From: "Marin David Condic" <dont.bother.mcondic.auntie.spam@[acm.org>
Subject: Re: Ariane Failure
Date: Tue, 9 Apr 2002 15:44:22 -0400
Date: 2002-04-09T19:44:24+00:00 [thread overview]
Message-ID: <a8vgao$7gv$1@nh.pace.co.uk> (raw)
In-Reply-To: 3CB33C0A.9125A6A7@lanl.gov
Not having been on the design team, I obviously can't state definitively
what their reasoning was. This was my best possible interpretation of the
situation after reading the report. Its been quite a while (yet still this
topic comes up! :-) since I last read the report but having been involved in
similar system designs (dual-redundant engine controls rather than dual
redundant IRS's) my best interpretation was that they had two computers
looking at two separate sets of sensors. (I'll bow to a more authoritative
source on this - but that's my best recollection.)
Your big risk is not so much that the computer itself will fail (which you
can't do much about with software anyway, right?) but that a sensor or
actuator will fail. Dual redundant computers that are looking at the same
set of sensors would create a common-mode failure and loss of a sensor would
make both computers useless. Not much point in dual redundancy then is
there? :-)
MDC
--
Marin David Condic
Senior Software Engineer
Pace Micro Technology Americas www.pacemicro.com
Enabling the digital revolution
e-Mail: marin.condic@pacemicro.com
"Bill" <wclodius@lanl.gov> wrote in message
news:3CB33C0A.9125A6A7@lanl.gov...
>
> Are you sure this was their reasoning? My interpretation of the reasoning
was
> that it had to be a hardware failure, but the only hardware they could do
> anything about was the processor interpretting the sensor data, wo they
> transferred control to another processor handling the same sensor data.
with
> the same program.
>
next prev parent reply other threads:[~2002-04-09 19:44 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <ee2a195b.0203260725.a02dbfe@posting.google.com>
2002-03-29 18:56 ` Ariane Failure Richard Riehle
2002-03-29 20:56 ` Michael Feathers
2002-03-30 1:02 ` Bill
2002-03-30 3:20 ` Keith Ray
2002-03-30 12:12 ` John Roth
2002-03-30 13:36 ` Michael Feathers
2002-04-01 15:22 ` Marin David Condic
[not found] ` <a8oo51$tsk$2@slb2.atl.mindspring.net>
2002-04-08 13:59 ` Marin David Condic
2002-04-09 12:49 ` John Roth
2002-04-09 14:58 ` Steve O'Neill
2002-04-09 15:04 ` Steve O'Neill
2002-04-09 23:00 ` John Roth
2002-04-10 12:52 ` Steve O'Neill
2002-04-10 12:59 ` Marin David Condic
2002-04-11 0:48 ` Steve O'Neill
2002-04-11 13:17 ` Marin David Condic
2002-04-11 13:47 ` Ted Dennison
2002-04-11 14:15 ` Marin David Condic
2002-04-11 12:12 ` fdebruin
2002-04-11 14:33 ` Larry Kilgallen
2002-04-11 18:16 ` Ted Dennison
2002-04-11 18:30 ` Marin David Condic
2002-04-09 19:07 ` Bill
2002-04-09 19:44 ` Marin David Condic [this message]
2002-04-01 15:08 ` Marin David Condic
2002-04-02 18:32 ` Wes Groleau
2002-04-02 18:42 ` Marin David Condic
1996-06-28 0:00 Robert B. Love
1996-07-01 0:00 ` Ken Garlington
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox