[bumby]

I don't think the "every working button" buys you much here because is could just as easily be stated as "every working touchscreen does the same thing every time I press it". The point from reliability engineering is that everything works until it doesn't. The difficulty with software systems is that they often have complexity that is tough to understand all the paths let alone test/mitigate them (see Boeing 737 Max as a recent example).

You bring up really good points on the zero gravity considerations. It would be interesting to see SpaceX's FMEA on this system to see what all they've considered.

[Phillipharryt]

?? Touchscreen interfaces almost always have contextual displays. So no touching it doesn't always do the same thing every time I press it. The space where a spacebar is on your phone is the same space that is sometimes the camera button. I think contextual design does not suit important interfaces.

[bumby]

I meant it in terms of pressing a working contextual display. I think we're saying the same thing. Software introduces many more failure pathways so it's often not suitable for primary hazard mitigation.