From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-0.4 required=5.0 tests=AC_FROM_MANY_DOTS,BAYES_00
	autolearn=no autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,c617ae447ca32f2f
X-Google-Attributes: gid103376,public
X-Google-ArrivalTime: 2002-04-12 04:15:08 PST
Path: 
 archiver1.google.com!news1.google.com!newsfeed.stanford.edu!newsfeeds.belnet.be!news.belnet.be!news-x2.support.nl!psinet-eu-nl!psiuk-p4!uknet!psiuk-p3!uknet!psiuk-n!news.pace.co.uk!nh.pace.co.uk!not-for-mail
From: "Marin David Condic" <dont.bother.mcondic.auntie.spam@[acm.org>
Newsgroups: comp.lang.ada
Subject: Re: Ariane Failure
Date: Thu, 11 Apr 2002 09:17:15 -0400
Organization: Posted on a server owned by Pace Micro Technology plc
Message-ID: <a942ct$e6n$1@nh.pace.co.uk>
References: <ee2a195b.0203260725.a02dbfe@posting.google.com>
 <a82kea$blp$1@slb0.atl.mindspring.net> <3CA50E9A.CBF24F1B@lanl.gov>
 <a84f5p$nlm$1@slb5.atl.mindspring.net> <a8oo51$tsk$2@slb2.atl.mindspring.net>
 <a8s7nu$ibo$1@nh.pace.co.uk> <3CB3031A.26E08904@gbr.msd.ray.com>
 <ub6v7img833q49@news.supernews.com> <3CB435A4.8A011DF1@gbr.msd.ray.com>
 <a91cv1$5s6$1@nh.pace.co.uk> <3CB4DD65.99F17199@top.monad.net>
NNTP-Posting-Host: dhcp-200-133.miami.pace.co.uk
X-Trace: nh.pace.co.uk 1018531037 14551 136.170.200.133 (11 Apr 2002 13:17:17
 GMT)
X-Complaints-To: newsmaster@news.cam.pace.co.uk
NNTP-Posting-Date: 11 Apr 2002 13:17:17 GMT
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 5.50.4522.1200
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Xref: archiver1.google.com comp.lang.ada:22417
Date: 2002-04-11T13:17:17+00:00
List-Id: <comp.lang.ada>

"Steve O'Neill" <oneills@top.monad.net> wrote in message
news:3CB4DD65.99F17199@top.monad.net...
>
> Agreed... except when the potential result may be raining down flaming
> pieces of a billion dollars worth of satellite.  As I recall the photos
> were very impressive.
>
Well, I'm impressed by the photos too. It can be very educational to
engineers to look over the videos and photos of various engineering
disasters. There are plenty to choose from.

I'll still disagree that dual-redundant identical systems are a bad idea in
rocket technology and that they are somehow inherently less safe than
dissimilar systems. Having worked in that field I know some of the thinking
that goes into these sorts of designs and lots of highly reliable identical
systems have been built. "Dissimilar" only protects you from common design
errors - maybe. It also increases the probability that there *will* be a
design error. When considering the potential designs for a given piece of
avionics, you need to look very carefully at all the possible failure modes
you can think of and look at the probabilities of those failures occurring
and ask how well a given design strategy will minimize the risk. Dual
redundant, identical systems can and do function very well and at very high
levels of reliability and it isn't automatically clear that for a given
application a dual redundant dissimilar system is going to improve
reliability. In fact, quite the opposite might be the case.

MDC
--
Marin David Condic
Senior Software Engineer
Pace Micro Technology Americas    www.pacemicro.com
Enabling the digital revolution
e-Mail:    marin.condic@pacemicro.com