From: "Marin David Condic" <dont.bother.mcondic.auntie.spam@[acm.org>
Subject: Re: Ariane Failure
Date: Thu, 11 Apr 2002 09:17:15 -0400
Date: 2002-04-11T13:17:17+00:00 [thread overview]
Message-ID: <a942ct$e6n$1@nh.pace.co.uk> (raw)
In-Reply-To: 3CB4DD65.99F17199@top.monad.net
"Steve O'Neill" <oneills@top.monad.net> wrote in message
news:3CB4DD65.99F17199@top.monad.net...
>
> Agreed... except when the potential result may be raining down flaming
> pieces of a billion dollars worth of satellite. As I recall the photos
> were very impressive.
>
Well, I'm impressed by the photos too. It can be very educational to
engineers to look over the videos and photos of various engineering
disasters. There are plenty to choose from.
I'll still disagree that dual-redundant identical systems are a bad idea in
rocket technology and that they are somehow inherently less safe than
dissimilar systems. Having worked in that field I know some of the thinking
that goes into these sorts of designs and lots of highly reliable identical
systems have been built. "Dissimilar" only protects you from common design
errors - maybe. It also increases the probability that there *will* be a
design error. When considering the potential designs for a given piece of
avionics, you need to look very carefully at all the possible failure modes
you can think of and look at the probabilities of those failures occurring
and ask how well a given design strategy will minimize the risk. Dual
redundant, identical systems can and do function very well and at very high
levels of reliability and it isn't automatically clear that for a given
application a dual redundant dissimilar system is going to improve
reliability. In fact, quite the opposite might be the case.
MDC
--
Marin David Condic
Senior Software Engineer
Pace Micro Technology Americas www.pacemicro.com
Enabling the digital revolution
e-Mail: marin.condic@pacemicro.com
next prev parent reply other threads:[~2002-04-11 13:17 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <ee2a195b.0203260725.a02dbfe@posting.google.com>
2002-03-29 18:56 ` Ariane Failure Richard Riehle
2002-03-29 20:56 ` Michael Feathers
2002-03-30 1:02 ` Bill
2002-03-30 3:20 ` Keith Ray
2002-03-30 12:12 ` John Roth
2002-03-30 13:36 ` Michael Feathers
2002-04-01 15:22 ` Marin David Condic
[not found] ` <a8oo51$tsk$2@slb2.atl.mindspring.net>
2002-04-08 13:59 ` Marin David Condic
2002-04-09 12:49 ` John Roth
2002-04-09 14:58 ` Steve O'Neill
2002-04-09 15:04 ` Steve O'Neill
2002-04-09 23:00 ` John Roth
2002-04-10 12:52 ` Steve O'Neill
2002-04-10 12:59 ` Marin David Condic
2002-04-11 0:48 ` Steve O'Neill
2002-04-11 13:17 ` Marin David Condic [this message]
2002-04-11 13:47 ` Ted Dennison
2002-04-11 14:15 ` Marin David Condic
2002-04-11 12:12 ` fdebruin
2002-04-11 14:33 ` Larry Kilgallen
2002-04-11 18:16 ` Ted Dennison
2002-04-11 18:30 ` Marin David Condic
2002-04-09 19:07 ` Bill
2002-04-09 19:44 ` Marin David Condic
2002-04-01 15:08 ` Marin David Condic
2002-04-02 18:32 ` Wes Groleau
2002-04-02 18:42 ` Marin David Condic
1996-06-28 0:00 Robert B. Love
1996-07-01 0:00 ` Ken Garlington
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox