Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!swrinde!cs.utexas.edu!sun-barr!newstop!grapevine!male!jethro!exodus!appserv!sun!amdcad!dgcad!dg-rtp!farmhand!cole From: cole@farmhand.rtp.dg.com (Bill Cole) Newsgroups: comp.software-eng Subject: Re: Provocative statement Message-ID: <1991May3.195844.25823@dg-rtp.dg.com> Date: 3 May 91 19:58:44 GMT References: <9776@castle.ed.ac.uk> <1991Apr25.133216.20855@jyu.fi> Sender: cole@farmhand (Bill Cole) Organization: Data General Corporation, Research Triangle Park, NC Lines: 28 Jim Showalter writes: |> >If the bridge designer wants to have a greater security factor, |> >(s)he can specify a little thicker steel and cables than suggested |> >by standard calculations. The software designer cannot say: |> >"This system has to be really safe and secure, so let's put in |> >30% more code!" |> |> I disagree strongly with this. It has been my experience that the |> systems that are engineered from the outset to have excellent |> error detection and correction mechanisms are quite robust and |> fault-tolerant. Often, the amount of error code that is involved |> CAN be about 30% of the total. |> |> Paradoxically, it has also been my experience that these safety- |> engineered systems are engineered well throughout, and so tend |> not to NEED the error checking that was added. On the other hand, |> systems that are written without much error checking seem to be |> infected with an overall attitude of slovenliness, and so are the |> ones most prone to failure. Yup, I believe you're correct, Jim. The issue here is why isn't more software engineered to these standards? Could it be that we, as a group, get bored with the end-game and finish the product as quickly as possible? Do we have enough time/resources to do it right in the first place? Are we so certain that specific circumstances can't happen that we never account for them in our code? /Bill I'm glad to see that there are people older than me out there.