

Boeing 777 accident due to software failure? - eusman
http://blogs.law.harvard.edu/philg/2008/01/19/boeing-777-accident-engineers-giveth-and-programmers-taketh-away/

======
edw519
What ever happened to triple redundancy? If it's all within the software, then
it is not redundant.

~~~
donal
Even if it wasn't all within the software (which I would strongly doubt), the
problem with safety and of complex systems is that the safer you try to make
it, the more complex the system becomes and that in itself reduces the
reliability and safety of the system.

If you add a monitor to check to see if a critical piece is running, then you
need another to check if that is running, etc... This applies to both hardware
and software. Then you layer on top of all the features of the system layers
of process like CMMI, ISO whatever, etc. and designs are reviewed by committee
after committee and eventually the design has to be approved and the cost
keeps skyrocketing.

