|
|
|
|
|
|
by user5994461
3499 days ago
|
|
|
> It was that it was handled with "whatever" (execute random instructions)! by intentionally omitting the handlers. Which is a perfectly valid course of action. In fact, it is usually the only correct course of action, because there is no other correct course of action to take. A "keep the maximum value as the result" is always plain wrong (and that extends to all cases of <return whatever fixed value sounds cool>), it wouldn't pass a code review. Source: That's covered in the "safety & testing" courses of my previous university, that happen to be given by one guy who worked on the Arianes. :p |
|
|
http://www.math.umn.edu/~arnold/disasters/ariane5rep.html
"4. RECOMMENDATIONS"
"R3 Do not allow any sensor, such as the inertial reference system, to stop sending best effort data."
See my other post, they effectively have sent something random ("diagnostics" instead of the data). And this piece of software wasn't even needed to run:
"R1 Switch off the alignment function of the inertial reference system immediately after lift-off. More generally, no software function should run during flight unless it is needed."
And of course, everything wasn't even tested together:
"R2 Prepare a test facility including as much real equipment as technically feasible, inject realistic input data, and perform complete, closed-loop, system testing. Complete simulations must take place before any mission. A high test coverage has to be obtained."