Update on Ariane 501

06/07/2013 — Leave a comment

Ariane 501 Launch

In 1996 the European Space Agency lost their brand new Ariane 5 launcher on it’s first flight. Here’s a recently updated annotated version of that report. I’d also note that the software that faulted was written using Ada a ‘strongly typed’ language, which does point to a few small problems with the use of such languages.

The first problem is that there are always language trap doors which programmers can exploit. In this case they decided to leave an operand error (an overflow condition) as an unchecked conversion which is all perfectly legal in Ada.

The second problem is that Ada has a ‘fail hard’ approach to error handling, which resulted in it throwing an exception upon detection of the overflow. A slightly less rigorous language would have probably just kept on keeping on.

Language is not enough, software designers and programmers must understand both the power, and limitations, of the tools that they use. Simply requiring the use of ‘strongly typed’ languages as, for example, ISO 61508 does, unfortunately does not automatically confer greater safety.

No Comments

Be the first to start the conversation!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s