This thread on Hacker News terrifies me

[Walter Bright]

On 9/1/2018 3:49 AM, Dennis wrote:
> On Friday, 31 August 2018 at 22:23:09 UTC, Walter Bright wrote:
>> For example, in any CS program, are there any courses at all about this?
> 
> In Year 1 Q4 of my Bachelor CS, there was a course "Software Testing and Quality 
> Engineering" which covered things like test types (unit, end-to-end, smoke  
> etc.), code coverage and design by contract. They taught how to implement 
> invariants, preconditions and postconditions in Java by manually placing asserts 
> (since unlike D, there's no `in`, `out` or `invariant` keywords in Java) but I 
> don't recall anything related to recovery from errors, or using aviation safety 
> principles to make a safe system from unreliable parts. They said that you can 
> decide between security and performance when choosing to leave asserts on/off in 
> release builds.

Sigh.

It's not just the software industry. Industry outside of aerospace appears to be 
ignorant of it. See the Deepwater Horizon, Fukushima, medical devices, Toyota 
car computers, it just goes on and on.

One of my favorite examples is when the power failed in New Orleans during a 
storm, and the city flooded. Guess where the backup generators were located? In 
the basements! The flooding took them out. Only one building had power after the 
disaster, and they'd located the emergency generator above sea level.

Only one did that.

The backups were destroyed by the same situation that caused the need for the 
backups - flooding from power failure. Completely worthless design, because the 
systems were coupled.