Re: Ariane 5 - not an exception?

["Marin David Condic, 407.796.8997, M/S 731-93" <condicma@PWFL.COM>]

Francis Lipski <g1006@FS1.MAR.LMCO.COM> writes (with deletions):
>> > "A PL/I programmer
>> > experienced with real time systems, would have CHALLENGED
>> > such a stupid requirement that the computer be shut down by the
>> > error-handler in the event of a fixed-point overflow.  He would
>> > have had it changed.
>
>   Not always possible.  If you are in the minority and are unsuccessful
>to argue others to your point, what do you do?
>
    That's not always the case. Sometimes, the issue is "Either we do
    the project with runtime checks supressed or we don't do it at all
    because we don't have the CPU margin to make it work." Often what
    you do is turn off most or all of the runtime checks, then
    implement interrupt service routines to saturate math results on
    overflows, etc. and hope that will do the trick for any
    unanticipated errors.

    If they were running at 80% utilization without runtime checks,
    including the checks might have left an unacceptable risk. If they
    had run with checks in place and were at 98% utilization and hit a
    "corner case" in the software which drove them over 100%, we'd be
    able to sit here now and criticize them for failing to remove the
    checks to leave a safety margin on utilization.

    There's always tradeoffs in engineering. You have to weigh risks
    and rewards. Risk: public humiliation, billions of $ lost,
    thousands of casualties. Reward: a certificate with your name on
    it in a plastic frame. The Ariane 5 engineers have no doubt
    learned this lesson.

    With respect to the earlier poster's comments about "experienced
    PL/I programmers" I'd have to say that smacks of language bigotry.
    It would be the same sort of thing as saying "experienced German
    speaking engineers wouldn't have made such a stupid mistake. It's
    because the engineers were speaking French that the rocket went
    down."

    MDC

Marin David Condic, Senior Computer Engineer    ATT:        407.796.8997
M/S 731-96                                      Technet:    796.8997
Pratt & Whitney, GESP                           Fax:        407.796.4669
P.O. Box 109600                                 Internet:   CONDICMA@PWFL.COM
West Palm Beach, FL 33410-9600                  Internet:   CONDIC@FLINET.COM
===============================================================================
    "Some people say the rainforests must be saved because the cure for
    cancer might be there. Why aren't these same people worried that
    the scientist who would have found that cure might be aborted?"

        --  John Switzer
===============================================================================