In following Wirt's obsevation of space craft quality software, there was a
similar post I made about 10 months ago regarding JPL and "VGER".
http://raven.utc.edu/cgi-bin/WA.EXE?A2=ind0204B&L=hp3000-l&P=R11057
Eric Sand
[log in to unmask]
The following is from today's NY Times. You'll have no trouble in
recognizing
that there's a great deal in the article that is reminiscent of MPE and of
the care and quality that went into its construction.
Wirt Atmar
=======================================
Computers Driving Shuttle Are to Be Included in Inquiry
By STEVE LOHR
Columbia's onboard computer hardware and software -- not the crew -- were
driving when the craft made its fatal re-entry last Saturday.
Those computer systems, state-of-the-art designs when the shuttle program
began in the 1970's, detected a drag under Columbia's left wing and ordered
flight-control jets to compensate by steering the craft to the right. Their
performance will be investigated as part of the inquiry into why Columbia
was
destroyed, NASA officials say.
The computers act as the electronic brain of the flight control system.
Computer avionics experts say the shuttle program's hardware and software
systems, despite their age, have a record of extraordinary reliability. The
technology, they say, is a triumph of custom machines and programming code
that has been designed and endlessly tested to perform flawlessly in the
harsh conditions of space travel.
For this specialized task, they say, mature computers and code are robust
and
trustworthy instead of an antiquated safety hazard.
"These systems are older, but they are highly reliable," said Norman F.
Schneidewind, a computer scientist at the Naval Postgraduate School, who has
worked with NASA. "The design, testing and work processes are focused on
making sure the technology works, all the time."
In the last year or so, NASA did consider the option of using new avionics
computers, according to people close to the space administration. Finding
replacement components for the old machines has been a headache for NASA,
and
eventually the shuttles may switch. But there were other budget priorities
for the administration, say these insiders, who add that safety was not the
reason new computer systems were being considered.
Besides, there are real risks to moving to newer computer systems, the
experts point out. The main one is altering the complex interaction between
the hardware and software, which can introduce bugs. And software bugs can
have catastrophic consequences in space.
In 1996, for example, the European Space Agency's Ariane 5 rocket, which
took
$7 billion and 10 years to build, exploded less than a minute into its
maiden
voyage because of a software bug. An investigation found that some new code
had been added from the Ariane 4, and it had not been properly tested.
As for the shuttle's systems, I.B.M. began development work on them in 1972,
nine years before the first spacecraft was launched. The company chose the
best and most appropriate pieces of technology from its various products and
its research laboratories, and came up with a hybrid machine, the I.B.M.
AP-101.
Over the years, shuttle scientists have installed improvements to the
AP-101,
like solid-state electronics for its memory instead of magnetic disks. Yet
the basic design of the five onboard AP-101 computers -- black cubes about
18
inches on a side --remains the same.
The programming language used for these unusual machines is similarly
tailored for its task. It is called HAL/S (high-order assembly
language/shuttle), and was specially developed for space-flight applications
like instantaneous handling of streams of data from shuttle sensors.
The AP-101 computers process data at a tiny fraction of the rate of today's
personal computers. Yet today's computers need a lot of processing firepower
because they routinely handle big graphics, as well as audio and video
files.
All of that is important for people playing computer games or downloading
music over the Internet but not relevant to the shuttle's performance.
The flight-control system on a shuttle craft is designed mainly to process
sequence after sequence of numeric data. The data come from sensors on the
guidance system, accelerometers measuring acceleration and gyros measuring
the rotation of the craft.
The onboard computers, experts say, are designed to process those chunks of
numeric data at the rate of perhaps 1,000 times a second.
"That data coming out of the gyros and accelerometers is not going to come
out faster," said Col. John Keesee, an Air Force aeronautical engineer and a
senior lecturer at the Massachusetts Institute of Technology. "The guidance
functions are not pushing you to faster processors."
The shuttle's software team is famed in the industry for the flawless
quality
of its programming code. It is one of a handful of projects in the world to
receive a Level 5 rating from Carnegie Mellon University's Software
Engineering Institute for the reliability of its code and the rigor of its
testing processes. The guidance system program has more than 400,000 lines
of
code; recent versions have had less than one error — and none that degraded
the performance of the program, let alone raised safety concerns.
The working environment of the coders who build the shuttle programs is
orderly and regimented — a world apart from that of young hackers, staying
up
all night to ship new products every few months.
"They have a system of process improvements, design reviews and testing
procedures that almost no one else does," said Mr. Schneidewind, a software
engineering expert, of the shuttle coders.
======================================
* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
|
