|
|
Thread Tools | Display Modes |
#91
|
|||
|
|||
MSNBC (JimO) Scoops more Inside-NASA Shuttle Documents
I agree. But if given the choice of launching with software that has
gone through many simulations versus software that has gone through many simulations *and* several flights, I know what I'd choose. However, if you read some of the available articles on the Shuttle's avionics, you'll find that a lot, if not most of the bugs are found in simulation runs. And it's pretty clear why that must be the case: the hundred-odd flights so far have excercised only the nominal ascent/descent code plus a very small part of the rest (e.g., on that one ATO). All the TAL and RTLS code has only ever executed in simulation. The last bug I can remember being mentioned that actually hit live was for (IIRC) the Mir rendezvous, when an interative routine was numerically unstable and didn't converge properly to the LSB. Jan |
#92
|
|||
|
|||
MSNBC (JimO) Scoops more Inside-NASA Shuttle Documents
From Jan Vorbrüggen:
I agree. But if given the choice of launching with software that has gone through many simulations versus software that has gone through many simulations *and* several flights, I know what I'd choose. However, if you read some of the available articles on the Shuttle's avionics, you'll find that a lot, if not most of the bugs are found in simulation runs. And it's pretty clear why that must be the case: the hundred-odd flights so far have excercised only the nominal ascent/descent code plus a very small part of the rest (e.g., on that one ATO). All the TAL and RTLS code has only ever executed in simulation. The last bug I can remember being mentioned that actually hit live was for (IIRC) the Mir rendezvous, when an interative routine was numerically unstable and didn't converge properly to the LSB. I don't disagree with anything you've stated here. All excellent points. I see both sides of this to have been thoroughly presented. I won't have anything else to add here unless new info comes to light. ~ CT |
#93
|
|||
|
|||
MSNBC (JimO) Scoops more Inside-NASA Shuttle Documents
"Stuf4" wrote in message om... From Jeff Findley: snip I'm sure NASA wouldn't release a new version of the shuttle flight software without many simulations involving actual astronauts at the controls of the simulators. I agree. But if given the choice of launching with software that has gone through many simulations versus software that has gone through many simulations *and* several flights, I know what I'd choose. Even if the software that has gone through many simulations and several flights has been found to be buggy? As I recall one of the bugs found in shuttle software was that they had assumed some item (I think one of the antennas (K-Band?)) could rotate from 0-360 degrees, not 0-359. Given their paradigm, they then went through all the code looking for other places where such code might be found (i.e. code related to the rotation of an object). They found it, in the arm. And they discovered that if the arm had been rotated from 0-360 degrees, this would cause a problem that would lock the arm. Meaning the arm would have to be jetisoned. So, imagine you're on RTF with the buggy code and it comes time to inspect the bottom of the shuttle with the arm and boom extension. Just as your camera is looking at that suspicious patch near the left rearwell, the arm locks and you can't move it. You can't get closer, and you can't get away. So, now you may or may not have damage and your one method or repairing it is now broken. But at least you flew the same software as before. Conservatism has its points. This isn't one of them. Now, one might argue that the RTF is not the time for NEW features, but again, that might be wrong. What if the new load has features that help flight a better AOA. So, do you risk that safety gain against a bug that might have been missed in simulation? You can't make across the board declarations here. As I recall, shuttle software development was one of the few things praised by the Roger's Commission. (Which is somewhat ironic when you think about it since generally software development in most places is far less disciplined than almost any other activity.) ~ CT |
#94
|
|||
|
|||
MSNBC (JimO) Scoops more Inside-NASA Shuttle Documents
"Stuf4" wrote in message om... I see both sides of this to have been thoroughly presented. I won't have anything else to add here unless new info comes to light. There's a couple of articles on the web regarding the development of shuttle code. I don't think the original ACM papers are available, but I know some others are. The number of bugs "released" by the shuttle development team I believe numbers in the 10s, possibly 100 or so. It's an amazing process. ~ CT |
#95
|
|||
|
|||
MSNBC (JimO) Scoops more Inside-NASA Shuttle Documents
From Greg Moo
