Hacker News new | ask | show | jobs
by ivanperez-keera 1648 days ago
One day I'll learn rust and maybe then I'll understand.

> live with developing processes to stay on top of updates like the rest of us?

NASA follows very robust software engineering processes (even for research projects like e.g., Copilot and, to a lesser extend, Ogma). It would not be able to do what it does if it didn't.

This is a topic for a longer discussion and definitely not to be had here, but I will say that it's not conductive to a constructive discussion to see it as a problem with our processes, or us ("developing processes to stay on top of updates", "like the rest of us").

The people who work on these things are smart. This is a topic we've had long discussions on. If it was obvious or viable to fix internally, we would have done it already.

I have been programming in particular in Haskell for 20y. I've worked for all kinds of companies and organizations, big and small, for the last 18y. I am like the rest of us. The problem is not exclusive to NASA, and NASA's processes are not to blame here.

It's a problem with how to build languages and ecosystems.
1 comments
vlovich123 1648 days ago
My comment was not meant to disparage the work that NASA does so apologies since that’s the way it landed. The engineers working on NASA are really good. I was just trying to convey that the requirements you have are very different from the general ecosystem and thus you will always have a greater cost to do engineering. Where possible, it’s always cheaper to relax constraints at the program level, not at the individual software component level (eg auxiliary components that have a recovery path in the case of SW faults). My impression is that NASA generally strives for highly reliable systems although I think they’re getting better with the Mars copter experiment. SpaceX is also doing good work trying to drive the cost down by making launches less expensive (that way SW faults aren’t as critical in most systems and payloads themselves don’t need high reliability because they can just retry).

On the dependency front, Rust solves this about as well as you can hope for at the language level since dependencies between components don’t imply anything else about the dependency chain. I was just trying to convey that at that point there’s no way I can think of to reduce the cost of upgrading unless you make agreements with your exact SW dependencies about what versioning and changes look like for them (for general OSS that’s not generally tenable as NASA is likely to be a very small use case compared with the number of environments a popular package might get deployed to). That works in some cases but there’s no way to enforce that and nothing any language can do about it.

Generally I’ve found that organizations ossify their dependency chain on the assumption of “if it ain’t broke don’t fix it”. I’m not sure I buy that because that’s just tech debt that starts accruing and it’s better to just always pay a little bit of money along the way. Of course I don’t have any experience running teams on the kinds of problem domains NASA focuses on so I can’t speak to which development process is better for that use case. All I can note is that using off the shelf software and reducing the reliability requirements on as many components as possible generally results in a cheaper outcome (eg the Mars drone). When you’re in that domain you’re out of the high reliability domain of expensive space rocket launches and into more of the traditional SW development processes. Generally I’ve seen Rust libraries do semver better than most since that’s culturally the expectation. Even with Semver though you’re stuck if the library authors decide to go to the next major version.

link
ivanperez-keera 1647 days ago
There's a lot of things that you are not seeing. This problem is not specific to NASA, or to the safety-critical domain.

This is a topic for a longer discussion and definitely not to be had here.

link