|
|
|
|
|
|
by svleest
1079 days ago
|
|
|
Using redundant systems helps detect (dual redunant) and even correct (triple modular redundant) physical faults in the system, where one system will provide a different answer than the other(s). System redundancy does not detect/correct for design flaws, which are a common mode failure. Catching design flaws is currently done by testing (compared to known correct answers) and peer review (by domain experts). Someday, mathematical proofs might be used (known as "formal methods"), but currently these are only possible to use on very small software projects, such as the seL4 project that formally proved correctness for around 10K lines of code. |
|
|