"Stuf4" wrote From Jeff Findley: snip I'm sure NASA wouldn't release a new version of the shuttle flight software without many simulations involving actual astronauts at the controls of the simulators. I agree. But if given the choice of launching with software that has gone through many simulations versus software that has gone through many simulations *and* several flights, I know what I'd choose. Even if the software that has gone through many simulations and several flights has been found to be buggy? As I recall one of the bugs found in shuttle software was that they had assumed some item (I think one of the antennas (K-Band?)) could rotate from 0-360 degrees, not 0-359. Given their paradigm, they then went through all the code looking for other places where such code might be found (i.e. code related to the rotation of an object). They found it, in the arm. And they discovered that if the arm had been rotated from 0-360 degrees, this would cause a problem that would lock the arm. Meaning the arm would have to be jetisoned. So, imagine you're on RTF with the buggy code and it comes time to inspect the bottom of the shuttle with the arm and boom extension. Just as your camera is looking at that suspicious patch near the left rearwell, the arm locks and you can't move it. You can't get closer, and you can't get away. So, now you may or may not have damage and your one method or repairing it is now broken. But at least you flew the same software as before. Conservatism has its points. This isn't one of them. You are citing excellent reasons to do a patch. NASA is doing a full rev. Now, one might argue that the RTF is not the time for NEW features, but again, that might be wrong. What if the new load has features that help flight a better AOA. So, do you risk that safety gain against a bug that might have been missed in simulation? You can't make across the board declarations here. Early on, I acknowledged the potential advantages for doing a rev. I wasn't making an across the board declaration. As I recall, shuttle software development was one of the few things praised by the Roger's Commission. (Which is somewhat ironic when you think about it since generally software development in most places is far less disciplined than almost any other activity.) And we can imagine what a *third* board might have to say about shuttle software if this happens to cause an incident on -114. No new info here from my end. I'm just clarifying what has already been stated. ~ CT |
#96
|
|||
|
|||
MSNBC (JimO) Scoops more Inside-NASA Shuttle Documents
"rk" wrote in message ... Greg D. Moore (Strider) wrote: As I recall, shuttle software development was one of the few things praised by the Roger's Commission. (Which is somewhat ironic when you think about it since generally software development in most places is far less disciplined than almost any other activity.) Is this what you are thinking of, from Feynman's Appendix F? That would be it. I thought there was also commentary within the report itself saying similiar stuff. -- rk, "Good judgment is usually the result of experience. And experience is frequently the result of bad judgment. But to learn from the experience of others requires those who have the experience to share the knowledge with those who follow." Barry LePatner, quoted in To Engineer is Human: The Role of Failure in Successful Design |
#97
|
|||
|
|||
MSNBC (JimO) Scoops more Inside-NASA Shuttle Documents
"Greg D. Moore (Strider)" wrote:
"rk" wrote: Greg D. Moore (Strider) wrote: As I recall, shuttle software development was one of the few things praised by the Roger's Commission. (Which is somewhat ironic when you think about it since generally software development in most places is far less disciplined than almost any other activity.) Is this what you are thinking of, from Feynman's Appendix F? That would be it. I thought there was also commentary within the report itself saying similiar stuff. There is a five page (IIRC) Flight Software Executive **Summary** in the Roger's report. It is in Volume II, Appendix J. It was not reproduced. See title and link below. "APPENDIX E. EXECUTIVE SUMMARY OF FLIGHT SOFTWARE REVIEW BRIEFING TO THE PRESIDENTIAL COMMISSION. (Not Reproduced)." http://history.nasa.gov/rogersrep/v2appj.htm The astronauts give some illuminating insight into flight software in their testimony in the the section below. http://history.nasa.gov/rogersrep/v5part5.htm -- Daniel http://www.challengerdisaster.info Mount Charleston, not Charleston, SC |
#98
|
|||
|
|||
Barbara Morgan in 2004!!!!
Barbara Morgan on NBC tonight. She still want's to go, even after an accident and a disaster. The big difference between then and now, she knows what buttons to push now, instead of what buttons not to push. Barbara Morgan in 2004!!!! Craig Fink |
#99
|
|||
|
|||
Barbara Morgan in 2004!!!!
Barbara Morgan on NBC tonight. She still want's to go, even after an accident and a disaster. The big difference between then and now, she knows what buttons to push, instead of what buttons not to push. Barbara Morgan in 2004!!!! Craig Fink |
#100
|
|||
|
|||
Barbara Morgan in 2004!!!!
Craig Fink wrote in
link.net: Barbara Morgan on NBC tonight. She still want's to go, even after an accident and a disaster. The big difference between then and now, she knows what buttons to push now, instead of what buttons not to push. Barbara Morgan in 2004!!!! Not going to happen in 2004. Barbara's still on 118. The new 114 crewmembers have been named, and Barbara isn't one of them. -- JRF Reply-to address spam-proofed - to reply by E-mail, check "Organization" (I am not assimilated) and think one step ahead of IBM. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Unofficial Space Shuttle Launch Guide | Steven S. Pietrobon | Space Shuttle | 0 | April 2nd 04 12:01 AM |
Unofficial Space Shuttle Launch Guide | Steven S. Pietrobon | Space Shuttle | 0 | February 2nd 04 03:33 AM |
MSNBC (JimO) Scoops more Inside-NASA Shuttle Documents | James Oberg | Space Shuttle | 106 | October 24th 03 04:45 AM |
Unofficial Space Shuttle Launch Guide | Steven S. Pietrobon | Space Shuttle | 0 | September 12th 03 01:37 AM |
NASA: Gases Breached Wing of Shuttle Atlantis in 2000 | Rusty Barton | Space Shuttle | 2 | July 10th 03 01:27 AM |