cs205: engineering software?
20 September 2010

CS205 Notes 38 (27 November 2006)

Schedule Update

Ariane 5

Excerpts from Ariane 501 Inquiry Board Report:
Based on the extensive documentation and data on the Ariane 501 failure made available to the Board, the following chain of events, their inter-relations and causes have been established, starting with the destruction of the launcher and tracing back in time towards the primary cause. The SRI internal events that led to the failure have been reproduced by simulation calculations. Furthermore, both SRIs were recovered during the Board's investigation and the failure context was precisely determined from memory readouts. In addition, the Board has examined the software code which was shown to be consistent with the failure scenario. ... Therefore, it is established beyond reasonable doubt that the chain of events set out above reflects the technical causes of the failure of Ariane 501.
What recommendations would you make to the Ariane software developers?

What general lessons about dependable software development should we learn from the Ariane 5 failure?

What should critical systems do with exceptions?

Design by Contract: The Lessons of Ariane, Jean-Marc Jezequel and Bertrand Meyer.
Ken Garlington's Critique