calculate for
some times ahead, but rapidly do not hve enough informations to predict
further.
now i see your next question: what had happened if C had been used
instead ? well, if C had caught the exception, the software would have
behaved the same way as the Ada software, and the ship would have
exploded too... but exception handling is not really easy in C,
considered that there is NO way in the langauge to do it (maybe the
exception handling facility that would have been implemented in C would
have been buggy...)
i can continue for a long time with ifs, maybes and suppositions. "avec
des si, on mettrais Paris en bouteille". so we will stop the
suppositions, and believe me, it is better that the ship exploded.
--
rien
next prev parent reply other threads:[~2004-11-26 22:22 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-11-22 11:44 Would You Fly an Airplane with a Linux-Based Control System? Preben Randhol
2004-11-22 13:23 ` Simon Clubley
2004-11-22 22:36 ` Brian May
2004-11-22 23:07 ` Ed Falis
2004-11-22 23:29 ` David Botton
2004-11-23 4:11 ` Alexander E. Kopilovich
2004-11-23 9:24 ` Martin Krischik
2004-11-25 18:28 ` Mike Silva
2004-11-25 20:15 ` David Botton
2004-11-26 3:11 ` Alexander E. Kopilovich
2004-11-26 10:11 ` Alex R. Mosteo
2004-11-26 11:51 ` Marius Amado Alves
2004-11-26 12:32 ` Alex R. Mosteo
2004-11-26 13:40 ` Adrien Plisson
2004-11-26 13:54 ` Marius Amado Alves
2004-11-26 22:22 ` Adrien Plisson [this message]
2004-11-27 0:24 ` Marius Amado Alves
2004-11-29 1:23 ` Georg Bauhaus
2004-12-04 18:58 ` Enrique Laso Leon
2004-12-05 1:29 ` Alexander E. Kopilovich
2004-12-05 13:50 ` Would You Fly an Airplane with a Linux-Based Control Larry Kilgallen
2004-12-06 13:20 ` Would You Fly an Airplane with a Linux-Based Control System? Simon Clubley
[not found] ` <oSFxff11_F@VB1162.spb.edu>
2004-11-26 11:40 ` Marius Amado Alves
2004-11-26 12:21 ` Jean-Pierre Rosen
2004-11-26 13:00 ` Vinzent 'Gadget' Hoefler
2004-11-26 19:25 ` Jeffrey Carter
2004-11-26 19:50 ` Marius Amado Alves
2004-11-26 22:58 ` Simon Wright
2004-11-27 20:24 ` Jeffrey Carter
2004-11-29 1:09 ` Georg Bauhaus
2004-11-29 20:06 ` Preben Randhol
2004-11-26 20:58 ` Mike Silva
2004-11-27 0:06 ` Marius Amado Alves
2004-11-27 0:55 ` Rod Haper
2004-11-27 1:31 ` Marius Amado Alves
2004-11-27 8:07 ` Martin Krischik
2004-11-27 9:16 ` Dmitry A. Kazakov
2004-11-27 9:51 ` Marius Amado Alves
2004-11-27 13:44 ` Dmitry A. Kazakov
2004-11-29 20:13 ` Preben Randhol
2004-11-27 20:31 ` Jeffrey Carter
2004-11-27 7:59 ` Martin Krischik
2004-11-27 8:24 ` Pascal Obry
2004-11-27 19:36 ` Mike Silva
2004-11-26 21:09 ` Mike Silva
2004-11-27 0:15 ` Marius Amado Alves
2004-11-27 19:41 ` Mike Silva
2004-11-27 7:47 ` Martin Krischik
2004-11-29 20:04 ` Preben Randhol
2004-11-30 3:11 ` Alexander E. Kopilovich
2004-11-30 15:20 ` Mike Silva
2004-12-01 2:51 ` Alexander E. Kopilovich
2004-11-30 13:24 ` Martin Krischik
2004-11-30 17:28 ` Preben Randhol
2004-12-01 9:27 ` Martin Krischik
2004-12-01 16:59 ` Preben Randhol
2004-12-01 18:53 ` Martin Krischik
2004-12-02 21:07 ` Preben Randhol
2004-12-05 6:52 ` Brian May
2004-11-23 12:28 ` Georg Bauhaus
2004-11-23 10:35 ` Robert Kaiser
2004-11-23 12:36 ` Martin Krischik
2004-11-23 21:16 ` Simon Wright
2004-11-23 22:09 ` Brian May
2004-11-24 6:07 ` Simon Wright
2004-11-24 14:39 ` Mike Silva
-- strict thread matches above, loose matches on Subject: below --
2004-11-29 6:33 Christoph Karl Walter Grein
2004-11-29 6:45 Christoph Karl Walter Grein
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox