|
|
|
|
|
|
by letitbeirie
1613 days ago
|
|
|
> physical systems, say a spaceship, which require critical capabilities and operational regimes, and ask if fallback fault management is really a 'bad idea'. Depends on context obviously but IME as a controls engineer, what you want is a failsafe, not a fallback. AWS calls a fallback when you "use a different mechanism to achieve the same result." Failsafes are all about returning the system to a stable and controllable state - if you can salvage the result that's great, but if it takes flaring off $10,000,000 worth of distillate to stabilize the system that's fine too. |
|
|