Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.1 6/24/83; site ubc-cs.UUCP Path: utzoo!utcsri!sask!alberta!ubc-vision!ubc-cs!ludemann From: ludemann@ubc-cs.UUCP (Peter Ludemann) Newsgroups: can.politics Subject: Re: problems with Star Wars #2 (part 2: the crux) Message-ID: <1213@ubc-cs.UUCP> Date: Wed, 14-Aug-85 00:38:12 EDT Article-I.D.: ubc-cs.1213 Posted: Wed Aug 14 00:38:12 1985 Date-Received: Fri, 16-Aug-85 00:41:38 EDT References: <16069@watmath.UUCP> Reply-To: ludemann@ubc-cs.UUCP (Peter Ludemann) Distribution: can Organization: UBC Department of Computer Science, Vancouver, B.C., Canada Lines: 22 > .... Human beings deal better with >unexpected situations than computer programs. Agreed. I worked on real-time systems at BNR (telephone switching, which is *much* better defined than missile detection) and observed in my code and others' code that one of the most common causes of bugs (besides not understanding the problem) was the extra code put in to catch exceptional conditions. This code was needed because the system had very high reliability requirements - it just wasn't supposed to crash (mustn't stop that phone call to your granny in Moose Jaw). But very often this code would not only not catch the exceptional conditions, it would cause crashes under normal conditions. Rigourous testing, type-checking compilers, etc. helped produce a very reliable system, but I'm extremely sceptical about the reliability of a system many times bigger than a telephone switch, which can't be tested to nearly the same extent and whose problem domain is much less well defined. -- ludemann%ubc-vision@ubc-cs.uucp (ubc-cs!ludemann@ubc-vision.uucp) ludemann@cs.ubc.cdn ludemann@ubc-cs.csnet Peter_Ludemann@UBC.mailnet