Everyone who writes safety critical software should read this

[Walter Bright]

On 10/31/2013 9:00 AM, eles wrote:
> Basically, I think that critical code is almost always developed as if being
> transaction-based. It succeeds or it leaves no trace.

That's great for the software.

What if the hardware fails? Such as a bad memory bit that flips a bit in the 
perfect software, and now it decides to launch nuclear missiles?