[chbot] embedded systems software failures

Mark Atherton markaren1 at xtra.co.nz
Sat May 18 23:18:10 BST 2013 

Hi Charles,

Please excuse the reply to your message via the wrong group, but 
there might be some other interested parties here. I am quite 
interested in your project below, but surely you have the unenviable 
task of trying to establish initial requirements and specification 
for each project before you can look at code implementation and 
possible associated failure mechanisms. With a strong specification, 
a validated and trusted compiler, some means of rigorous static 
analysis, followed by exhaustive testing, a lot of issues can be 
resolved on the bench, or at least on the keyboard. But systems can 
still fail badly by asking the wrong question at requirements and 
specification time - and coming up with the perfect solution to the 
wrong question.

On a vaguely related theme: Many years ago I had an extraordinary 
conversation with the Engineering Manager of an audio related company 
in California. He had advertised for a 'C++ programmer'. So knowing 
nothing about C++, but a bit about audio I picked up the phone and 
called him. He was adamant that all of his project troubles could be 
fixed if he moved the to C++. After some discussion, it turns out he 
had a (serious) requirements problem. No one knew what the product 
was supposed to do (in detail). I tried to carefully explain that 
putting 60% of the project into finding out the question and the 
remainder into coding, testing and integration would save him immense 
problems and he could code it in assembler if he liked, it was much 
more important to understand the question first. He was not a 
happy-bear to hear this! A couple of years later I heard he had been 
fired about 6 months after our phone call for incompetence.

Anyway, most interested to see what you turn up with your project.

Club meeting on Monday - are we going to see you ?

Regards,

Mark


=======

charlesmanning
[]

I'm trying to build up a list of, say, 10 classic embedded systems 
software failures and analyse them to the extent to determine what 
could have fixed them.

The purpose is mainly to provide an acid test as to whether the use 
of a different language (say a very robust language like Ada vs say 
C) might have eventuated in a different outcome.

So far my list has:

Therac-25
Airbus A320 crash at airshow (operator lockout)
Mars Climate Orbiter (metres to feet)
Arian 5 (exception fouling floating point ops)

More information about the Chchrobotics mailing list