From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-2.9 required=5.0 tests=BAYES_00,MAILING_LIST_MULTI
	autolearn=unavailable autolearn_force=no version=3.4.4
X-Google-Thread: 103376,ac9405996d0dcb7f
X-Google-Attributes: gid103376,public
X-Google-Language: ENGLISH,ASCII-7-bit
Path: 
 g2news1.google.com!news2.google.com!proxad.net!usenet-fr.net!enst.fr!melchior!cuivre.fr.eu.org!melchior.frmug.org!not-for-mail
From: "Alexander E. Kopilovich" <aek@VB1162.spb.edu>
Newsgroups: comp.lang.ada
Subject: Re: Would You Fly an Airplane with a Linux-Based Control
    System?
Date: Sun,  5 Dec 2004 04:29:36 +0300 (MSK)
Organization: Cuivre, Argent, Or
Message-ID: <mailman.172.1102210142.10401.comp.lang.ada@ada-france.org>
References: <ZMnsd.1657$Of5.1155@nntpserver.swip.net>
NNTP-Posting-Host: lovelace.ada-france.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Trace: melchior.cuivre.fr.eu.org 1102210141 63438 212.85.156.195 (5 Dec 2004
 01:29:01 GMT)
X-Complaints-To: usenet@melchior.cuivre.fr.eu.org
NNTP-Posting-Date: Sun, 5 Dec 2004 01:29:01 +0000 (UTC)
To: comp.lang.ada@ada-france.org
Return-Path: <aek@VB1162.spb.edu>
In-Reply-To: <ZMnsd.1657$Of5.1155@nntpserver.swip.net>;
	from Enrique Laso Leon at Sat, 4 Dec 2004 19:58:07 +0100
X-Mailer: Mail/@ [v2.45 MSDOS]
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at ada-france.org
X-BeenThere: comp.lang.ada@ada-france.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Gateway to the comp.lang.ada Usenet newsgroup"
	<comp.lang.ada.ada-france.org>
List-Unsubscribe: <http://www.ada-france.org/mailman/listinfo/comp.lang.ada>,
	<mailto:comp.lang.ada-request@ada-france.org?subject=unsubscribe>
List-Post: <mailto:comp.lang.ada@ada-france.org>
List-Help: <mailto:comp.lang.ada-request@ada-france.org?subject=help>
List-Subscribe: <http://www.ada-france.org/mailman/listinfo/comp.lang.ada>,
	<mailto:comp.lang.ada-request@ada-france.org?subject=subscribe>
X-Original-Content-Transfer-Encoding: 7bit
Xref: g2news1.google.com comp.lang.ada:6765
Date: 2004-12-05T04:29:36+03:00

Enrique Laso Leon wrote:

> The problem here was that the people who designed the IRS for Ariane 4 used
>an asumption on its trajectory in order to avoid a check that would have
>made the software tolerant to Ariane 5 trajectory (but why ?).
Yes, why?... Why what? Why they avoid that check or why they didn't think
about possible unhappy consequences for Ariane 5, Ariane 6, etc., assuming
all kinds of misuse attempts? Or perhaps they should design that IRS as truly
universal, suitable not for rockets only, but for all future devices that
need a functionality of this sort?

> This is at
>best ignoring a basic rule of engineering : expect your design to be used in
>a way you did not think about, because this is just what is going to happen.
To which limits? Are there any limits or not? Are those limits the same for
all kinds of products - commodities, standard parts, unique systems (rockets,
for example)? Who is in charge for setting those limits? Is there any basic
rule for judging from outside whether those limits were set incorrectly when
they were exceeded and disaster happened?





Alexander Kopilovich                      aek@vib.usr.pu.ru
Saint-Petersburg
Russia