Embedded software DbC
Kagamin
spam at here.lot
Sun Aug 1 22:34:28 PDT 2010
bearophile Wrote:
> This is a paper that shows why DbC can not enough in some situations, by Ken Garlington, 1998:
> http://home.flash.net/~kennieg/ariane.html
>
> In the situation like the one of the Ariane I think the good solution is the introduce a fuzzy control system that has a degradation of its effectiveness as conditions come out of its specs, but avoids a total failure. This is what biological designs too do. It's a kind of 'defensive programming'.
>
>From what I heard, the software for Ariane was physically unable to handle Ariane, so no matter what assertions you put into it, it would crash.
More information about the Digitalmars-d
mailing list