undefined | Better HN

0 pointstwic9y ago0 comments

You have quite fairly picked me up on a cheeky exaggeration.

Lots of things had to go wrong to cause the Ariane 5 failure - including bad handling of overflow, as you mention. But to my mind, the universal last line of defence against any kind of mistake is an integration test: put all of the parts of the system together, feed them real input, and verify that you get correct output. Arianespace did not do that.

Well, until they actually launched it. It was a test flight, right? It proved to be an essential and very effective test.

0 comments

david-given9y ago

If anyone's at all interested in risk analysis or robust software, it's totally worth finding a decent writeup on the Ariane 5 failure --- it's a fascinating postmortem in just how many unexpected little things together added up to a big boom.

Everything is incredibly obvious in hindsight, of course, but making things obvious is largely what hindsight is for.

And once you've finished reading that, go look up the Therac-25...

dalke9y ago

That means there was an under-reliance on system testing, which I agree with. It doesn't imply there was an over-reliance on unit testing any more than it implies there was an over-reliance on analysis or over-reliance on the expectation of developing bug-free software.