Hacker News new | past | comments | ask | show | jobs | submit login

> Hardware engineers chose not to provide multiple sensors to validate AoA.

In effect you've just shifted the blame. Developers working at the lower levels could've pushed back on this harder if they were legally required to. My point is if mechanical and electronic engineers are liable then so should software guys - they need more power to say no.

> You also have to ask, what are you certifying?

An argument could be made that formal verification & ethics would be useful in this context.

> You’re also saying “not everyone gets to write software anymore” because the certification won’t be free.

Degrees aren't free either. Most developers aren't working in aerospace and won't need the rigour.

> How does open source then work?

I'm not talking about OSS. I'm talking about people who work with software that can kill people. If the Linux kernel is used as a technology in these machines then the software 'engineer' who made that decision is legally liable. The blame stops with them.




> In effect you've just shifted the blame.

No. If the bug was in the software (say the bug was numeric underflow leading to crashing) it would be software. In this case the software engineers would have been told "here is your current AoA" and adjust the plane correctly in response. The hardware engineers/designers then provided them with unvalidated data, and I assume no details on the error rate (presumably because that would get the whole system flagged by the FAA as being nonsense)

> Degrees aren't free either. Most developers aren't working in aerospace and won't need the rigour.

"most" != all, literally my point. Also at what level does it kick in: OS developers? If they're using a licensed OS like QNX should all the QNX engineers need to be certified for avionics? How about linux?

> I'm not talking about OSS

So you're saying OSS shouldn't be used in commercial industry?

If you work on linux: that's used in medical hardware, so it seems like all contributors should have your new Certificate in Not Killing People.

But also, at what distance from killing people does this license cease being relevant? You worked on (say) a firewall product on some device, it fails to prevent some attack and the medical device kills someone.

Or the radio stack?

etc


> I assume no details on the error rate

A perfect example of why the title engineer needs to be earned. This is a baseless assumption given that literally anything could go wrong. Sensors could become damaged, circuits broken, etc.. It is our job to plan for edge cases.

> But also, at what distance from killing people does this license cease being relevant?

The last link in the chain: The engineers who put their stamp of approval on the system being shipped to consumers (aka Boeing employees). If you're willing to risk human life on the fact the Linux kernel is acceptable for this task, then you should damn well be able to risk your job title.

If Linux isn't up to the task then why is it being used?


> Sensors could become damaged, circuits broken, etc.. It is our job to plan for edge cases.

Not those edge cases. They have nothing to do with the core competencies of a software engineer and should be offloaded to someone who is competent. Do architects plan for edge cases where the steel beams were actually made of wood?


If the inputs to your system are wrong or nonsensical, you should fail fast.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: