wouter van ooijen wrote:

>> How Mars Global Surveyor was lost:
>> 
>> http://planetary.org/news/2007/0413_Human_and_Spacecraft_Error
>> s_Together.html
>> 
>> in light of the recent postings on how to create bug-free software, I 
>> thought this might be of interest.
> 
> The bold text that starts the article is IMHO misleading: "resulted from
> mistakes made by both the human operators and the spacecraft's onboard
> fault protection software." The rest of the text does not mention any
> error in the on-board software, only errouneous parameters upload from
> earth. Pure human operator errors.

Well, in the end all errors are human, aren't they? If a device fails, it's
the designer's error... :)

But I got the feeling that the real problem was with the parameter upload
software. They say about this process:

"When the identical and correct HGA parameters were uploaded to the
spacecraft, the operations team incorrectly specified the location for the
new parameter in the computer's memory.  Because the wrong memory location
was specified, the new parameter was written over the end of one and the
beginning of a second parameter being stored in onboard memory, corrupting
both parameters."

I think that the software used to upload a parameter to such an expensive
device should have a bit more safety built in, so that it is /really/
difficult to write to a wrong location. An operator should not have to
enter any addresses manually at all. This is considered bad design on
devices that cost $200...  

Gerhard

-- 
http://www.piclist.com PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist