Program logic bugs vs input/environmental errors
Piotrek via Digitalmars-d
digitalmars-d at puremagic.com
Fri Oct 3 11:00:57 PDT 2014
On Friday, 3 October 2014 at 15:43:59 UTC, Sean Kelly wrote:
> My point, and I think Kagamin's as well, is that the entire
> plane is a system and the redundant internals are subsystems.
> They may not share memory, but they are wired to the same
> sensors, servos, displays, etc. Thus the point about shutting
> down the entire plane as a result of a small failure is fair.
This "real life" example:
http://en.wikipedia.org/wiki/Air_France_Flight_447
I just pick some interesting statements (there are other factors
described as well):
"temporary inconsistency between the measured speeds, likely as a
result of the obstruction of the pitot tubes by ice crystals,
causing autopilot disconnection and reconfiguration to alternate
law;"
And as I can see it, all subsystems related to the "small
failure" was shut down. But what is also important information
was not clearly provided to the pilots:
"Despite the fact that they were aware that altitude was
declining rapidly, the pilots were unable to determine which
instruments to trust: it may have appeared to them that all
values were incoherent"
"the cockpit lacked a clear display of the inconsistencies in
airspeed readings identified by the flight computers;"
Piotrek
More information about the Digitalmars-d
mailing list