Re: Ariane Failure

comp.lang.ada
 help / color / mirror / Atom feed

From: "John Roth" <johnroth@ameritech.net>
Subject: Re: Ariane Failure
Date: Tue, 9 Apr 2002 19:00:15 -0400
Date: 2002-04-09T19:00:15-04:00	[thread overview]
Message-ID: <ub6v7img833q49@news.supernews.com> (raw)
In-Reply-To: 3CB3031A.26E08904@gbr.msd.ray.com


"Steve O'Neill" <oneils@gbr.msd.ray.com> wrote in message
news:3CB3031A.26E08904@gbr.msd.ray.com...
> Marin David Condic wrote:
> > The software module in question was originally analyzed on Ariane 4
with a
> > veiw toward improving speed. They had a shortage of CPU cycles and
had
> > identified this one module as a major consumer of resources. They
changed
> > the code to eliminate all the range checking and other "safety
features"
> > (not at all uncommon in this business) in order to speed it up. This
was not
> > without analysis that examined the possible valid ranges for various
numbers
> > and mathematically reasoning about it & coming to the conclusion
that any
> > values that would possibly generate a hardware overflow error could
not be
> > in the valid flight path of the Ariane 4 - hence it was likely to be
a
> > sensor failure and the proper accommodation would be to transfer
control to
> > the other channel.
>
> And here was another of the fatal system design flaws that should
never
> have been made... it seems that this 'other channel' was an
*identical*
> system which, of course, reacted in the same manner.  Leaving the poor
> flight control computer with no valid data.  Ooops!

Not exactly. The assumption was that failures would be hardware,
so dual coding the software wasn't an objective.

John Roth

next prev parent reply	other threads:[~2002-04-09 23:00 UTC|newest]

Thread overview: 29+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <ee2a195b.0203260725.a02dbfe@posting.google.com>
2002-03-29 18:56 ` Ariane Failure Richard Riehle
2002-03-29 20:56   ` Michael Feathers
2002-03-30  1:02     ` Bill
2002-03-30  3:20       ` Keith Ray
2002-03-30 12:12         ` John Roth
2002-03-30 13:36       ` Michael Feathers
2002-04-01 15:22         ` Marin David Condic
     [not found]         ` <a8oo51$tsk$2@slb2.atl.mindspring.net>
2002-04-08 13:59           ` Marin David Condic
2002-04-09 12:49             ` John Roth
2002-04-09 14:58               ` Steve O'Neill
2002-04-09 15:04             ` Steve O'Neill
2002-04-09 23:00               ` John Roth [this message]
2002-04-10 12:52                 ` Steve O'Neill
2002-04-10 12:59                   ` Marin David Condic
2002-04-11  0:48                     ` Steve O'Neill
2002-04-11 13:17                       ` Marin David Condic
2002-04-11 13:47                     ` Ted Dennison
2002-04-11 14:15                       ` Marin David Condic
2002-04-11 12:12                   ` fdebruin
2002-04-11 14:33                     ` Larry Kilgallen
2002-04-11 18:16                       ` Ted Dennison
2002-04-11 18:30                         ` Marin David Condic
2002-04-09 19:07             ` Bill
2002-04-09 19:44               ` Marin David Condic
2002-04-01 15:08   ` Marin David Condic
2002-04-02 18:32     ` Wes Groleau
2002-04-02 18:42       ` Marin David Condic
1996-06-28  0:00 Robert B. Love 
1996-07-01  0:00 ` Ken Garlington

replies disabled

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox