Everyone who writes safety critical software should read this
Walter Bright
newshound2 at digitalmars.com
Wed Oct 30 11:12:48 PDT 2013
On 10/30/2013 3:01 AM, Chris wrote:
> On Wednesday, 30 October 2013 at 03:24:54 UTC, Walter Bright wrote:
>> Take a look at the reddit thread on this:
>>
>> http://www.reddit.com/r/programming/comments/1pgyaa/toyotas_killer_firmware_bad_design_and_its/
>>
>>
>> Do a search for "failsafe". Sigh.
>
> One of the comments under the original article you posted says
>
> "Poorly designed firmware caused unintended operation, lack of driver training
> made it fatal."
>
> So it's the driver's fault, who couldn't possibly know what was going on in that
> car-gone-mad? To put the blame on the driver is cynicism of the worst kind.
Much effort in cockpit design goes into trying to figure out what the pilot
would do "intuitively" and ensuring that that is the right thing to do.
Of course, we try to do that with programming language design, too, with varying
degrees of success.
> Unfortunately, that's a common (and dangerous) attitude I've come across among
> programmers and engineers. The user has to adapt to anything they fail to
> implement or didn't think of. However, machines have to adapt to humans not the
> other way around (realizing this was part of Apple's success in UI design,
> Ubuntu is very good now too).
>
> I warmly recommend the book "Architect or Bee":
>
> http://www.amazon.com/Architect-Bee-Human-Technology-Relationship/dp/0896081311/ref=sr_1_1?ie=UTF8&qid=1383127030&sr=8-1&keywords=architect+or+bee
>
More information about the Digitalmars-d
mailing list