Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!dali.cs.montana.edu!uakari.primate.wisc.edu!sdd.hp.com!wuarchive!uunet!mcsun!ukc!edcastle!hwcs!styri
From: styri@cs.hw.ac.uk (Yu No Hoo)
Newsgroups: comp.software-eng
Subject: Re: Provocative statement
Message-ID: <2905@odin.cs.hw.ac.uk>
Date: 7 May 91 11:06:26 GMT
References: <jls.672700118@rutabaga> <1991May3.195844.25823@dg-rtp.dg.com> <34081@mimsy.umd.edu>
Sender: news@cs.hw.ac.uk
Organization: Computer Science, Heriot-Watt U., Scotland
Lines: 26

In article <1991May3.195844.25823@dg-rtp.dg.com> cole@farmhand.rtp.dg.com
(Bill Cole) writes:
>>Jim Showalter writes:
>>  >If the bridge designer wants to have  a  greater  security  factor,
>>  >(s)he  can specify a little thicker steel and cables than suggested
>>  >by standard calculations.  The software designer cannot say:  "This
>>  >system  has  to be really safe and secure, so let's put in 30% more
>>  >code!"
>> 
>> I disagree strongly with this.  It has been my  experience  that  the
>> systems  that  are engineered from the outset to have excellent error
>> detection  and   correction   mechanisms   are   quite   robust   and
>> fault-tolerant.  Often, the amount of error code that is involved CAN
>> be about 30% of the total.

I guess we're about to mix up "design" and "implementation" here. Robust
code is usually a result of the design. The bridge design analogy of adding
more lines of code (eg. of the error checking kind) would probably be to
add more wires and beams (just in case...) based on "gut feeling" more or
less. The resulting bridge may develop a failure due to excessive weight.

----------------------
Haakon Styri
Dept. of Comp. Sci.              ARPA: styri@cs.hw.ac.uk
Heriot-Watt University          X-400: C=gb;PRMD=uk.ac;O=hw;OU=cs;S=styri
Edinburgh, Scotland